Django REST framework

Package Instance

Lookup for vulnerable packages by Package URL.

Purlpkg:deb/debian/firefox@0?distro=sid
Typedeb
Namespacedebian
Namefirefox
Version0
Qualifiers
distro sid
Subpath
Is_vulnerablefalse
Next_non_vulnerable_version1.5
Latest_non_vulnerable_version149.0.2-1
Affected_by_vulnerabilities
Fixing_vulnerabilities
0
url VCID-15mn-5hnv-w7f4
vulnerability_id VCID-15mn-5hnv-w7f4
summary The Firefox content processes did not sufficiently lockdown access control which could result in a sandbox escape.*Note: this issue only affects Firefox on Windows operating systems.*
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-12389.json
reference_id
reference_type
scores
0
value 10.0
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-12389.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2020-12389
reference_id
reference_type
scores
0
value 0.00554
scoring_system epss
scoring_elements 0.68109
published_at 2026-04-21T12:55:00Z
1
value 0.00554
scoring_system epss
scoring_elements 0.68077
published_at 2026-04-13T12:55:00Z
2
value 0.00554
scoring_system epss
scoring_elements 0.68114
published_at 2026-04-16T12:55:00Z
3
value 0.00554
scoring_system epss
scoring_elements 0.68126
published_at 2026-04-18T12:55:00Z
4
value 0.00554
scoring_system epss
scoring_elements 0.68014
published_at 2026-04-01T12:55:00Z
5
value 0.00554
scoring_system epss
scoring_elements 0.68035
published_at 2026-04-02T12:55:00Z
6
value 0.00554
scoring_system epss
scoring_elements 0.68055
published_at 2026-04-04T12:55:00Z
7
value 0.00554
scoring_system epss
scoring_elements 0.68033
published_at 2026-04-07T12:55:00Z
8
value 0.00554
scoring_system epss
scoring_elements 0.68085
published_at 2026-04-08T12:55:00Z
9
value 0.00554
scoring_system epss
scoring_elements 0.68099
published_at 2026-04-09T12:55:00Z
10
value 0.00554
scoring_system epss
scoring_elements 0.68124
published_at 2026-04-11T12:55:00Z
11
value 0.00554
scoring_system epss
scoring_elements 0.68111
published_at 2026-04-12T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2020-12389
2
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
3
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1831945
reference_id 1831945
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1831945
4
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2020-16
reference_id mfsa2020-16
reference_type
scores
0
value critical
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2020-16
5
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2020-17
reference_id mfsa2020-17
reference_type
scores
0
value critical
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2020-17
fixed_packages
0
url pkg:deb/debian/firefox@150.0-1?distro=sid
purl pkg:deb/debian/firefox@150.0-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@150.0-1%3Fdistro=sid
1
url pkg:deb/debian/firefox@0?distro=sid
purl pkg:deb/debian/firefox@0?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@0%3Fdistro=sid
2
url pkg:deb/debian/firefox@149.0-1?distro=sid
purl pkg:deb/debian/firefox@149.0-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0-1%3Fdistro=sid
3
url pkg:deb/debian/firefox@149.0.2-1?distro=sid
purl pkg:deb/debian/firefox@149.0.2-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0.2-1%3Fdistro=sid
aliases CVE-2020-12389
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-15mn-5hnv-w7f4
1
url VCID-184j-aaaw-pbed
vulnerability_id VCID-184j-aaaw-pbed
summary If a domain name contained a RTL character, it would cause the domain to be rendered to the right of the path. This could lead to user confusion and spoofing attacks. *This bug only affects Firefox for Android. Other operating systems are unaffected.**Note*: Due to a clerical error this advisory was not included in the original announcement, and was added in February 2022.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2021-4221
reference_id
reference_type
scores
0
value 0.00182
scoring_system epss
scoring_elements 0.39897
published_at 2026-04-21T12:55:00Z
1
value 0.00182
scoring_system epss
scoring_elements 0.3984
published_at 2026-04-01T12:55:00Z
2
value 0.00182
scoring_system epss
scoring_elements 0.39986
published_at 2026-04-02T12:55:00Z
3
value 0.00182
scoring_system epss
scoring_elements 0.40011
published_at 2026-04-11T12:55:00Z
4
value 0.00182
scoring_system epss
scoring_elements 0.39975
published_at 2026-04-12T12:55:00Z
5
value 0.00182
scoring_system epss
scoring_elements 0.39956
published_at 2026-04-13T12:55:00Z
6
value 0.00182
scoring_system epss
scoring_elements 0.40006
published_at 2026-04-16T12:55:00Z
7
value 0.00182
scoring_system epss
scoring_elements 0.39977
published_at 2026-04-18T12:55:00Z
8
value 0.00182
scoring_system epss
scoring_elements 0.40014
published_at 2026-04-04T12:55:00Z
9
value 0.00182
scoring_system epss
scoring_elements 0.39934
published_at 2026-04-07T12:55:00Z
10
value 0.00182
scoring_system epss
scoring_elements 0.39988
published_at 2026-04-08T12:55:00Z
11
value 0.00182
scoring_system epss
scoring_elements 0.40001
published_at 2026-04-09T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2021-4221
1
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2021-38
reference_id mfsa2021-38
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2021-38
2
reference_url https://www.mozilla.org/security/advisories/mfsa2021-38/
reference_id mfsa2021-38
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-16T15:48:58Z/
url https://www.mozilla.org/security/advisories/mfsa2021-38/
3
reference_url https://bugzilla.mozilla.org/show_bug.cgi?id=1704422
reference_id show_bug.cgi?id=1704422
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-16T15:48:58Z/
url https://bugzilla.mozilla.org/show_bug.cgi?id=1704422
fixed_packages
0
url pkg:deb/debian/firefox@150.0-1?distro=sid
purl pkg:deb/debian/firefox@150.0-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@150.0-1%3Fdistro=sid
1
url pkg:deb/debian/firefox@0?distro=sid
purl pkg:deb/debian/firefox@0?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@0%3Fdistro=sid
2
url pkg:deb/debian/firefox@149.0-1?distro=sid
purl pkg:deb/debian/firefox@149.0-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0-1%3Fdistro=sid
3
url pkg:deb/debian/firefox@149.0.2-1?distro=sid
purl pkg:deb/debian/firefox@149.0.2-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0.2-1%3Fdistro=sid
aliases CVE-2021-4221
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-184j-aaaw-pbed
2
url VCID-1dkk-86db-s3ch
vulnerability_id VCID-1dkk-86db-s3ch
summary Multiple vulnerabilities have been discovered in Mozilla Thunderbird, the worst of which could lead to remote code execution.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-5168.json
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-5168.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2023-5168
reference_id
reference_type
scores
0
value 0.00256
scoring_system epss
scoring_elements 0.4902
published_at 2026-04-21T12:55:00Z
1
value 0.00256
scoring_system epss
scoring_elements 0.49052
published_at 2026-04-18T12:55:00Z
2
value 0.00256
scoring_system epss
scoring_elements 0.48984
published_at 2026-04-02T12:55:00Z
3
value 0.00256
scoring_system epss
scoring_elements 0.49011
published_at 2026-04-13T12:55:00Z
4
value 0.00256
scoring_system epss
scoring_elements 0.49019
published_at 2026-04-08T12:55:00Z
5
value 0.00256
scoring_system epss
scoring_elements 0.48965
published_at 2026-04-07T12:55:00Z
6
value 0.00256
scoring_system epss
scoring_elements 0.49056
published_at 2026-04-16T12:55:00Z
7
value 0.00256
scoring_system epss
scoring_elements 0.49005
published_at 2026-04-12T12:55:00Z
8
value 0.00256
scoring_system epss
scoring_elements 0.49032
published_at 2026-04-11T12:55:00Z
9
value 0.00256
scoring_system epss
scoring_elements 0.49015
published_at 2026-04-09T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2023-5168
2
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2240892
reference_id 2240892
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2240892
3
reference_url https://security.gentoo.org/glsa/202402-25
reference_id GLSA-202402-25
reference_type
scores
url https://security.gentoo.org/glsa/202402-25
4
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2023-41
reference_id mfsa2023-41
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2023-41
5
reference_url https://www.mozilla.org/security/advisories/mfsa2023-41/
reference_id mfsa2023-41
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-04-23T13:27:10Z/
url https://www.mozilla.org/security/advisories/mfsa2023-41/
6
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2023-42
reference_id mfsa2023-42
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2023-42
7
reference_url https://www.mozilla.org/security/advisories/mfsa2023-42/
reference_id mfsa2023-42
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-04-23T13:27:10Z/
url https://www.mozilla.org/security/advisories/mfsa2023-42/
8
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2023-43
reference_id mfsa2023-43
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2023-43
9
reference_url https://www.mozilla.org/security/advisories/mfsa2023-43/
reference_id mfsa2023-43
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-04-23T13:27:10Z/
url https://www.mozilla.org/security/advisories/mfsa2023-43/
10
reference_url https://bugzilla.mozilla.org/show_bug.cgi?id=1846683
reference_id show_bug.cgi?id=1846683
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-04-23T13:27:10Z/
url https://bugzilla.mozilla.org/show_bug.cgi?id=1846683
fixed_packages
0
url pkg:deb/debian/firefox@150.0-1?distro=sid
purl pkg:deb/debian/firefox@150.0-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@150.0-1%3Fdistro=sid
1
url pkg:deb/debian/firefox@0?distro=sid
purl pkg:deb/debian/firefox@0?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@0%3Fdistro=sid
2
url pkg:deb/debian/firefox@149.0-1?distro=sid
purl pkg:deb/debian/firefox@149.0-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0-1%3Fdistro=sid
3
url pkg:deb/debian/firefox@149.0.2-1?distro=sid
purl pkg:deb/debian/firefox@149.0.2-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0.2-1%3Fdistro=sid
aliases CVE-2023-5168
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-1dkk-86db-s3ch
3
url VCID-1fjz-wwfj-63fd
vulnerability_id VCID-1fjz-wwfj-63fd
summary A vulnerability existed in Thunderbird for Android where potentially sensitive library locations were logged via Logcat.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-4090.json
reference_id
reference_type
scores
0
value 3.3
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-4090.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2025-4090
reference_id
reference_type
scores
0
value 0.00282
scoring_system epss
scoring_elements 0.51599
published_at 2026-04-11T12:55:00Z
1
value 0.00282
scoring_system epss
scoring_elements 0.51504
published_at 2026-04-07T12:55:00Z
2
value 0.00282
scoring_system epss
scoring_elements 0.51558
published_at 2026-04-08T12:55:00Z
3
value 0.00282
scoring_system epss
scoring_elements 0.51555
published_at 2026-04-09T12:55:00Z
4
value 0.00282
scoring_system epss
scoring_elements 0.51578
published_at 2026-04-12T12:55:00Z
5
value 0.00282
scoring_system epss
scoring_elements 0.51517
published_at 2026-04-02T12:55:00Z
6
value 0.00282
scoring_system epss
scoring_elements 0.51595
published_at 2026-04-21T12:55:00Z
7
value 0.00282
scoring_system epss
scoring_elements 0.51616
published_at 2026-04-18T12:55:00Z
8
value 0.00282
scoring_system epss
scoring_elements 0.51608
published_at 2026-04-16T12:55:00Z
9
value 0.00282
scoring_system epss
scoring_elements 0.51567
published_at 2026-04-13T12:55:00Z
10
value 0.00282
scoring_system epss
scoring_elements 0.51544
published_at 2026-04-04T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2025-4090
2
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 3.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
3
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2362913
reference_id 2362913
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2362913
4
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2025-28
reference_id mfsa2025-28
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2025-28
5
reference_url https://www.mozilla.org/security/advisories/mfsa2025-28/
reference_id mfsa2025-28
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-09-23T14:45:46Z/
url https://www.mozilla.org/security/advisories/mfsa2025-28/
6
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2025-31
reference_id mfsa2025-31
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2025-31
7
reference_url https://www.mozilla.org/security/advisories/mfsa2025-31/
reference_id mfsa2025-31
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-09-23T14:45:46Z/
url https://www.mozilla.org/security/advisories/mfsa2025-31/
8
reference_url https://bugzilla.mozilla.org/show_bug.cgi?id=1929478
reference_id show_bug.cgi?id=1929478
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-09-23T14:45:46Z/
url https://bugzilla.mozilla.org/show_bug.cgi?id=1929478
fixed_packages
0
url pkg:deb/debian/firefox@150.0-1?distro=sid
purl pkg:deb/debian/firefox@150.0-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@150.0-1%3Fdistro=sid
1
url pkg:deb/debian/firefox@0?distro=sid
purl pkg:deb/debian/firefox@0?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@0%3Fdistro=sid
2
url pkg:deb/debian/firefox@149.0-1?distro=sid
purl pkg:deb/debian/firefox@149.0-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0-1%3Fdistro=sid
3
url pkg:deb/debian/firefox@149.0.2-1?distro=sid
purl pkg:deb/debian/firefox@149.0.2-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0.2-1%3Fdistro=sid
aliases CVE-2025-4090
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-1fjz-wwfj-63fd
4
url VCID-1kc3-8bh6-jbc7
vulnerability_id VCID-1kc3-8bh6-jbc7
summary Android intent URLs given to Firefox for Android can be used to navigate from HTTP or HTTPS URLs to local file: URLs, allowing for the reading of local data through a violation of same-origin policy. *Note: This attack only affects Firefox for Android. Other operating systems are not affected.*
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2017-7759
reference_id
reference_type
scores
0
value 0.00299
scoring_system epss
scoring_elements 0.53291
published_at 2026-04-21T12:55:00Z
1
value 0.00299
scoring_system epss
scoring_elements 0.53183
published_at 2026-04-01T12:55:00Z
2
value 0.00299
scoring_system epss
scoring_elements 0.53267
published_at 2026-04-13T12:55:00Z
3
value 0.00299
scoring_system epss
scoring_elements 0.53305
published_at 2026-04-16T12:55:00Z
4
value 0.00299
scoring_system epss
scoring_elements 0.53311
published_at 2026-04-18T12:55:00Z
5
value 0.00299
scoring_system epss
scoring_elements 0.53207
published_at 2026-04-02T12:55:00Z
6
value 0.00299
scoring_system epss
scoring_elements 0.53232
published_at 2026-04-04T12:55:00Z
7
value 0.00299
scoring_system epss
scoring_elements 0.53199
published_at 2026-04-07T12:55:00Z
8
value 0.00299
scoring_system epss
scoring_elements 0.53252
published_at 2026-04-08T12:55:00Z
9
value 0.00299
scoring_system epss
scoring_elements 0.53247
published_at 2026-04-09T12:55:00Z
10
value 0.00299
scoring_system epss
scoring_elements 0.53298
published_at 2026-04-11T12:55:00Z
11
value 0.00299
scoring_system epss
scoring_elements 0.53284
published_at 2026-04-12T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2017-7759
1
reference_url https://bugzilla.mozilla.org/show_bug.cgi?id=1356893
reference_id
reference_type
scores
url https://bugzilla.mozilla.org/show_bug.cgi?id=1356893
2
reference_url https://www.mozilla.org/security/advisories/mfsa2017-15/
reference_id
reference_type
scores
url https://www.mozilla.org/security/advisories/mfsa2017-15/
3
reference_url http://www.securityfocus.com/bid/99052
reference_id
reference_type
scores
url http://www.securityfocus.com/bid/99052
4
reference_url http://www.securitytracker.com/id/1038689
reference_id
reference_type
scores
url http://www.securitytracker.com/id/1038689
5
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*
reference_id cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*
6
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:google:android:-:*:*:*:*:*:*:*
reference_id cpe:2.3:o:google:android:-:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:google:android:-:*:*:*:*:*:*:*
7
reference_url https://nvd.nist.gov/vuln/detail/CVE-2017-7759
reference_id CVE-2017-7759
reference_type
scores
0
value 5.0
scoring_system cvssv2
scoring_elements AV:N/AC:L/Au:N/C:P/I:N/A:N
1
value 7.5
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
url https://nvd.nist.gov/vuln/detail/CVE-2017-7759
8
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2017-15
reference_id mfsa2017-15
reference_type
scores
0
value critical
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2017-15
fixed_packages
0
url pkg:deb/debian/firefox@150.0-1?distro=sid
purl pkg:deb/debian/firefox@150.0-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@150.0-1%3Fdistro=sid
1
url pkg:deb/debian/firefox@0?distro=sid
purl pkg:deb/debian/firefox@0?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@0%3Fdistro=sid
2
url pkg:deb/debian/firefox@149.0-1?distro=sid
purl pkg:deb/debian/firefox@149.0-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0-1%3Fdistro=sid
3
url pkg:deb/debian/firefox@149.0.2-1?distro=sid
purl pkg:deb/debian/firefox@149.0.2-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0.2-1%3Fdistro=sid
aliases CVE-2017-7759
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-1kc3-8bh6-jbc7
5
url VCID-1kfj-m46a-bkd9
vulnerability_id VCID-1kfj-m46a-bkd9
summary 
A malicious website that causes an HTTP Authentication dialog to be spawned could trick the built-in password manager to suggest passwords for the currently active website instead of the website that triggered the dialog.
*This bug only affects Firefox for Android. Other operating systems are unaffected.*
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2021-29965
reference_id
reference_type
scores
0
value 0.00304
scoring_system epss
scoring_elements 0.53688
published_at 2026-04-21T12:55:00Z
1
value 0.00304
scoring_system epss
scoring_elements 0.53578
published_at 2026-04-01T12:55:00Z
2
value 0.00304
scoring_system epss
scoring_elements 0.53701
published_at 2026-04-16T12:55:00Z
3
value 0.00304
scoring_system epss
scoring_elements 0.53705
published_at 2026-04-18T12:55:00Z
4
value 0.00304
scoring_system epss
scoring_elements 0.53601
published_at 2026-04-02T12:55:00Z
5
value 0.00304
scoring_system epss
scoring_elements 0.53629
published_at 2026-04-04T12:55:00Z
6
value 0.00304
scoring_system epss
scoring_elements 0.53599
published_at 2026-04-07T12:55:00Z
7
value 0.00304
scoring_system epss
scoring_elements 0.5365
published_at 2026-04-08T12:55:00Z
8
value 0.00304
scoring_system epss
scoring_elements 0.53648
published_at 2026-04-09T12:55:00Z
9
value 0.00304
scoring_system epss
scoring_elements 0.53697
published_at 2026-04-11T12:55:00Z
10
value 0.00304
scoring_system epss
scoring_elements 0.5368
published_at 2026-04-12T12:55:00Z
11
value 0.00304
scoring_system epss
scoring_elements 0.53663
published_at 2026-04-13T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2021-29965
1
reference_url https://security.archlinux.org/AVG-2019
reference_id AVG-2019
reference_type
scores
0
value High
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-2019
2
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2021-23
reference_id mfsa2021-23
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2021-23
fixed_packages
0
url pkg:deb/debian/firefox@150.0-1?distro=sid
purl pkg:deb/debian/firefox@150.0-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@150.0-1%3Fdistro=sid
1
url pkg:deb/debian/firefox@0?distro=sid
purl pkg:deb/debian/firefox@0?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@0%3Fdistro=sid
2
url pkg:deb/debian/firefox@149.0-1?distro=sid
purl pkg:deb/debian/firefox@149.0-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0-1%3Fdistro=sid
3
url pkg:deb/debian/firefox@149.0.2-1?distro=sid
purl pkg:deb/debian/firefox@149.0.2-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0.2-1%3Fdistro=sid
aliases CVE-2021-29965
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-1kfj-m46a-bkd9
6
url VCID-1r1r-3q6z-bbej
vulnerability_id VCID-1r1r-3q6z-bbej
summary The search term could have been specified externally to trigger SQL injection.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2022-1887
reference_id
reference_type
scores
0
value 0.00593
scoring_system epss
scoring_elements 0.6932
published_at 2026-04-18T12:55:00Z
1
value 0.00593
scoring_system epss
scoring_elements 0.69208
published_at 2026-04-01T12:55:00Z
2
value 0.00593
scoring_system epss
scoring_elements 0.69224
published_at 2026-04-02T12:55:00Z
3
value 0.00593
scoring_system epss
scoring_elements 0.69294
published_at 2026-04-09T12:55:00Z
4
value 0.00593
scoring_system epss
scoring_elements 0.69316
published_at 2026-04-11T12:55:00Z
5
value 0.00593
scoring_system epss
scoring_elements 0.693
published_at 2026-04-21T12:55:00Z
6
value 0.00593
scoring_system epss
scoring_elements 0.69272
published_at 2026-04-13T12:55:00Z
7
value 0.00593
scoring_system epss
scoring_elements 0.6931
published_at 2026-04-16T12:55:00Z
8
value 0.00593
scoring_system epss
scoring_elements 0.69245
published_at 2026-04-04T12:55:00Z
9
value 0.00593
scoring_system epss
scoring_elements 0.69227
published_at 2026-04-07T12:55:00Z
10
value 0.00593
scoring_system epss
scoring_elements 0.69276
published_at 2026-04-08T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2022-1887
1
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2022-23
reference_id mfsa2022-23
reference_type
scores
0
value none
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2022-23
2
reference_url https://www.mozilla.org/security/advisories/mfsa2022-23/
reference_id mfsa2022-23
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track*
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2025-04-16T15:13:57Z/
url https://www.mozilla.org/security/advisories/mfsa2022-23/
3
reference_url https://bugzilla.mozilla.org/show_bug.cgi?id=1767205
reference_id show_bug.cgi?id=1767205
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track*
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2025-04-16T15:13:57Z/
url https://bugzilla.mozilla.org/show_bug.cgi?id=1767205
fixed_packages
0
url pkg:deb/debian/firefox@150.0-1?distro=sid
purl pkg:deb/debian/firefox@150.0-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@150.0-1%3Fdistro=sid
1
url pkg:deb/debian/firefox@0?distro=sid
purl pkg:deb/debian/firefox@0?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@0%3Fdistro=sid
2
url pkg:deb/debian/firefox@149.0-1?distro=sid
purl pkg:deb/debian/firefox@149.0-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0-1%3Fdistro=sid
3
url pkg:deb/debian/firefox@149.0.2-1?distro=sid
purl pkg:deb/debian/firefox@149.0.2-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0.2-1%3Fdistro=sid
aliases CVE-2022-1887
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-1r1r-3q6z-bbej
7
url VCID-1w8j-w2rh-hqdf
vulnerability_id VCID-1w8j-w2rh-hqdf
summary 
Multiple vulnerabilities have been found in Mozilla Firefox and
    Thunderbird the worst of which could lead to the execution of arbitrary
    code.
references
0
reference_url http://lists.opensuse.org/opensuse-updates/2016-05/msg00038.html
reference_id
reference_type
scores
url http://lists.opensuse.org/opensuse-updates/2016-05/msg00038.html
1
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-2809.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-2809.json
2
reference_url https://api.first.org/data/v1/epss?cve=CVE-2016-2809
reference_id
reference_type
scores
0
value 0.0039
scoring_system epss
scoring_elements 0.60067
published_at 2026-04-21T12:55:00Z
1
value 0.0039
scoring_system epss
scoring_elements 0.59911
published_at 2026-04-01T12:55:00Z
2
value 0.0039
scoring_system epss
scoring_elements 0.60053
published_at 2026-04-12T12:55:00Z
3
value 0.0039
scoring_system epss
scoring_elements 0.60036
published_at 2026-04-13T12:55:00Z
4
value 0.0039
scoring_system epss
scoring_elements 0.60075
published_at 2026-04-16T12:55:00Z
5
value 0.0039
scoring_system epss
scoring_elements 0.60081
published_at 2026-04-18T12:55:00Z
6
value 0.0039
scoring_system epss
scoring_elements 0.59988
published_at 2026-04-02T12:55:00Z
7
value 0.0039
scoring_system epss
scoring_elements 0.60013
published_at 2026-04-04T12:55:00Z
8
value 0.0039
scoring_system epss
scoring_elements 0.59984
published_at 2026-04-07T12:55:00Z
9
value 0.0039
scoring_system epss
scoring_elements 0.60034
published_at 2026-04-08T12:55:00Z
10
value 0.0039
scoring_system epss
scoring_elements 0.60047
published_at 2026-04-09T12:55:00Z
11
value 0.0039
scoring_system epss
scoring_elements 0.60068
published_at 2026-04-11T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2016-2809
3
reference_url https://bugzilla.mozilla.org/show_bug.cgi?id=1212939
reference_id
reference_type
scores
url https://bugzilla.mozilla.org/show_bug.cgi?id=1212939
4
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 7
scoring_system cvssv2
scoring_elements AV:N/AC:M/Au:S/C:N/I:P/A:C
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
5
reference_url http://www.mozilla.org/security/announce/2016/mfsa2016-40.html
reference_id
reference_type
scores
url http://www.mozilla.org/security/announce/2016/mfsa2016-40.html
6
reference_url http://www.securitytracker.com/id/1035692
reference_id
reference_type
scores
url http://www.securitytracker.com/id/1035692
7
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1330272
reference_id 1330272
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1330272
8
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*
reference_id cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*
9
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*
reference_id cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*
10
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2809
reference_id CVE-2016-2809
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2809
11
reference_url https://nvd.nist.gov/vuln/detail/CVE-2016-2809
reference_id CVE-2016-2809
reference_type
scores
0
value 5.8
scoring_system cvssv2
scoring_elements AV:N/AC:M/Au:N/C:N/I:P/A:P
1
value 5.5
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N
url https://nvd.nist.gov/vuln/detail/CVE-2016-2809
12
reference_url https://security.gentoo.org/glsa/201701-15
reference_id GLSA-201701-15
reference_type
scores
url https://security.gentoo.org/glsa/201701-15
13
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2016-40
reference_id mfsa2016-40
reference_type
scores
0
value none
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2016-40
fixed_packages
0
url pkg:deb/debian/firefox@150.0-1?distro=sid
purl pkg:deb/debian/firefox@150.0-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@150.0-1%3Fdistro=sid
1
url pkg:deb/debian/firefox@0?distro=sid
purl pkg:deb/debian/firefox@0?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@0%3Fdistro=sid
2
url pkg:deb/debian/firefox@149.0-1?distro=sid
purl pkg:deb/debian/firefox@149.0-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0-1%3Fdistro=sid
3
url pkg:deb/debian/firefox@149.0.2-1?distro=sid
purl pkg:deb/debian/firefox@149.0.2-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0.2-1%3Fdistro=sid
aliases CVE-2016-2809
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-1w8j-w2rh-hqdf
8
url VCID-1xy1-1vks-1ugu
vulnerability_id VCID-1xy1-1vks-1ugu
summary A rogue webpage could override the injected WKUserScript used by the download feature, this exploit could result in the user downloading an unintended file.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2020-15662
reference_id
reference_type
scores
0
value 0.00186
scoring_system epss
scoring_elements 0.40276
published_at 2026-04-21T12:55:00Z
1
value 0.00186
scoring_system epss
scoring_elements 0.40303
published_at 2026-04-01T12:55:00Z
2
value 0.00186
scoring_system epss
scoring_elements 0.40367
published_at 2026-04-02T12:55:00Z
3
value 0.00186
scoring_system epss
scoring_elements 0.40394
published_at 2026-04-04T12:55:00Z
4
value 0.00186
scoring_system epss
scoring_elements 0.40319
published_at 2026-04-07T12:55:00Z
5
value 0.00186
scoring_system epss
scoring_elements 0.4037
published_at 2026-04-08T12:55:00Z
6
value 0.00186
scoring_system epss
scoring_elements 0.40382
published_at 2026-04-16T12:55:00Z
7
value 0.00186
scoring_system epss
scoring_elements 0.40393
published_at 2026-04-11T12:55:00Z
8
value 0.00186
scoring_system epss
scoring_elements 0.40356
published_at 2026-04-12T12:55:00Z
9
value 0.00186
scoring_system epss
scoring_elements 0.40336
published_at 2026-04-13T12:55:00Z
10
value 0.00186
scoring_system epss
scoring_elements 0.40352
published_at 2026-04-18T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2020-15662
1
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2020-34
reference_id mfsa2020-34
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2020-34
fixed_packages
0
url pkg:deb/debian/firefox@150.0-1?distro=sid
purl pkg:deb/debian/firefox@150.0-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@150.0-1%3Fdistro=sid
1
url pkg:deb/debian/firefox@0?distro=sid
purl pkg:deb/debian/firefox@0?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@0%3Fdistro=sid
2
url pkg:deb/debian/firefox@149.0-1?distro=sid
purl pkg:deb/debian/firefox@149.0-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0-1%3Fdistro=sid
3
url pkg:deb/debian/firefox@149.0.2-1?distro=sid
purl pkg:deb/debian/firefox@149.0.2-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0.2-1%3Fdistro=sid
aliases CVE-2020-15662
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-1xy1-1vks-1ugu
9
url VCID-24j1-4jbd-abft
vulnerability_id VCID-24j1-4jbd-abft
summary When recording the screen while in Private Browsing on Firefox for Android the address bar and keyboard were not hidden, potentially leaking sensitive information. *This bug only affects Firefox for Android. Other operating systems are unaffected.*
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2023-29546
reference_id
reference_type
scores
0
value 0.00333
scoring_system epss
scoring_elements 0.56218
published_at 2026-04-08T12:55:00Z
1
value 0.00333
scoring_system epss
scoring_elements 0.56166
published_at 2026-04-02T12:55:00Z
2
value 0.00333
scoring_system epss
scoring_elements 0.56193
published_at 2026-04-13T12:55:00Z
3
value 0.00333
scoring_system epss
scoring_elements 0.5621
published_at 2026-04-12T12:55:00Z
4
value 0.00333
scoring_system epss
scoring_elements 0.56234
published_at 2026-04-11T12:55:00Z
5
value 0.00333
scoring_system epss
scoring_elements 0.56224
published_at 2026-04-09T12:55:00Z
6
value 0.00333
scoring_system epss
scoring_elements 0.56187
published_at 2026-04-04T12:55:00Z
7
value 0.00333
scoring_system epss
scoring_elements 0.56167
published_at 2026-04-07T12:55:00Z
8
value 0.00356
scoring_system epss
scoring_elements 0.57874
published_at 2026-04-21T12:55:00Z
9
value 0.00356
scoring_system epss
scoring_elements 0.57897
published_at 2026-04-18T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2023-29546
1
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2023-13
reference_id mfsa2023-13
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2023-13
2
reference_url https://www.mozilla.org/security/advisories/mfsa2023-13/
reference_id mfsa2023-13
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-12-11T16:10:35Z/
url https://www.mozilla.org/security/advisories/mfsa2023-13/
3
reference_url https://bugzilla.mozilla.org/show_bug.cgi?id=1780842
reference_id show_bug.cgi?id=1780842
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-12-11T16:10:35Z/
url https://bugzilla.mozilla.org/show_bug.cgi?id=1780842
fixed_packages
0
url pkg:deb/debian/firefox@150.0-1?distro=sid
purl pkg:deb/debian/firefox@150.0-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@150.0-1%3Fdistro=sid
1
url pkg:deb/debian/firefox@0?distro=sid
purl pkg:deb/debian/firefox@0?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@0%3Fdistro=sid
2
url pkg:deb/debian/firefox@149.0-1?distro=sid
purl pkg:deb/debian/firefox@149.0-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0-1%3Fdistro=sid
3
url pkg:deb/debian/firefox@149.0.2-1?distro=sid
purl pkg:deb/debian/firefox@149.0.2-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0.2-1%3Fdistro=sid
aliases CVE-2023-29546
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-24j1-4jbd-abft
10
url VCID-28ad-d2hr-r3e7
vulnerability_id VCID-28ad-d2hr-r3e7
summary Accessing a non-secure HTTP site that uses a non-existent port may cause the SSL padlock icon in the location URL bar to, misleadingly, appear secure.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2024-53975
reference_id
reference_type
scores
0
value 0.00072
scoring_system epss
scoring_elements 0.21952
published_at 2026-04-21T12:55:00Z
1
value 0.00072
scoring_system epss
scoring_elements 0.22106
published_at 2026-04-11T12:55:00Z
2
value 0.00072
scoring_system epss
scoring_elements 0.22064
published_at 2026-04-12T12:55:00Z
3
value 0.00072
scoring_system epss
scoring_elements 0.22004
published_at 2026-04-13T12:55:00Z
4
value 0.00072
scoring_system epss
scoring_elements 0.22003
published_at 2026-04-16T12:55:00Z
5
value 0.00072
scoring_system epss
scoring_elements 0.21997
published_at 2026-04-18T12:55:00Z
6
value 0.00072
scoring_system epss
scoring_elements 0.22122
published_at 2026-04-02T12:55:00Z
7
value 0.00072
scoring_system epss
scoring_elements 0.22171
published_at 2026-04-04T12:55:00Z
8
value 0.00072
scoring_system epss
scoring_elements 0.21954
published_at 2026-04-07T12:55:00Z
9
value 0.00072
scoring_system epss
scoring_elements 0.22035
published_at 2026-04-08T12:55:00Z
10
value 0.00072
scoring_system epss
scoring_elements 0.2209
published_at 2026-04-09T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2024-53975
1
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2024-66
reference_id mfsa2024-66
reference_type
scores
0
value none
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2024-66
2
reference_url https://www.mozilla.org/security/advisories/mfsa2024-66/
reference_id mfsa2024-66
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:L
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-10-28T14:33:59Z/
url https://www.mozilla.org/security/advisories/mfsa2024-66/
3
reference_url https://bugzilla.mozilla.org/show_bug.cgi?id=1843467
reference_id show_bug.cgi?id=1843467
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:L
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-10-28T14:33:59Z/
url https://bugzilla.mozilla.org/show_bug.cgi?id=1843467
fixed_packages
0
url pkg:deb/debian/firefox@150.0-1?distro=sid
purl pkg:deb/debian/firefox@150.0-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@150.0-1%3Fdistro=sid
1
url pkg:deb/debian/firefox@0?distro=sid
purl pkg:deb/debian/firefox@0?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@0%3Fdistro=sid
2
url pkg:deb/debian/firefox@149.0-1?distro=sid
purl pkg:deb/debian/firefox@149.0-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0-1%3Fdistro=sid
3
url pkg:deb/debian/firefox@149.0.2-1?distro=sid
purl pkg:deb/debian/firefox@149.0.2-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0.2-1%3Fdistro=sid
aliases CVE-2024-53975
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-28ad-d2hr-r3e7
11
url VCID-2a5d-8cac-mkft
vulnerability_id VCID-2a5d-8cac-mkft
summary A newline in a filename could have been used to bypass the file extension security mechanisms that replace malicious file extensions such as .lnk with .download. This could have led to accidental execution of malicious code.*This bug only affects Firefox on Windows. Other versions of Firefox are unaffected.*
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-29542.json
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-29542.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2023-29542
reference_id
reference_type
scores
0
value 0.00107
scoring_system epss
scoring_elements 0.28885
published_at 2026-04-07T12:55:00Z
1
value 0.00107
scoring_system epss
scoring_elements 0.29026
published_at 2026-04-02T12:55:00Z
2
value 0.00107
scoring_system epss
scoring_elements 0.28999
published_at 2026-04-11T12:55:00Z
3
value 0.00107
scoring_system epss
scoring_elements 0.28995
published_at 2026-04-09T12:55:00Z
4
value 0.00107
scoring_system epss
scoring_elements 0.28953
published_at 2026-04-08T12:55:00Z
5
value 0.00107
scoring_system epss
scoring_elements 0.29076
published_at 2026-04-04T12:55:00Z
6
value 0.00126
scoring_system epss
scoring_elements 0.31898
published_at 2026-04-12T12:55:00Z
7
value 0.00126
scoring_system epss
scoring_elements 0.31864
published_at 2026-04-13T12:55:00Z
8
value 0.00134
scoring_system epss
scoring_elements 0.3315
published_at 2026-04-16T12:55:00Z
9
value 0.00134
scoring_system epss
scoring_elements 0.33127
published_at 2026-04-18T12:55:00Z
10
value 0.00134
scoring_system epss
scoring_elements 0.33089
published_at 2026-04-21T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2023-29542
2
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2186107
reference_id 2186107
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2186107
3
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2023-13
reference_id mfsa2023-13
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2023-13
4
reference_url https://www.mozilla.org/security/advisories/mfsa2023-13/
reference_id mfsa2023-13
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-12-11T15:45:52Z/
url https://www.mozilla.org/security/advisories/mfsa2023-13/
5
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2023-14
reference_id mfsa2023-14
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2023-14
6
reference_url https://www.mozilla.org/security/advisories/mfsa2023-14/
reference_id mfsa2023-14
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-12-11T15:45:52Z/
url https://www.mozilla.org/security/advisories/mfsa2023-14/
7
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2023-15
reference_id mfsa2023-15
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2023-15
8
reference_url https://www.mozilla.org/security/advisories/mfsa2023-15/
reference_id mfsa2023-15
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-12-11T15:45:52Z/
url https://www.mozilla.org/security/advisories/mfsa2023-15/
9
reference_url https://bugzilla.mozilla.org/show_bug.cgi?id=1810793
reference_id show_bug.cgi?id=1810793
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-12-11T15:45:52Z/
url https://bugzilla.mozilla.org/show_bug.cgi?id=1810793
10
reference_url https://bugzilla.mozilla.org/show_bug.cgi?id=1815062
reference_id show_bug.cgi?id=1815062
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-12-11T15:45:52Z/
url https://bugzilla.mozilla.org/show_bug.cgi?id=1815062
fixed_packages
0
url pkg:deb/debian/firefox@150.0-1?distro=sid
purl pkg:deb/debian/firefox@150.0-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@150.0-1%3Fdistro=sid
1
url pkg:deb/debian/firefox@0?distro=sid
purl pkg:deb/debian/firefox@0?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@0%3Fdistro=sid
2
url pkg:deb/debian/firefox@149.0-1?distro=sid
purl pkg:deb/debian/firefox@149.0-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0-1%3Fdistro=sid
3
url pkg:deb/debian/firefox@149.0.2-1?distro=sid
purl pkg:deb/debian/firefox@149.0.2-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0.2-1%3Fdistro=sid
aliases CVE-2023-29542
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-2a5d-8cac-mkft
12
url VCID-2bwb-r8fr-sua8
vulnerability_id VCID-2bwb-r8fr-sua8
summary Under certain conditions, an attacker with the ability to redirect users to a malicious site via an open redirect on a trusted site, may be able to spoof the address bar contents. This can lead to a malicious site to appear to have the same URL as the trusted site.*This bug only affects Firefox for Android. Other versions of Firefox are unaffected.*
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2024-8897
reference_id
reference_type
scores
0
value 0.11833
scoring_system epss
scoring_elements 0.9375
published_at 2026-04-21T12:55:00Z
1
value 0.11833
scoring_system epss
scoring_elements 0.93718
published_at 2026-04-09T12:55:00Z
2
value 0.11833
scoring_system epss
scoring_elements 0.93722
published_at 2026-04-12T12:55:00Z
3
value 0.11833
scoring_system epss
scoring_elements 0.93723
published_at 2026-04-13T12:55:00Z
4
value 0.11833
scoring_system epss
scoring_elements 0.9374
published_at 2026-04-16T12:55:00Z
5
value 0.11833
scoring_system epss
scoring_elements 0.93747
published_at 2026-04-18T12:55:00Z
6
value 0.11833
scoring_system epss
scoring_elements 0.93693
published_at 2026-04-02T12:55:00Z
7
value 0.11833
scoring_system epss
scoring_elements 0.93704
published_at 2026-04-04T12:55:00Z
8
value 0.11833
scoring_system epss
scoring_elements 0.93707
published_at 2026-04-07T12:55:00Z
9
value 0.11833
scoring_system epss
scoring_elements 0.93716
published_at 2026-04-08T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2024-8897
1
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2024-45
reference_id mfsa2024-45
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2024-45
2
reference_url https://www.mozilla.org/security/advisories/mfsa2024-45/
reference_id mfsa2024-45
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-17T18:16:14Z/
url https://www.mozilla.org/security/advisories/mfsa2024-45/
3
reference_url https://bugzilla.mozilla.org/show_bug.cgi?id=1862537
reference_id show_bug.cgi?id=1862537
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-17T18:16:14Z/
url https://bugzilla.mozilla.org/show_bug.cgi?id=1862537
fixed_packages
0
url pkg:deb/debian/firefox@150.0-1?distro=sid
purl pkg:deb/debian/firefox@150.0-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@150.0-1%3Fdistro=sid
1
url pkg:deb/debian/firefox@0?distro=sid
purl pkg:deb/debian/firefox@0?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@0%3Fdistro=sid
2
url pkg:deb/debian/firefox@149.0-1?distro=sid
purl pkg:deb/debian/firefox@149.0-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0-1%3Fdistro=sid
3
url pkg:deb/debian/firefox@149.0.2-1?distro=sid
purl pkg:deb/debian/firefox@149.0.2-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0.2-1%3Fdistro=sid
aliases CVE-2024-8897
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-2bwb-r8fr-sua8
13
url VCID-2c6t-jrux-37d9
vulnerability_id VCID-2c6t-jrux-37d9
summary Multiple unspecified vulnerabilities in Mozilla Firefox have unspecified vectors and impact, as claimed during ToorCon 2006. NOTE: the vendor and original researchers have released a follow-up comment disputing this issue, in which one researcher states that "I have no undisclosed Firefox vulnerabilities. The person who was speaking with me made this claim, and I honestly have no idea if he has them or not.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2006-5160.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2006-5160.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2006-5160
reference_id
reference_type
scores
0
value 0.00447
scoring_system epss
scoring_elements 0.6343
published_at 2026-04-01T12:55:00Z
1
value 0.00447
scoring_system epss
scoring_elements 0.6349
published_at 2026-04-02T12:55:00Z
2
value 0.00447
scoring_system epss
scoring_elements 0.63549
published_at 2026-04-09T12:55:00Z
3
value 0.00447
scoring_system epss
scoring_elements 0.63565
published_at 2026-04-11T12:55:00Z
4
value 0.00447
scoring_system epss
scoring_elements 0.6355
published_at 2026-04-12T12:55:00Z
5
value 0.00447
scoring_system epss
scoring_elements 0.63552
published_at 2026-04-16T12:55:00Z
6
value 0.00447
scoring_system epss
scoring_elements 0.6356
published_at 2026-04-18T12:55:00Z
7
value 0.00447
scoring_system epss
scoring_elements 0.63544
published_at 2026-04-21T12:55:00Z
8
value 0.00447
scoring_system epss
scoring_elements 0.63516
published_at 2026-04-13T12:55:00Z
9
value 0.00447
scoring_system epss
scoring_elements 0.6348
published_at 2026-04-07T12:55:00Z
10
value 0.00447
scoring_system epss
scoring_elements 0.63532
published_at 2026-04-08T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2006-5160
2
reference_url http://www.securityfocus.com/bid/20294
reference_id 20294
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-01-17T14:03:44Z/
url http://www.securityfocus.com/bid/20294
3
reference_url http://www.securitypronews.com/insiderreports/insider/spn-49-20061003FirefoxVulnerabilityClaimWasAJoke.html
reference_id spn-49-20061003FirefoxVulnerabilityClaimWasAJoke.html
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-01-17T14:03:44Z/
url http://www.securitypronews.com/insiderreports/insider/spn-49-20061003FirefoxVulnerabilityClaimWasAJoke.html
4
reference_url http://www.securityfocus.com/archive/1/447493/100/0/threaded
reference_id threaded
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-01-17T14:03:44Z/
url http://www.securityfocus.com/archive/1/447493/100/0/threaded
5
reference_url http://developer.mozilla.org/devnews/index.php/2006/10/02/update-possible-vulnerability-reported-at-toorcon/
reference_id update-possible-vulnerability-reported-at-toorcon
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-01-17T14:03:44Z/
url http://developer.mozilla.org/devnews/index.php/2006/10/02/update-possible-vulnerability-reported-at-toorcon/
fixed_packages
0
url pkg:deb/debian/firefox@150.0-1?distro=sid
purl pkg:deb/debian/firefox@150.0-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@150.0-1%3Fdistro=sid
1
url pkg:deb/debian/firefox@0?distro=sid
purl pkg:deb/debian/firefox@0?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@0%3Fdistro=sid
2
url pkg:deb/debian/firefox@149.0-1?distro=sid
purl pkg:deb/debian/firefox@149.0-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0-1%3Fdistro=sid
3
url pkg:deb/debian/firefox@149.0.2-1?distro=sid
purl pkg:deb/debian/firefox@149.0.2-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0.2-1%3Fdistro=sid
aliases CVE-2006-5160
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-2c6t-jrux-37d9
14
url VCID-2kcw-vt7h-1ya1
vulnerability_id VCID-2kcw-vt7h-1ya1
summary A hyperlink using protocols associated with Internet Explorer, such as IE.HTTP:, can be used to open local files at a known location with Internet Explorer if a user approves execution when prompted. *Note: this issue only occurs on Windows. Other operating systems are unaffected.*
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-11702.json
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-11702.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2019-11702
reference_id
reference_type
scores
0
value 0.00379
scoring_system epss
scoring_elements 0.59314
published_at 2026-04-01T12:55:00Z
1
value 0.00379
scoring_system epss
scoring_elements 0.59388
published_at 2026-04-02T12:55:00Z
2
value 0.00379
scoring_system epss
scoring_elements 0.59412
published_at 2026-04-04T12:55:00Z
3
value 0.00379
scoring_system epss
scoring_elements 0.59378
published_at 2026-04-07T12:55:00Z
4
value 0.00379
scoring_system epss
scoring_elements 0.59429
published_at 2026-04-08T12:55:00Z
5
value 0.00379
scoring_system epss
scoring_elements 0.59443
published_at 2026-04-09T12:55:00Z
6
value 0.00379
scoring_system epss
scoring_elements 0.59462
published_at 2026-04-11T12:55:00Z
7
value 0.00379
scoring_system epss
scoring_elements 0.59445
published_at 2026-04-12T12:55:00Z
8
value 0.00379
scoring_system epss
scoring_elements 0.59427
published_at 2026-04-13T12:55:00Z
9
value 0.00379
scoring_system epss
scoring_elements 0.59458
published_at 2026-04-16T12:55:00Z
10
value 0.00379
scoring_system epss
scoring_elements 0.59465
published_at 2026-04-18T12:55:00Z
11
value 0.00379
scoring_system epss
scoring_elements 0.59446
published_at 2026-04-21T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2019-11702
2
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1721805
reference_id 1721805
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1721805
3
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2019-16
reference_id mfsa2019-16
reference_type
scores
0
value none
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2019-16
fixed_packages
0
url pkg:deb/debian/firefox@150.0-1?distro=sid
purl pkg:deb/debian/firefox@150.0-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@150.0-1%3Fdistro=sid
1
url pkg:deb/debian/firefox@0?distro=sid
purl pkg:deb/debian/firefox@0?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@0%3Fdistro=sid
2
url pkg:deb/debian/firefox@149.0-1?distro=sid
purl pkg:deb/debian/firefox@149.0-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0-1%3Fdistro=sid
3
url pkg:deb/debian/firefox@149.0.2-1?distro=sid
purl pkg:deb/debian/firefox@149.0.2-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0.2-1%3Fdistro=sid
aliases CVE-2019-11702
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-2kcw-vt7h-1ya1
15
url VCID-2q2t-rh3t-5qgy
vulnerability_id VCID-2q2t-rh3t-5qgy
summary Multiple vulnerabilities have been discovered in Mozilla Firefox, the worst of which could result in arbitrary code execution.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2023-25748
reference_id
reference_type
scores
0
value 0.00168
scoring_system epss
scoring_elements 0.37913
published_at 2026-04-21T12:55:00Z
1
value 0.00168
scoring_system epss
scoring_elements 0.38028
published_at 2026-04-02T12:55:00Z
2
value 0.00168
scoring_system epss
scoring_elements 0.38011
published_at 2026-04-11T12:55:00Z
3
value 0.00168
scoring_system epss
scoring_elements 0.37974
published_at 2026-04-12T12:55:00Z
4
value 0.00168
scoring_system epss
scoring_elements 0.3795
published_at 2026-04-13T12:55:00Z
5
value 0.00168
scoring_system epss
scoring_elements 0.37995
published_at 2026-04-16T12:55:00Z
6
value 0.00168
scoring_system epss
scoring_elements 0.37975
published_at 2026-04-18T12:55:00Z
7
value 0.00168
scoring_system epss
scoring_elements 0.38054
published_at 2026-04-04T12:55:00Z
8
value 0.00168
scoring_system epss
scoring_elements 0.37933
published_at 2026-04-07T12:55:00Z
9
value 0.00168
scoring_system epss
scoring_elements 0.37983
published_at 2026-04-08T12:55:00Z
10
value 0.00168
scoring_system epss
scoring_elements 0.37994
published_at 2026-04-09T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2023-25748
1
reference_url https://security.gentoo.org/glsa/202305-35
reference_id GLSA-202305-35
reference_type
scores
url https://security.gentoo.org/glsa/202305-35
2
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2023-09
reference_id mfsa2023-09
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2023-09
3
reference_url https://www.mozilla.org/security/advisories/mfsa2023-09/
reference_id mfsa2023-09
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-09T18:58:12Z/
url https://www.mozilla.org/security/advisories/mfsa2023-09/
4
reference_url https://bugzilla.mozilla.org/show_bug.cgi?id=1798798
reference_id show_bug.cgi?id=1798798
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-09T18:58:12Z/
url https://bugzilla.mozilla.org/show_bug.cgi?id=1798798
fixed_packages
0
url pkg:deb/debian/firefox@150.0-1?distro=sid
purl pkg:deb/debian/firefox@150.0-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@150.0-1%3Fdistro=sid
1
url pkg:deb/debian/firefox@0?distro=sid
purl pkg:deb/debian/firefox@0?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@0%3Fdistro=sid
2
url pkg:deb/debian/firefox@149.0-1?distro=sid
purl pkg:deb/debian/firefox@149.0-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0-1%3Fdistro=sid
3
url pkg:deb/debian/firefox@149.0.2-1?distro=sid
purl pkg:deb/debian/firefox@149.0.2-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0.2-1%3Fdistro=sid
aliases CVE-2023-25748
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-2q2t-rh3t-5qgy
16
url VCID-2vdu-1jvt-5uf3
vulnerability_id VCID-2vdu-1jvt-5uf3
summary Lack of escaping allowed HTML injection when a webpage was viewed in Reader View. While a Content Security Policy prevents direct code execution, HTML injection is still possible.*Note: This issue only affected Firefox for Android. Other operating systems are unaffected.*
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2021-29944
reference_id
reference_type
scores
0
value 0.00377
scoring_system epss
scoring_elements 0.59334
published_at 2026-04-21T12:55:00Z
1
value 0.00377
scoring_system epss
scoring_elements 0.59204
published_at 2026-04-01T12:55:00Z
2
value 0.00377
scoring_system epss
scoring_elements 0.59347
published_at 2026-04-16T12:55:00Z
3
value 0.00377
scoring_system epss
scoring_elements 0.59353
published_at 2026-04-18T12:55:00Z
4
value 0.00377
scoring_system epss
scoring_elements 0.59278
published_at 2026-04-02T12:55:00Z
5
value 0.00377
scoring_system epss
scoring_elements 0.59301
published_at 2026-04-04T12:55:00Z
6
value 0.00377
scoring_system epss
scoring_elements 0.59265
published_at 2026-04-07T12:55:00Z
7
value 0.00377
scoring_system epss
scoring_elements 0.59316
published_at 2026-04-08T12:55:00Z
8
value 0.00377
scoring_system epss
scoring_elements 0.59329
published_at 2026-04-09T12:55:00Z
9
value 0.00377
scoring_system epss
scoring_elements 0.59348
published_at 2026-04-11T12:55:00Z
10
value 0.00377
scoring_system epss
scoring_elements 0.59331
published_at 2026-04-12T12:55:00Z
11
value 0.00377
scoring_system epss
scoring_elements 0.59314
published_at 2026-04-13T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2021-29944
1
reference_url https://security.archlinux.org/AVG-1835
reference_id AVG-1835
reference_type
scores
0
value Medium
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-1835
2
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2021-16
reference_id mfsa2021-16
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2021-16
fixed_packages
0
url pkg:deb/debian/firefox@150.0-1?distro=sid
purl pkg:deb/debian/firefox@150.0-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@150.0-1%3Fdistro=sid
1
url pkg:deb/debian/firefox@0?distro=sid
purl pkg:deb/debian/firefox@0?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@0%3Fdistro=sid
2
url pkg:deb/debian/firefox@149.0-1?distro=sid
purl pkg:deb/debian/firefox@149.0-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0-1%3Fdistro=sid
3
url pkg:deb/debian/firefox@149.0.2-1?distro=sid
purl pkg:deb/debian/firefox@149.0.2-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0.2-1%3Fdistro=sid
aliases CVE-2021-29944
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-2vdu-1jvt-5uf3
17
url VCID-2xvy-5r3e-eqfd
vulnerability_id VCID-2xvy-5r3e-eqfd
summary Unicode RTLO characters could allow malicious websites to spoof filenames in the downloads UI for Firefox for iOS, potentially tricking users into saving files of an unexpected file type.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2025-14744
reference_id
reference_type
scores
0
value 0.00036
scoring_system epss
scoring_elements 0.10599
published_at 2026-04-11T12:55:00Z
1
value 0.00036
scoring_system epss
scoring_elements 0.10494
published_at 2026-04-02T12:55:00Z
2
value 0.00036
scoring_system epss
scoring_elements 0.10393
published_at 2026-04-18T12:55:00Z
3
value 0.00036
scoring_system epss
scoring_elements 0.1041
published_at 2026-04-16T12:55:00Z
4
value 0.00036
scoring_system epss
scoring_elements 0.10543
published_at 2026-04-13T12:55:00Z
5
value 0.00036
scoring_system epss
scoring_elements 0.10567
published_at 2026-04-12T12:55:00Z
6
value 0.00036
scoring_system epss
scoring_elements 0.10565
published_at 2026-04-04T12:55:00Z
7
value 0.00036
scoring_system epss
scoring_elements 0.10429
published_at 2026-04-07T12:55:00Z
8
value 0.00036
scoring_system epss
scoring_elements 0.10503
published_at 2026-04-08T12:55:00Z
9
value 0.00036
scoring_system epss
scoring_elements 0.1057
published_at 2026-04-09T12:55:00Z
10
value 0.00048
scoring_system epss
scoring_elements 0.14659
published_at 2026-04-21T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2025-14744
1
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2025-97
reference_id mfsa2025-97
reference_type
scores
0
value low
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2025-97
2
reference_url https://www.mozilla.org/security/advisories/mfsa2025-97/
reference_id mfsa2025-97
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-18T19:12:45Z/
url https://www.mozilla.org/security/advisories/mfsa2025-97/
3
reference_url https://bugzilla.mozilla.org/show_bug.cgi?id=1984683
reference_id show_bug.cgi?id=1984683
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-18T19:12:45Z/
url https://bugzilla.mozilla.org/show_bug.cgi?id=1984683
fixed_packages
0
url pkg:deb/debian/firefox@150.0-1?distro=sid
purl pkg:deb/debian/firefox@150.0-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@150.0-1%3Fdistro=sid
1
url pkg:deb/debian/firefox@0?distro=sid
purl pkg:deb/debian/firefox@0?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@0%3Fdistro=sid
2
url pkg:deb/debian/firefox@149.0-1?distro=sid
purl pkg:deb/debian/firefox@149.0-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0-1%3Fdistro=sid
3
url pkg:deb/debian/firefox@149.0.2-1?distro=sid
purl pkg:deb/debian/firefox@149.0.2-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0.2-1%3Fdistro=sid
aliases CVE-2025-14744
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-2xvy-5r3e-eqfd
18
url VCID-2yeg-q5hq-wud1
vulnerability_id VCID-2yeg-q5hq-wud1
summary A mechanism where when a new tab is loaded through JavaScript events, if fullscreen mode is then entered, the addressbar will not be rendered. This would allow a malicious site to displayed a spoofed addressbar, showing the location of an arbitrary website instead of the one loaded. *Note: this issue only affects Firefox for Android. Desktop Firefox is unaffected.*
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2017-7770
reference_id
reference_type
scores
0
value 0.00369
scoring_system epss
scoring_elements 0.58789
published_at 2026-04-21T12:55:00Z
1
value 0.00369
scoring_system epss
scoring_elements 0.58661
published_at 2026-04-01T12:55:00Z
2
value 0.00369
scoring_system epss
scoring_elements 0.58811
published_at 2026-04-18T12:55:00Z
3
value 0.00369
scoring_system epss
scoring_elements 0.58773
published_at 2026-04-13T12:55:00Z
4
value 0.00369
scoring_system epss
scoring_elements 0.58806
published_at 2026-04-16T12:55:00Z
5
value 0.00369
scoring_system epss
scoring_elements 0.58744
published_at 2026-04-02T12:55:00Z
6
value 0.00369
scoring_system epss
scoring_elements 0.58765
published_at 2026-04-04T12:55:00Z
7
value 0.00369
scoring_system epss
scoring_elements 0.58733
published_at 2026-04-07T12:55:00Z
8
value 0.00369
scoring_system epss
scoring_elements 0.58786
published_at 2026-04-08T12:55:00Z
9
value 0.00369
scoring_system epss
scoring_elements 0.58793
published_at 2026-04-12T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2017-7770
1
reference_url https://bugzilla.mozilla.org/show_bug.cgi?id=1317242
reference_id
reference_type
scores
url https://bugzilla.mozilla.org/show_bug.cgi?id=1317242
2
reference_url https://www.mozilla.org/security/advisories/mfsa2017-15/
reference_id
reference_type
scores
url https://www.mozilla.org/security/advisories/mfsa2017-15/
3
reference_url http://www.securityfocus.com/bid/99049
reference_id
reference_type
scores
url http://www.securityfocus.com/bid/99049
4
reference_url http://www.securitytracker.com/id/1038689
reference_id
reference_type
scores
url http://www.securitytracker.com/id/1038689
5
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*
reference_id cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*
6
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:google:android:-:*:*:*:*:*:*:*
reference_id cpe:2.3:o:google:android:-:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:google:android:-:*:*:*:*:*:*:*
7
reference_url https://nvd.nist.gov/vuln/detail/CVE-2017-7770
reference_id CVE-2017-7770
reference_type
scores
0
value 4.3
scoring_system cvssv2
scoring_elements AV:N/AC:M/Au:N/C:N/I:P/A:N
1
value 5.9
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
url https://nvd.nist.gov/vuln/detail/CVE-2017-7770
8
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2017-15
reference_id mfsa2017-15
reference_type
scores
0
value critical
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2017-15
fixed_packages
0
url pkg:deb/debian/firefox@150.0-1?distro=sid
purl pkg:deb/debian/firefox@150.0-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@150.0-1%3Fdistro=sid
1
url pkg:deb/debian/firefox@0?distro=sid
purl pkg:deb/debian/firefox@0?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@0%3Fdistro=sid
2
url pkg:deb/debian/firefox@149.0-1?distro=sid
purl pkg:deb/debian/firefox@149.0-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0-1%3Fdistro=sid
3
url pkg:deb/debian/firefox@149.0.2-1?distro=sid
purl pkg:deb/debian/firefox@149.0.2-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0.2-1%3Fdistro=sid
aliases CVE-2017-7770
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-2yeg-q5hq-wud1
19
url VCID-2z7p-2uj3-2qfb
vulnerability_id VCID-2z7p-2uj3-2qfb
summary If hyperthreading is not disabled, a timing attack vulnerability exists, similar to previous Spectre attacks. Apple has shipped macOS 10.14.5 with an option to disable hyperthreading in applications running untrusted code in a thread through a new sysctl. Firefox now makes use of it on the main thread and any worker threads. *Note: users need to update to macOS 10.14.5 in order to take advantage of this change.*
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-9815.json
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-9815.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2019-9815
reference_id
reference_type
scores
0
value 0.0102
scoring_system epss
scoring_elements 0.77257
published_at 2026-04-21T12:55:00Z
1
value 0.0102
scoring_system epss
scoring_elements 0.77224
published_at 2026-04-13T12:55:00Z
2
value 0.0102
scoring_system epss
scoring_elements 0.77263
published_at 2026-04-16T12:55:00Z
3
value 0.0102
scoring_system epss
scoring_elements 0.77265
published_at 2026-04-18T12:55:00Z
4
value 0.0102
scoring_system epss
scoring_elements 0.77162
published_at 2026-04-01T12:55:00Z
5
value 0.0102
scoring_system epss
scoring_elements 0.77169
published_at 2026-04-02T12:55:00Z
6
value 0.0102
scoring_system epss
scoring_elements 0.77198
published_at 2026-04-04T12:55:00Z
7
value 0.0102
scoring_system epss
scoring_elements 0.77179
published_at 2026-04-07T12:55:00Z
8
value 0.0102
scoring_system epss
scoring_elements 0.77212
published_at 2026-04-08T12:55:00Z
9
value 0.0102
scoring_system epss
scoring_elements 0.7722
published_at 2026-04-09T12:55:00Z
10
value 0.0102
scoring_system epss
scoring_elements 0.77248
published_at 2026-04-11T12:55:00Z
11
value 0.0102
scoring_system epss
scoring_elements 0.77227
published_at 2026-04-12T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2019-9815
2
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1712624
reference_id 1712624
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1712624
3
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2019-13
reference_id mfsa2019-13
reference_type
scores
0
value critical
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2019-13
4
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2019-14
reference_id mfsa2019-14
reference_type
scores
0
value critical
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2019-14
5
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2019-15
reference_id mfsa2019-15
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2019-15
fixed_packages
0
url pkg:deb/debian/firefox@150.0-1?distro=sid
purl pkg:deb/debian/firefox@150.0-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@150.0-1%3Fdistro=sid
1
url pkg:deb/debian/firefox@0?distro=sid
purl pkg:deb/debian/firefox@0?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@0%3Fdistro=sid
2
url pkg:deb/debian/firefox@149.0-1?distro=sid
purl pkg:deb/debian/firefox@149.0-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0-1%3Fdistro=sid
3
url pkg:deb/debian/firefox@149.0.2-1?distro=sid
purl pkg:deb/debian/firefox@149.0.2-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0.2-1%3Fdistro=sid
aliases CVE-2019-9815
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-2z7p-2uj3-2qfb
20
url VCID-33n8-tvfg-2qg9
vulnerability_id VCID-33n8-tvfg-2qg9
summary Opening maliciously-crafted URLs in Firefox from other apps such as Safari could have allowed attackers to spoof website addresses if the URLs utilized non-HTTP schemes used internally by the Firefox iOS client
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2025-5020
reference_id
reference_type
scores
0
value 0.00181
scoring_system epss
scoring_elements 0.39681
published_at 2026-04-21T12:55:00Z
1
value 0.00181
scoring_system epss
scoring_elements 0.39777
published_at 2026-04-02T12:55:00Z
2
value 0.00181
scoring_system epss
scoring_elements 0.39796
published_at 2026-04-11T12:55:00Z
3
value 0.00181
scoring_system epss
scoring_elements 0.39761
published_at 2026-04-12T12:55:00Z
4
value 0.00181
scoring_system epss
scoring_elements 0.39744
published_at 2026-04-13T12:55:00Z
5
value 0.00181
scoring_system epss
scoring_elements 0.39794
published_at 2026-04-16T12:55:00Z
6
value 0.00181
scoring_system epss
scoring_elements 0.39765
published_at 2026-04-18T12:55:00Z
7
value 0.00181
scoring_system epss
scoring_elements 0.398
published_at 2026-04-04T12:55:00Z
8
value 0.00181
scoring_system epss
scoring_elements 0.39719
published_at 2026-04-07T12:55:00Z
9
value 0.00181
scoring_system epss
scoring_elements 0.39773
published_at 2026-04-08T12:55:00Z
10
value 0.00181
scoring_system epss
scoring_elements 0.39787
published_at 2026-04-09T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2025-5020
1
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2025-39
reference_id mfsa2025-39
reference_type
scores
0
value low
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2025-39
2
reference_url https://www.mozilla.org/security/advisories/mfsa2025-39/
reference_id mfsa2025-39
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-21T18:58:50Z/
url https://www.mozilla.org/security/advisories/mfsa2025-39/
3
reference_url https://bugzilla.mozilla.org/show_bug.cgi?id=1951558
reference_id show_bug.cgi?id=1951558
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-21T18:58:50Z/
url https://bugzilla.mozilla.org/show_bug.cgi?id=1951558
fixed_packages
0
url pkg:deb/debian/firefox@150.0-1?distro=sid
purl pkg:deb/debian/firefox@150.0-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@150.0-1%3Fdistro=sid
1
url pkg:deb/debian/firefox@0?distro=sid
purl pkg:deb/debian/firefox@0?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@0%3Fdistro=sid
2
url pkg:deb/debian/firefox@149.0-1?distro=sid
purl pkg:deb/debian/firefox@149.0-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0-1%3Fdistro=sid
3
url pkg:deb/debian/firefox@149.0.2-1?distro=sid
purl pkg:deb/debian/firefox@149.0.2-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0.2-1%3Fdistro=sid
aliases CVE-2025-5020
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-33n8-tvfg-2qg9
21
url VCID-3w3b-gzvg-87ag
vulnerability_id VCID-3w3b-gzvg-87ag
summary If a user had granted a permission to a webpage and saved that grant, any webpage running on the same host - irrespective of scheme or port - would be granted that permission.*This bug only affects Firefox for Android. Other operating systems are unaffected.*
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2021-29971
reference_id
reference_type
scores
0
value 0.00412
scoring_system epss
scoring_elements 0.61467
published_at 2026-04-21T12:55:00Z
1
value 0.00412
scoring_system epss
scoring_elements 0.61314
published_at 2026-04-01T12:55:00Z
2
value 0.00412
scoring_system epss
scoring_elements 0.61479
published_at 2026-04-16T12:55:00Z
3
value 0.00412
scoring_system epss
scoring_elements 0.61483
published_at 2026-04-18T12:55:00Z
4
value 0.00412
scoring_system epss
scoring_elements 0.61391
published_at 2026-04-02T12:55:00Z
5
value 0.00412
scoring_system epss
scoring_elements 0.61419
published_at 2026-04-04T12:55:00Z
6
value 0.00412
scoring_system epss
scoring_elements 0.61389
published_at 2026-04-07T12:55:00Z
7
value 0.00412
scoring_system epss
scoring_elements 0.61435
published_at 2026-04-08T12:55:00Z
8
value 0.00412
scoring_system epss
scoring_elements 0.61451
published_at 2026-04-09T12:55:00Z
9
value 0.00412
scoring_system epss
scoring_elements 0.61473
published_at 2026-04-11T12:55:00Z
10
value 0.00412
scoring_system epss
scoring_elements 0.61458
published_at 2026-04-12T12:55:00Z
11
value 0.00412
scoring_system epss
scoring_elements 0.6144
published_at 2026-04-13T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2021-29971
1
reference_url https://security.archlinux.org/AVG-2149
reference_id AVG-2149
reference_type
scores
0
value High
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-2149
2
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2021-28
reference_id mfsa2021-28
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2021-28
fixed_packages
0
url pkg:deb/debian/firefox@150.0-1?distro=sid
purl pkg:deb/debian/firefox@150.0-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@150.0-1%3Fdistro=sid
1
url pkg:deb/debian/firefox@0?distro=sid
purl pkg:deb/debian/firefox@0?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@0%3Fdistro=sid
2
url pkg:deb/debian/firefox@149.0-1?distro=sid
purl pkg:deb/debian/firefox@149.0-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0-1%3Fdistro=sid
3
url pkg:deb/debian/firefox@149.0.2-1?distro=sid
purl pkg:deb/debian/firefox@149.0.2-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0.2-1%3Fdistro=sid
aliases CVE-2021-29971
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-3w3b-gzvg-87ag
22
url VCID-44zf-meps-6fey
vulnerability_id VCID-44zf-meps-6fey
summary 
Given an installed malicious file picker application, an attacker was able to overwrite local files and thus overwrite Firefox settings (but not access the previous profile).
*Note: This issue only affected Firefox for Android. Other operating systems are unaffected.*
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-15650.json
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-15650.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2020-15650
reference_id
reference_type
scores
0
value 0.00248
scoring_system epss
scoring_elements 0.47993
published_at 2026-04-01T12:55:00Z
1
value 0.00248
scoring_system epss
scoring_elements 0.48031
published_at 2026-04-02T12:55:00Z
2
value 0.00248
scoring_system epss
scoring_elements 0.48052
published_at 2026-04-04T12:55:00Z
3
value 0.00248
scoring_system epss
scoring_elements 0.48001
published_at 2026-04-07T12:55:00Z
4
value 0.00248
scoring_system epss
scoring_elements 0.48054
published_at 2026-04-08T12:55:00Z
5
value 0.00248
scoring_system epss
scoring_elements 0.48048
published_at 2026-04-09T12:55:00Z
6
value 0.00248
scoring_system epss
scoring_elements 0.48072
published_at 2026-04-11T12:55:00Z
7
value 0.00248
scoring_system epss
scoring_elements 0.48049
published_at 2026-04-12T12:55:00Z
8
value 0.00248
scoring_system epss
scoring_elements 0.4806
published_at 2026-04-13T12:55:00Z
9
value 0.00248
scoring_system epss
scoring_elements 0.48112
published_at 2026-04-16T12:55:00Z
10
value 0.00248
scoring_system epss
scoring_elements 0.48108
published_at 2026-04-18T12:55:00Z
11
value 0.00248
scoring_system epss
scoring_elements 0.48063
published_at 2026-04-21T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2020-15650
2
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1870410
reference_id 1870410
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1870410
3
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2020-31
reference_id mfsa2020-31
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2020-31
fixed_packages
0
url pkg:deb/debian/firefox@150.0-1?distro=sid
purl pkg:deb/debian/firefox@150.0-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@150.0-1%3Fdistro=sid
1
url pkg:deb/debian/firefox@0?distro=sid
purl pkg:deb/debian/firefox@0?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@0%3Fdistro=sid
2
url pkg:deb/debian/firefox@149.0-1?distro=sid
purl pkg:deb/debian/firefox@149.0-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0-1%3Fdistro=sid
3
url pkg:deb/debian/firefox@149.0.2-1?distro=sid
purl pkg:deb/debian/firefox@149.0.2-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0.2-1%3Fdistro=sid
aliases CVE-2020-15650
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-44zf-meps-6fey
23
url VCID-4c3c-ygt3-kbg5
vulnerability_id VCID-4c3c-ygt3-kbg5
summary 
Multiple vulnerabilities have been found in Mozilla Firefox, the
    worst of which may allow execution of arbitrary code.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-6797.json
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-6797.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2020-6797
reference_id
reference_type
scores
0
value 0.0102
scoring_system epss
scoring_elements 0.77253
published_at 2026-04-21T12:55:00Z
1
value 0.0102
scoring_system epss
scoring_elements 0.77224
published_at 2026-04-12T12:55:00Z
2
value 0.0102
scoring_system epss
scoring_elements 0.7722
published_at 2026-04-13T12:55:00Z
3
value 0.0102
scoring_system epss
scoring_elements 0.7726
published_at 2026-04-16T12:55:00Z
4
value 0.0102
scoring_system epss
scoring_elements 0.77262
published_at 2026-04-18T12:55:00Z
5
value 0.0102
scoring_system epss
scoring_elements 0.77159
published_at 2026-04-01T12:55:00Z
6
value 0.0102
scoring_system epss
scoring_elements 0.77165
published_at 2026-04-02T12:55:00Z
7
value 0.0102
scoring_system epss
scoring_elements 0.77195
published_at 2026-04-04T12:55:00Z
8
value 0.0102
scoring_system epss
scoring_elements 0.77176
published_at 2026-04-07T12:55:00Z
9
value 0.0102
scoring_system epss
scoring_elements 0.77209
published_at 2026-04-08T12:55:00Z
10
value 0.0102
scoring_system epss
scoring_elements 0.77217
published_at 2026-04-09T12:55:00Z
11
value 0.0102
scoring_system epss
scoring_elements 0.77245
published_at 2026-04-11T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2020-6797
2
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5.7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
3
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1801917
reference_id 1801917
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1801917
4
reference_url https://security.gentoo.org/glsa/202003-02
reference_id GLSA-202003-02
reference_type
scores
url https://security.gentoo.org/glsa/202003-02
5
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2020-05
reference_id mfsa2020-05
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2020-05
6
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2020-06
reference_id mfsa2020-06
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2020-06
7
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2020-07
reference_id mfsa2020-07
reference_type
scores
0
value none
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2020-07
fixed_packages
0
url pkg:deb/debian/firefox@150.0-1?distro=sid
purl pkg:deb/debian/firefox@150.0-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@150.0-1%3Fdistro=sid
1
url pkg:deb/debian/firefox@0?distro=sid
purl pkg:deb/debian/firefox@0?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@0%3Fdistro=sid
2
url pkg:deb/debian/firefox@149.0-1?distro=sid
purl pkg:deb/debian/firefox@149.0-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0-1%3Fdistro=sid
3
url pkg:deb/debian/firefox@149.0.2-1?distro=sid
purl pkg:deb/debian/firefox@149.0.2-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0.2-1%3Fdistro=sid
aliases CVE-2020-6797
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-4c3c-ygt3-kbg5
24
url VCID-4c57-5fbn-8bdy
vulnerability_id VCID-4c57-5fbn-8bdy
summary Malicious websites utilizing a server-side redirect to an internal error page could result in a spoofed website URL
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2025-27426
reference_id
reference_type
scores
0
value 0.00034
scoring_system epss
scoring_elements 0.09725
published_at 2026-04-07T12:55:00Z
1
value 0.00034
scoring_system epss
scoring_elements 0.09774
published_at 2026-04-02T12:55:00Z
2
value 0.00034
scoring_system epss
scoring_elements 0.09824
published_at 2026-04-04T12:55:00Z
3
value 0.00034
scoring_system epss
scoring_elements 0.09796
published_at 2026-04-08T12:55:00Z
4
value 0.00034
scoring_system epss
scoring_elements 0.09858
published_at 2026-04-11T12:55:00Z
5
value 0.00034
scoring_system epss
scoring_elements 0.09849
published_at 2026-04-09T12:55:00Z
6
value 0.0031
scoring_system epss
scoring_elements 0.54206
published_at 2026-04-12T12:55:00Z
7
value 0.00322
scoring_system epss
scoring_elements 0.55265
published_at 2026-04-18T12:55:00Z
8
value 0.00331
scoring_system epss
scoring_elements 0.56045
published_at 2026-04-21T12:55:00Z
9
value 0.0036
scoring_system epss
scoring_elements 0.58211
published_at 2026-04-13T12:55:00Z
10
value 0.0036
scoring_system epss
scoring_elements 0.58243
published_at 2026-04-16T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2025-27426
1
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2025-13
reference_id mfsa2025-13
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2025-13
2
reference_url https://www.mozilla.org/security/advisories/mfsa2025-13/
reference_id mfsa2025-13
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-03-04T15:31:20Z/
url https://www.mozilla.org/security/advisories/mfsa2025-13/
3
reference_url https://bugzilla.mozilla.org/show_bug.cgi?id=1933079
reference_id show_bug.cgi?id=1933079
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-03-04T15:31:20Z/
url https://bugzilla.mozilla.org/show_bug.cgi?id=1933079
fixed_packages
0
url pkg:deb/debian/firefox@150.0-1?distro=sid
purl pkg:deb/debian/firefox@150.0-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@150.0-1%3Fdistro=sid
1
url pkg:deb/debian/firefox@0?distro=sid
purl pkg:deb/debian/firefox@0?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@0%3Fdistro=sid
2
url pkg:deb/debian/firefox@149.0-1?distro=sid
purl pkg:deb/debian/firefox@149.0-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0-1%3Fdistro=sid
3
url pkg:deb/debian/firefox@149.0.2-1?distro=sid
purl pkg:deb/debian/firefox@149.0.2-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0.2-1%3Fdistro=sid
aliases CVE-2025-27426
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-4c57-5fbn-8bdy
25
url VCID-4jfr-pz41-gfbz
vulnerability_id VCID-4jfr-pz41-gfbz
summary Multiple vulnerabilities have been discovered in Mozilla Thunderbird, the worst of which could lead to remote code execution.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2024-7523
reference_id
reference_type
scores
0
value 0.00115
scoring_system epss
scoring_elements 0.30103
published_at 2026-04-21T12:55:00Z
1
value 0.00115
scoring_system epss
scoring_elements 0.30238
published_at 2026-04-09T12:55:00Z
2
value 0.00115
scoring_system epss
scoring_elements 0.30241
published_at 2026-04-11T12:55:00Z
3
value 0.00115
scoring_system epss
scoring_elements 0.30198
published_at 2026-04-12T12:55:00Z
4
value 0.00115
scoring_system epss
scoring_elements 0.30151
published_at 2026-04-13T12:55:00Z
5
value 0.00115
scoring_system epss
scoring_elements 0.30166
published_at 2026-04-16T12:55:00Z
6
value 0.00115
scoring_system epss
scoring_elements 0.30147
published_at 2026-04-18T12:55:00Z
7
value 0.00115
scoring_system epss
scoring_elements 0.30279
published_at 2026-04-02T12:55:00Z
8
value 0.00115
scoring_system epss
scoring_elements 0.30329
published_at 2026-04-04T12:55:00Z
9
value 0.00115
scoring_system epss
scoring_elements 0.30143
published_at 2026-04-07T12:55:00Z
10
value 0.00115
scoring_system epss
scoring_elements 0.30203
published_at 2026-04-08T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2024-7523
1
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
2
reference_url https://security.gentoo.org/glsa/202412-04
reference_id GLSA-202412-04
reference_type
scores
url https://security.gentoo.org/glsa/202412-04
3
reference_url https://security.gentoo.org/glsa/202412-06
reference_id GLSA-202412-06
reference_type
scores
url https://security.gentoo.org/glsa/202412-06
4
reference_url https://security.gentoo.org/glsa/202412-13
reference_id GLSA-202412-13
reference_type
scores
url https://security.gentoo.org/glsa/202412-13
5
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2024-33
reference_id mfsa2024-33
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2024-33
6
reference_url https://www.mozilla.org/security/advisories/mfsa2024-33/
reference_id mfsa2024-33
reference_type
scores
0
value 6.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-08-06T19:41:10Z/
url https://www.mozilla.org/security/advisories/mfsa2024-33/
7
reference_url https://bugzilla.mozilla.org/show_bug.cgi?id=1908344
reference_id show_bug.cgi?id=1908344
reference_type
scores
0
value 6.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-08-06T19:41:10Z/
url https://bugzilla.mozilla.org/show_bug.cgi?id=1908344
fixed_packages
0
url pkg:deb/debian/firefox@150.0-1?distro=sid
purl pkg:deb/debian/firefox@150.0-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@150.0-1%3Fdistro=sid
1
url pkg:deb/debian/firefox@0?distro=sid
purl pkg:deb/debian/firefox@0?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@0%3Fdistro=sid
2
url pkg:deb/debian/firefox@149.0-1?distro=sid
purl pkg:deb/debian/firefox@149.0-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0-1%3Fdistro=sid
3
url pkg:deb/debian/firefox@149.0.2-1?distro=sid
purl pkg:deb/debian/firefox@149.0.2-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0.2-1%3Fdistro=sid
aliases CVE-2024-7523
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-4jfr-pz41-gfbz
26
url VCID-4jtc-q2de-nqfz
vulnerability_id VCID-4jtc-q2de-nqfz
summary When receiving a URL through a SEND intent, Firefox would have searched for the text, but subsequent usages of the address bar might have caused the URL to load unintentionally, which could lead to XSS and spoofing attacks.*This bug only affects Firefox for Android. Other operating systems are unaffected.*
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2021-43544
reference_id
reference_type
scores
0
value 0.00377
scoring_system epss
scoring_elements 0.59322
published_at 2026-04-21T12:55:00Z
1
value 0.00377
scoring_system epss
scoring_elements 0.59317
published_at 2026-04-09T12:55:00Z
2
value 0.00377
scoring_system epss
scoring_elements 0.59336
published_at 2026-04-11T12:55:00Z
3
value 0.00377
scoring_system epss
scoring_elements 0.59319
published_at 2026-04-12T12:55:00Z
4
value 0.00377
scoring_system epss
scoring_elements 0.59302
published_at 2026-04-13T12:55:00Z
5
value 0.00377
scoring_system epss
scoring_elements 0.59335
published_at 2026-04-16T12:55:00Z
6
value 0.00377
scoring_system epss
scoring_elements 0.59341
published_at 2026-04-18T12:55:00Z
7
value 0.00377
scoring_system epss
scoring_elements 0.59253
published_at 2026-04-07T12:55:00Z
8
value 0.00377
scoring_system epss
scoring_elements 0.59304
published_at 2026-04-08T12:55:00Z
9
value 0.0038
scoring_system epss
scoring_elements 0.59357
published_at 2026-04-01T12:55:00Z
10
value 0.0038
scoring_system epss
scoring_elements 0.5943
published_at 2026-04-02T12:55:00Z
11
value 0.0038
scoring_system epss
scoring_elements 0.59454
published_at 2026-04-04T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2021-43544
1
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:L
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
2
reference_url https://security.archlinux.org/AVG-2607
reference_id AVG-2607
reference_type
scores
0
value Medium
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-2607
3
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2021-52
reference_id mfsa2021-52
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2021-52
fixed_packages
0
url pkg:deb/debian/firefox@150.0-1?distro=sid
purl pkg:deb/debian/firefox@150.0-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@150.0-1%3Fdistro=sid
1
url pkg:deb/debian/firefox@0?distro=sid
purl pkg:deb/debian/firefox@0?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@0%3Fdistro=sid
2
url pkg:deb/debian/firefox@149.0-1?distro=sid
purl pkg:deb/debian/firefox@149.0-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0-1%3Fdistro=sid
3
url pkg:deb/debian/firefox@149.0.2-1?distro=sid
purl pkg:deb/debian/firefox@149.0.2-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0.2-1%3Fdistro=sid
aliases CVE-2021-43544
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-4jtc-q2de-nqfz
27
url VCID-4r8e-64b6-bbbu
vulnerability_id VCID-4r8e-64b6-bbbu
summary Use-after-free in the Widget: Cocoa component. This vulnerability affects Firefox < 149, Firefox ESR < 140.9, Thunderbird < 149, and Thunderbird < 140.9.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-4711.json
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-4711.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-4711
reference_id
reference_type
scores
0
value 0.00023
scoring_system epss
scoring_elements 0.06224
published_at 2026-04-21T12:55:00Z
1
value 0.00023
scoring_system epss
scoring_elements 0.06078
published_at 2026-04-18T12:55:00Z
2
value 0.00023
scoring_system epss
scoring_elements 0.06047
published_at 2026-04-07T12:55:00Z
3
value 0.00023
scoring_system epss
scoring_elements 0.06117
published_at 2026-04-11T12:55:00Z
4
value 0.00023
scoring_system epss
scoring_elements 0.06126
published_at 2026-04-09T12:55:00Z
5
value 0.00023
scoring_system epss
scoring_elements 0.06087
published_at 2026-04-08T12:55:00Z
6
value 0.00023
scoring_system epss
scoring_elements 0.06062
published_at 2026-04-04T12:55:00Z
7
value 0.00023
scoring_system epss
scoring_elements 0.06027
published_at 2026-04-02T12:55:00Z
8
value 0.00023
scoring_system epss
scoring_elements 0.06067
published_at 2026-04-16T12:55:00Z
9
value 0.00023
scoring_system epss
scoring_elements 0.06105
published_at 2026-04-13T12:55:00Z
10
value 0.00023
scoring_system epss
scoring_elements 0.06112
published_at 2026-04-12T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-4711
2
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 6.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
3
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2450733
reference_id 2450733
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2450733
4
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-20
reference_id mfsa2026-20
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-20
5
reference_url https://www.mozilla.org/security/advisories/mfsa2026-20/
reference_id mfsa2026-20
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-03-25T16:25:02Z/
url https://www.mozilla.org/security/advisories/mfsa2026-20/
6
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-22
reference_id mfsa2026-22
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-22
7
reference_url https://www.mozilla.org/security/advisories/mfsa2026-22/
reference_id mfsa2026-22
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-03-25T16:25:02Z/
url https://www.mozilla.org/security/advisories/mfsa2026-22/
8
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-23
reference_id mfsa2026-23
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-23
9
reference_url https://www.mozilla.org/security/advisories/mfsa2026-23/
reference_id mfsa2026-23
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-03-25T16:25:02Z/
url https://www.mozilla.org/security/advisories/mfsa2026-23/
10
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-24
reference_id mfsa2026-24
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-24
11
reference_url https://www.mozilla.org/security/advisories/mfsa2026-24/
reference_id mfsa2026-24
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-03-25T16:25:02Z/
url https://www.mozilla.org/security/advisories/mfsa2026-24/
12
reference_url https://access.redhat.com/errata/RHSA-2026:5930
reference_id RHSA-2026:5930
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:5930
13
reference_url https://access.redhat.com/errata/RHSA-2026:5931
reference_id RHSA-2026:5931
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:5931
14
reference_url https://access.redhat.com/errata/RHSA-2026:5932
reference_id RHSA-2026:5932
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:5932
15
reference_url https://access.redhat.com/errata/RHSA-2026:6188
reference_id RHSA-2026:6188
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:6188
16
reference_url https://access.redhat.com/errata/RHSA-2026:6342
reference_id RHSA-2026:6342
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:6342
17
reference_url https://access.redhat.com/errata/RHSA-2026:6917
reference_id RHSA-2026:6917
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:6917
18
reference_url https://access.redhat.com/errata/RHSA-2026:7837
reference_id RHSA-2026:7837
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7837
19
reference_url https://access.redhat.com/errata/RHSA-2026:7838
reference_id RHSA-2026:7838
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7838
20
reference_url https://access.redhat.com/errata/RHSA-2026:7839
reference_id RHSA-2026:7839
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7839
21
reference_url https://access.redhat.com/errata/RHSA-2026:7840
reference_id RHSA-2026:7840
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7840
22
reference_url https://access.redhat.com/errata/RHSA-2026:7841
reference_id RHSA-2026:7841
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7841
23
reference_url https://access.redhat.com/errata/RHSA-2026:7842
reference_id RHSA-2026:7842
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7842
24
reference_url https://access.redhat.com/errata/RHSA-2026:7843
reference_id RHSA-2026:7843
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7843
25
reference_url https://access.redhat.com/errata/RHSA-2026:7845
reference_id RHSA-2026:7845
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7845
26
reference_url https://access.redhat.com/errata/RHSA-2026:7858
reference_id RHSA-2026:7858
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7858
27
reference_url https://access.redhat.com/errata/RHSA-2026:8284
reference_id RHSA-2026:8284
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8284
28
reference_url https://access.redhat.com/errata/RHSA-2026:8285
reference_id RHSA-2026:8285
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8285
29
reference_url https://access.redhat.com/errata/RHSA-2026:8286
reference_id RHSA-2026:8286
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8286
30
reference_url https://access.redhat.com/errata/RHSA-2026:8287
reference_id RHSA-2026:8287
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8287
31
reference_url https://access.redhat.com/errata/RHSA-2026:8288
reference_id RHSA-2026:8288
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8288
32
reference_url https://access.redhat.com/errata/RHSA-2026:8289
reference_id RHSA-2026:8289
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8289
33
reference_url https://access.redhat.com/errata/RHSA-2026:8290
reference_id RHSA-2026:8290
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8290
34
reference_url https://access.redhat.com/errata/RHSA-2026:8315
reference_id RHSA-2026:8315
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8315
35
reference_url https://access.redhat.com/errata/RHSA-2026:8427
reference_id RHSA-2026:8427
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8427
36
reference_url https://access.redhat.com/errata/RHSA-2026:8850
reference_id RHSA-2026:8850
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8850
37
reference_url https://bugzilla.mozilla.org/show_bug.cgi?id=2017002
reference_id show_bug.cgi?id=2017002
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-03-25T16:25:02Z/
url https://bugzilla.mozilla.org/show_bug.cgi?id=2017002
fixed_packages
0
url pkg:deb/debian/firefox@150.0-1?distro=sid
purl pkg:deb/debian/firefox@150.0-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@150.0-1%3Fdistro=sid
1
url pkg:deb/debian/firefox@0?distro=sid
purl pkg:deb/debian/firefox@0?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@0%3Fdistro=sid
2
url pkg:deb/debian/firefox@149.0-1?distro=sid
purl pkg:deb/debian/firefox@149.0-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0-1%3Fdistro=sid
3
url pkg:deb/debian/firefox@149.0.2-1?distro=sid
purl pkg:deb/debian/firefox@149.0.2-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0.2-1%3Fdistro=sid
aliases CVE-2026-4711
risk_score 4.4
exploitability 0.5
weighted_severity 8.8
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-4r8e-64b6-bbbu
28
url VCID-4rpa-nwnh-b3h3
vulnerability_id VCID-4rpa-nwnh-b3h3
summary The Mozilla Windows updater modifies some files to be updated by reading the original file and applying changes to it. The location of the original file can be altered by a malicious user by passing a special path to the callback parameter through the Mozilla Maintenance Service, allowing the manipulation of files in the installation directory and privilege escalation by manipulating the Mozilla Maintenance Service, which has privileged access. *Note: This attack requires local system access and only affects Windows. Other operating systems are not affected.*
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2017-7760
reference_id
reference_type
scores
0
value 0.00138
scoring_system epss
scoring_elements 0.3385
published_at 2026-04-21T12:55:00Z
1
value 0.00138
scoring_system epss
scoring_elements 0.33882
published_at 2026-04-12T12:55:00Z
2
value 0.00138
scoring_system epss
scoring_elements 0.33858
published_at 2026-04-13T12:55:00Z
3
value 0.00138
scoring_system epss
scoring_elements 0.33896
published_at 2026-04-16T12:55:00Z
4
value 0.00138
scoring_system epss
scoring_elements 0.33881
published_at 2026-04-18T12:55:00Z
5
value 0.00138
scoring_system epss
scoring_elements 0.33621
published_at 2026-04-01T12:55:00Z
6
value 0.00138
scoring_system epss
scoring_elements 0.33965
published_at 2026-04-02T12:55:00Z
7
value 0.00138
scoring_system epss
scoring_elements 0.33997
published_at 2026-04-04T12:55:00Z
8
value 0.00138
scoring_system epss
scoring_elements 0.33851
published_at 2026-04-07T12:55:00Z
9
value 0.00138
scoring_system epss
scoring_elements 0.33893
published_at 2026-04-08T12:55:00Z
10
value 0.00138
scoring_system epss
scoring_elements 0.33925
published_at 2026-04-09T12:55:00Z
11
value 0.00138
scoring_system epss
scoring_elements 0.33924
published_at 2026-04-11T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2017-7760
1
reference_url https://bugzilla.mozilla.org/show_bug.cgi?id=1348645
reference_id
reference_type
scores
url https://bugzilla.mozilla.org/show_bug.cgi?id=1348645
2
reference_url https://www.mozilla.org/security/advisories/mfsa2017-15/
reference_id
reference_type
scores
url https://www.mozilla.org/security/advisories/mfsa2017-15/
3
reference_url https://www.mozilla.org/security/advisories/mfsa2017-16/
reference_id
reference_type
scores
url https://www.mozilla.org/security/advisories/mfsa2017-16/
4
reference_url http://www.securityfocus.com/bid/99057
reference_id
reference_type
scores
url http://www.securityfocus.com/bid/99057
5
reference_url http://www.securitytracker.com/id/1038689
reference_id
reference_type
scores
url http://www.securitytracker.com/id/1038689
6
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*
reference_id cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*
7
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*
reference_id cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*
8
reference_url https://nvd.nist.gov/vuln/detail/CVE-2017-7760
reference_id CVE-2017-7760
reference_type
scores
0
value 4.6
scoring_system cvssv2
scoring_elements AV:L/AC:L/Au:N/C:P/I:P/A:P
1
value 7.8
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
url https://nvd.nist.gov/vuln/detail/CVE-2017-7760
9
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2017-15
reference_id mfsa2017-15
reference_type
scores
0
value critical
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2017-15
10
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2017-16
reference_id mfsa2017-16
reference_type
scores
0
value critical
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2017-16
fixed_packages
0
url pkg:deb/debian/firefox@150.0-1?distro=sid
purl pkg:deb/debian/firefox@150.0-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@150.0-1%3Fdistro=sid
1
url pkg:deb/debian/firefox@0?distro=sid
purl pkg:deb/debian/firefox@0?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@0%3Fdistro=sid
2
url pkg:deb/debian/firefox@149.0-1?distro=sid
purl pkg:deb/debian/firefox@149.0-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0-1%3Fdistro=sid
3
url pkg:deb/debian/firefox@149.0.2-1?distro=sid
purl pkg:deb/debian/firefox@149.0.2-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0.2-1%3Fdistro=sid
aliases CVE-2017-7760
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-4rpa-nwnh-b3h3
29
url VCID-4sv2-j8zg-xkhf
vulnerability_id VCID-4sv2-j8zg-xkhf
summary When running, the updater service wrote status and log files to an unrestricted location; potentially allowing an unprivileged process to locate and exploit a vulnerability in file handling in the updater service. *Note: This attack requires local system access and only affects Windows. Other operating systems are not affected.*
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-17009.json
reference_id
reference_type
scores
0
value 7.8
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-17009.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2019-17009
reference_id
reference_type
scores
0
value 0.00144
scoring_system epss
scoring_elements 0.34687
published_at 2026-04-21T12:55:00Z
1
value 0.00144
scoring_system epss
scoring_elements 0.3477
published_at 2026-04-11T12:55:00Z
2
value 0.00144
scoring_system epss
scoring_elements 0.34731
published_at 2026-04-12T12:55:00Z
3
value 0.00144
scoring_system epss
scoring_elements 0.34708
published_at 2026-04-13T12:55:00Z
4
value 0.00144
scoring_system epss
scoring_elements 0.34742
published_at 2026-04-16T12:55:00Z
5
value 0.00144
scoring_system epss
scoring_elements 0.34727
published_at 2026-04-18T12:55:00Z
6
value 0.00144
scoring_system epss
scoring_elements 0.34579
published_at 2026-04-01T12:55:00Z
7
value 0.00144
scoring_system epss
scoring_elements 0.34792
published_at 2026-04-02T12:55:00Z
8
value 0.00144
scoring_system epss
scoring_elements 0.34818
published_at 2026-04-04T12:55:00Z
9
value 0.00144
scoring_system epss
scoring_elements 0.34695
published_at 2026-04-07T12:55:00Z
10
value 0.00144
scoring_system epss
scoring_elements 0.34738
published_at 2026-04-08T12:55:00Z
11
value 0.00144
scoring_system epss
scoring_elements 0.34766
published_at 2026-04-09T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2019-17009
2
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 7.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
3
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1779433
reference_id 1779433
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1779433
4
reference_url https://security.archlinux.org/ASA-201912-1
reference_id ASA-201912-1
reference_type
scores
url https://security.archlinux.org/ASA-201912-1
5
reference_url https://security.archlinux.org/AVG-1071
reference_id AVG-1071
reference_type
scores
0
value Critical
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-1071
6
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2019-36
reference_id mfsa2019-36
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2019-36
7
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2019-37
reference_id mfsa2019-37
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2019-37
8
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2019-38
reference_id mfsa2019-38
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2019-38
fixed_packages
0
url pkg:deb/debian/firefox@150.0-1?distro=sid
purl pkg:deb/debian/firefox@150.0-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@150.0-1%3Fdistro=sid
1
url pkg:deb/debian/firefox@0?distro=sid
purl pkg:deb/debian/firefox@0?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@0%3Fdistro=sid
2
url pkg:deb/debian/firefox@149.0-1?distro=sid
purl pkg:deb/debian/firefox@149.0-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0-1%3Fdistro=sid
3
url pkg:deb/debian/firefox@149.0.2-1?distro=sid
purl pkg:deb/debian/firefox@149.0.2-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0.2-1%3Fdistro=sid
aliases CVE-2019-17009
risk_score 4.5
exploitability 0.5
weighted_severity 9.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-4sv2-j8zg-xkhf
30
url VCID-4urd-zjpu-47ed
vulnerability_id VCID-4urd-zjpu-47ed
summary Multiple vulnerabilities have been found in Mozilla Firefox, the worst of which could lead to remote code execution.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2023-6870
reference_id
reference_type
scores
0
value 0.00603
scoring_system epss
scoring_elements 0.69584
published_at 2026-04-21T12:55:00Z
1
value 0.00676
scoring_system epss
scoring_elements 0.71428
published_at 2026-04-02T12:55:00Z
2
value 0.00676
scoring_system epss
scoring_elements 0.71446
published_at 2026-04-04T12:55:00Z
3
value 0.00676
scoring_system epss
scoring_elements 0.71421
published_at 2026-04-07T12:55:00Z
4
value 0.00676
scoring_system epss
scoring_elements 0.71461
published_at 2026-04-13T12:55:00Z
5
value 0.00676
scoring_system epss
scoring_elements 0.71496
published_at 2026-04-11T12:55:00Z
6
value 0.00676
scoring_system epss
scoring_elements 0.7148
published_at 2026-04-12T12:55:00Z
7
value 0.00676
scoring_system epss
scoring_elements 0.71507
published_at 2026-04-16T12:55:00Z
8
value 0.00676
scoring_system epss
scoring_elements 0.71512
published_at 2026-04-18T12:55:00Z
9
value 0.00676
scoring_system epss
scoring_elements 0.71473
published_at 2026-04-09T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2023-6870
1
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2023-56
reference_id mfsa2023-56
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2023-56
fixed_packages
0
url pkg:deb/debian/firefox@150.0-1?distro=sid
purl pkg:deb/debian/firefox@150.0-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@150.0-1%3Fdistro=sid
1
url pkg:deb/debian/firefox@0?distro=sid
purl pkg:deb/debian/firefox@0?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@0%3Fdistro=sid
2
url pkg:deb/debian/firefox@149.0-1?distro=sid
purl pkg:deb/debian/firefox@149.0-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0-1%3Fdistro=sid
3
url pkg:deb/debian/firefox@149.0.2-1?distro=sid
purl pkg:deb/debian/firefox@149.0.2-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0.2-1%3Fdistro=sid
aliases CVE-2023-6870
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-4urd-zjpu-47ed
31
url VCID-4vps-3cxv-xyd5
vulnerability_id VCID-4vps-3cxv-xyd5
summary On Windows 10, when using the 'Save As' functionality, an attacker could have tricked the browser into saving the file with a disallowed extension such as .url by including an invalid character in the extension. *Note:* This issue only affected Windows operating systems. Other operating systems are unaffected.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-5692.json
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-5692.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2024-5692
reference_id
reference_type
scores
0
value 0.00316
scoring_system epss
scoring_elements 0.54726
published_at 2026-04-21T12:55:00Z
1
value 0.00316
scoring_system epss
scoring_elements 0.54742
published_at 2026-04-16T12:55:00Z
2
value 0.00316
scoring_system epss
scoring_elements 0.54745
published_at 2026-04-18T12:55:00Z
3
value 0.00413
scoring_system epss
scoring_elements 0.61521
published_at 2026-04-08T12:55:00Z
4
value 0.00413
scoring_system epss
scoring_elements 0.61475
published_at 2026-04-02T12:55:00Z
5
value 0.00413
scoring_system epss
scoring_elements 0.61503
published_at 2026-04-04T12:55:00Z
6
value 0.00413
scoring_system epss
scoring_elements 0.61473
published_at 2026-04-07T12:55:00Z
7
value 0.00413
scoring_system epss
scoring_elements 0.61536
published_at 2026-04-09T12:55:00Z
8
value 0.00413
scoring_system epss
scoring_elements 0.61524
published_at 2026-04-13T12:55:00Z
9
value 0.00413
scoring_system epss
scoring_elements 0.61544
published_at 2026-04-12T12:55:00Z
10
value 0.00413
scoring_system epss
scoring_elements 0.61557
published_at 2026-04-11T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2024-5692
2
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2291398
reference_id 2291398
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2291398
3
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2024-25
reference_id mfsa2024-25
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2024-25
4
reference_url https://www.mozilla.org/security/advisories/mfsa2024-25/
reference_id mfsa2024-25
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-01-09T16:54:09Z/
url https://www.mozilla.org/security/advisories/mfsa2024-25/
5
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2024-26
reference_id mfsa2024-26
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2024-26
6
reference_url https://www.mozilla.org/security/advisories/mfsa2024-26/
reference_id mfsa2024-26
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-01-09T16:54:09Z/
url https://www.mozilla.org/security/advisories/mfsa2024-26/
7
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2024-28
reference_id mfsa2024-28
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2024-28
8
reference_url https://www.mozilla.org/security/advisories/mfsa2024-28/
reference_id mfsa2024-28
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-01-09T16:54:09Z/
url https://www.mozilla.org/security/advisories/mfsa2024-28/
9
reference_url https://bugzilla.mozilla.org/show_bug.cgi?id=1891234
reference_id show_bug.cgi?id=1891234
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-01-09T16:54:09Z/
url https://bugzilla.mozilla.org/show_bug.cgi?id=1891234
fixed_packages
0
url pkg:deb/debian/firefox@150.0-1?distro=sid
purl pkg:deb/debian/firefox@150.0-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@150.0-1%3Fdistro=sid
1
url pkg:deb/debian/firefox@0?distro=sid
purl pkg:deb/debian/firefox@0?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@0%3Fdistro=sid
2
url pkg:deb/debian/firefox@149.0-1?distro=sid
purl pkg:deb/debian/firefox@149.0-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0-1%3Fdistro=sid
3
url pkg:deb/debian/firefox@149.0.2-1?distro=sid
purl pkg:deb/debian/firefox@149.0.2-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0.2-1%3Fdistro=sid
aliases CVE-2024-5692
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-4vps-3cxv-xyd5
32
url VCID-4w3q-eb6t-huam
vulnerability_id VCID-4w3q-eb6t-huam
summary When browsing private tabs, some data related to location history or webpage thumbnails could be persisted incorrectly within the sandboxed app bundle after app termination
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2024-38312
reference_id
reference_type
scores
0
value 0.00382
scoring_system epss
scoring_elements 0.59617
published_at 2026-04-21T12:55:00Z
1
value 0.00382
scoring_system epss
scoring_elements 0.5963
published_at 2026-04-11T12:55:00Z
2
value 0.00382
scoring_system epss
scoring_elements 0.59613
published_at 2026-04-12T12:55:00Z
3
value 0.00382
scoring_system epss
scoring_elements 0.59593
published_at 2026-04-13T12:55:00Z
4
value 0.00382
scoring_system epss
scoring_elements 0.59626
published_at 2026-04-16T12:55:00Z
5
value 0.00382
scoring_system epss
scoring_elements 0.59633
published_at 2026-04-18T12:55:00Z
6
value 0.00382
scoring_system epss
scoring_elements 0.59553
published_at 2026-04-02T12:55:00Z
7
value 0.00382
scoring_system epss
scoring_elements 0.59578
published_at 2026-04-04T12:55:00Z
8
value 0.00382
scoring_system epss
scoring_elements 0.59547
published_at 2026-04-07T12:55:00Z
9
value 0.00382
scoring_system epss
scoring_elements 0.59598
published_at 2026-04-08T12:55:00Z
10
value 0.00382
scoring_system epss
scoring_elements 0.59611
published_at 2026-04-09T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2024-38312
1
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2024-27
reference_id mfsa2024-27
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2024-27
2
reference_url https://www.mozilla.org/security/advisories/mfsa2024-27/
reference_id mfsa2024-27
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-08-05T19:02:31Z/
url https://www.mozilla.org/security/advisories/mfsa2024-27/
3
reference_url https://bugzilla.mozilla.org/show_bug.cgi?id=1878578
reference_id show_bug.cgi?id=1878578
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-08-05T19:02:31Z/
url https://bugzilla.mozilla.org/show_bug.cgi?id=1878578
fixed_packages
0
url pkg:deb/debian/firefox@150.0-1?distro=sid
purl pkg:deb/debian/firefox@150.0-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@150.0-1%3Fdistro=sid
1
url pkg:deb/debian/firefox@0?distro=sid
purl pkg:deb/debian/firefox@0?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@0%3Fdistro=sid
2
url pkg:deb/debian/firefox@149.0-1?distro=sid
purl pkg:deb/debian/firefox@149.0-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0-1%3Fdistro=sid
3
url pkg:deb/debian/firefox@149.0.2-1?distro=sid
purl pkg:deb/debian/firefox@149.0.2-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0.2-1%3Fdistro=sid
aliases CVE-2024-38312
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-4w3q-eb6t-huam
33
url VCID-511n-z57u-dqhb
vulnerability_id VCID-511n-z57u-dqhb
summary Multiple vulnerabilities have been discovered in Mozilla Firefox, the worst of which can lead to arbitrary code execution.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-1941.json
reference_id
reference_type
scores
0
value 5.4
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-1941.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2025-1941
reference_id
reference_type
scores
0
value 0.00066
scoring_system epss
scoring_elements 0.20488
published_at 2026-04-13T12:55:00Z
1
value 0.00066
scoring_system epss
scoring_elements 0.20542
published_at 2026-04-12T12:55:00Z
2
value 0.00066
scoring_system epss
scoring_elements 0.20473
published_at 2026-04-21T12:55:00Z
3
value 0.00066
scoring_system epss
scoring_elements 0.20476
published_at 2026-04-18T12:55:00Z
4
value 0.00066
scoring_system epss
scoring_elements 0.20478
published_at 2026-04-16T12:55:00Z
5
value 0.00155
scoring_system epss
scoring_elements 0.36267
published_at 2026-04-07T12:55:00Z
6
value 0.00155
scoring_system epss
scoring_elements 0.364
published_at 2026-04-02T12:55:00Z
7
value 0.00155
scoring_system epss
scoring_elements 0.36433
published_at 2026-04-04T12:55:00Z
8
value 0.00155
scoring_system epss
scoring_elements 0.36316
published_at 2026-04-08T12:55:00Z
9
value 0.00155
scoring_system epss
scoring_elements 0.36338
published_at 2026-04-09T12:55:00Z
10
value 0.00155
scoring_system epss
scoring_elements 0.36344
published_at 2026-04-11T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2025-1941
2
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2349785
reference_id 2349785
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2349785
3
reference_url https://security.gentoo.org/glsa/202505-02
reference_id GLSA-202505-02
reference_type
scores
url https://security.gentoo.org/glsa/202505-02
4
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2025-14
reference_id mfsa2025-14
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2025-14
5
reference_url https://www.mozilla.org/security/advisories/mfsa2025-14/
reference_id mfsa2025-14
reference_type
scores
0
value 9.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-03-04T15:46:47Z/
url https://www.mozilla.org/security/advisories/mfsa2025-14/
6
reference_url https://bugzilla.mozilla.org/show_bug.cgi?id=1944665
reference_id show_bug.cgi?id=1944665
reference_type
scores
0
value 9.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-03-04T15:46:47Z/
url https://bugzilla.mozilla.org/show_bug.cgi?id=1944665
fixed_packages
0
url pkg:deb/debian/firefox@150.0-1?distro=sid
purl pkg:deb/debian/firefox@150.0-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@150.0-1%3Fdistro=sid
1
url pkg:deb/debian/firefox@0?distro=sid
purl pkg:deb/debian/firefox@0?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@0%3Fdistro=sid
2
url pkg:deb/debian/firefox@149.0-1?distro=sid
purl pkg:deb/debian/firefox@149.0-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0-1%3Fdistro=sid
3
url pkg:deb/debian/firefox@149.0.2-1?distro=sid
purl pkg:deb/debian/firefox@149.0.2-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0.2-1%3Fdistro=sid
aliases CVE-2025-1941
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-511n-z57u-dqhb
34
url VCID-528r-jfhc-abdc
vulnerability_id VCID-528r-jfhc-abdc
summary Upon scanning a JavaScript URI with the QR code scanner, an attacker could have executed unauthorized scripts on the current top origin sites in the URL bar.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2024-26281
reference_id
reference_type
scores
0
value 0.0027
scoring_system epss
scoring_elements 0.50509
published_at 2026-04-21T12:55:00Z
1
value 0.0027
scoring_system epss
scoring_elements 0.50522
published_at 2026-04-11T12:55:00Z
2
value 0.0027
scoring_system epss
scoring_elements 0.50499
published_at 2026-04-12T12:55:00Z
3
value 0.0027
scoring_system epss
scoring_elements 0.50484
published_at 2026-04-13T12:55:00Z
4
value 0.0027
scoring_system epss
scoring_elements 0.50526
published_at 2026-04-16T12:55:00Z
5
value 0.0027
scoring_system epss
scoring_elements 0.50532
published_at 2026-04-18T12:55:00Z
6
value 0.0027
scoring_system epss
scoring_elements 0.50446
published_at 2026-04-02T12:55:00Z
7
value 0.0027
scoring_system epss
scoring_elements 0.50475
published_at 2026-04-04T12:55:00Z
8
value 0.0027
scoring_system epss
scoring_elements 0.50428
published_at 2026-04-07T12:55:00Z
9
value 0.0027
scoring_system epss
scoring_elements 0.50482
published_at 2026-04-08T12:55:00Z
10
value 0.0027
scoring_system epss
scoring_elements 0.50479
published_at 2026-04-09T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2024-26281
1
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2024-08
reference_id mfsa2024-08
reference_type
scores
0
value none
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2024-08
2
reference_url https://www.mozilla.org/security/advisories/mfsa2024-08/
reference_id mfsa2024-08
reference_type
scores
0
value 4.7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:N/I:L/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-22T17:07:34Z/
url https://www.mozilla.org/security/advisories/mfsa2024-08/
3
reference_url https://bugzilla.mozilla.org/show_bug.cgi?id=1868005
reference_id show_bug.cgi?id=1868005
reference_type
scores
0
value 4.7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:N/I:L/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-22T17:07:34Z/
url https://bugzilla.mozilla.org/show_bug.cgi?id=1868005
fixed_packages
0
url pkg:deb/debian/firefox@150.0-1?distro=sid
purl pkg:deb/debian/firefox@150.0-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@150.0-1%3Fdistro=sid
1
url pkg:deb/debian/firefox@0?distro=sid
purl pkg:deb/debian/firefox@0?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@0%3Fdistro=sid
2
url pkg:deb/debian/firefox@149.0-1?distro=sid
purl pkg:deb/debian/firefox@149.0-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0-1%3Fdistro=sid
3
url pkg:deb/debian/firefox@149.0.2-1?distro=sid
purl pkg:deb/debian/firefox@149.0.2-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0.2-1%3Fdistro=sid
aliases CVE-2024-26281
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-528r-jfhc-abdc
35
url VCID-5666-pp89-aqc2
vulnerability_id VCID-5666-pp89-aqc2
summary The 'Copy as cURL' feature of Devtools' network tab did not properly escape the HTTP method of a request, which can be controlled by the website. If a user used the 'Copy as cURL' feature and pasted the command into a terminal, it could have resulted in command injection and arbitrary command execution.*Note: this issue only affects Firefox on Windows operating systems.*
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-12393.json
reference_id
reference_type
scores
0
value 7.8
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-12393.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2020-12393
reference_id
reference_type
scores
0
value 0.0048
scoring_system epss
scoring_elements 0.65113
published_at 2026-04-21T12:55:00Z
1
value 0.0048
scoring_system epss
scoring_elements 0.65084
published_at 2026-04-13T12:55:00Z
2
value 0.0048
scoring_system epss
scoring_elements 0.6512
published_at 2026-04-16T12:55:00Z
3
value 0.0048
scoring_system epss
scoring_elements 0.65129
published_at 2026-04-18T12:55:00Z
4
value 0.0048
scoring_system epss
scoring_elements 0.65001
published_at 2026-04-01T12:55:00Z
5
value 0.0048
scoring_system epss
scoring_elements 0.65051
published_at 2026-04-02T12:55:00Z
6
value 0.0048
scoring_system epss
scoring_elements 0.65077
published_at 2026-04-04T12:55:00Z
7
value 0.0048
scoring_system epss
scoring_elements 0.6504
published_at 2026-04-07T12:55:00Z
8
value 0.0048
scoring_system epss
scoring_elements 0.6509
published_at 2026-04-08T12:55:00Z
9
value 0.0048
scoring_system epss
scoring_elements 0.65103
published_at 2026-04-09T12:55:00Z
10
value 0.0048
scoring_system epss
scoring_elements 0.65122
published_at 2026-04-11T12:55:00Z
11
value 0.0048
scoring_system epss
scoring_elements 0.65112
published_at 2026-04-12T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2020-12393
2
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1831946
reference_id 1831946
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1831946
3
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2020-16
reference_id mfsa2020-16
reference_type
scores
0
value critical
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2020-16
4
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2020-17
reference_id mfsa2020-17
reference_type
scores
0
value critical
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2020-17
5
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2020-18
reference_id mfsa2020-18
reference_type
scores
0
value critical
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2020-18
fixed_packages
0
url pkg:deb/debian/firefox@150.0-1?distro=sid
purl pkg:deb/debian/firefox@150.0-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@150.0-1%3Fdistro=sid
1
url pkg:deb/debian/firefox@0?distro=sid
purl pkg:deb/debian/firefox@0?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@0%3Fdistro=sid
2
url pkg:deb/debian/firefox@149.0-1?distro=sid
purl pkg:deb/debian/firefox@149.0-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0-1%3Fdistro=sid
3
url pkg:deb/debian/firefox@149.0.2-1?distro=sid
purl pkg:deb/debian/firefox@149.0.2-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0.2-1%3Fdistro=sid
aliases CVE-2020-12393
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-5666-pp89-aqc2
36
url VCID-566b-z61f-5kda
vulnerability_id VCID-566b-z61f-5kda
summary After selecting a malicious Windows .url shortcut from the local filesystem, an unexpected file could be uploaded. *This bug only affects Firefox on Windows. Other operating systems are unaffected.*
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2025-3033
reference_id
reference_type
scores
0
value 0.00076
scoring_system epss
scoring_elements 0.22794
published_at 2026-04-21T12:55:00Z
1
value 0.00076
scoring_system epss
scoring_elements 0.22771
published_at 2026-04-07T12:55:00Z
2
value 0.00076
scoring_system epss
scoring_elements 0.22845
published_at 2026-04-08T12:55:00Z
3
value 0.00076
scoring_system epss
scoring_elements 0.22898
published_at 2026-04-09T12:55:00Z
4
value 0.00076
scoring_system epss
scoring_elements 0.22919
published_at 2026-04-11T12:55:00Z
5
value 0.00076
scoring_system epss
scoring_elements 0.22882
published_at 2026-04-12T12:55:00Z
6
value 0.00076
scoring_system epss
scoring_elements 0.22825
published_at 2026-04-13T12:55:00Z
7
value 0.00076
scoring_system epss
scoring_elements 0.22839
published_at 2026-04-16T12:55:00Z
8
value 0.00076
scoring_system epss
scoring_elements 0.22833
published_at 2026-04-18T12:55:00Z
9
value 0.00076
scoring_system epss
scoring_elements 0.22934
published_at 2026-04-02T12:55:00Z
10
value 0.00076
scoring_system epss
scoring_elements 0.22979
published_at 2026-04-04T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2025-3033
1
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2025-20
reference_id mfsa2025-20
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2025-20
2
reference_url https://www.mozilla.org/security/advisories/mfsa2025-20/
reference_id mfsa2025-20
reference_type
scores
0
value 7.7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-01T18:32:22Z/
url https://www.mozilla.org/security/advisories/mfsa2025-20/
3
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2025-23
reference_id mfsa2025-23
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2025-23
4
reference_url https://www.mozilla.org/security/advisories/mfsa2025-23/
reference_id mfsa2025-23
reference_type
scores
0
value 7.7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-01T18:32:22Z/
url https://www.mozilla.org/security/advisories/mfsa2025-23/
5
reference_url https://bugzilla.mozilla.org/show_bug.cgi?id=1950056
reference_id show_bug.cgi?id=1950056
reference_type
scores
0
value 7.7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-01T18:32:22Z/
url https://bugzilla.mozilla.org/show_bug.cgi?id=1950056
fixed_packages
0
url pkg:deb/debian/firefox@150.0-1?distro=sid
purl pkg:deb/debian/firefox@150.0-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@150.0-1%3Fdistro=sid
1
url pkg:deb/debian/firefox@0?distro=sid
purl pkg:deb/debian/firefox@0?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@0%3Fdistro=sid
2
url pkg:deb/debian/firefox@149.0-1?distro=sid
purl pkg:deb/debian/firefox@149.0-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0-1%3Fdistro=sid
3
url pkg:deb/debian/firefox@149.0.2-1?distro=sid
purl pkg:deb/debian/firefox@149.0.2-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0.2-1%3Fdistro=sid
aliases CVE-2025-3033
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-566b-z61f-5kda
37
url VCID-57dt-91vn-pyfn
vulnerability_id VCID-57dt-91vn-pyfn
summary Multiple prompts and panels from both Firefox and the Android OS could be used to obscure the notification announcing the transition to fullscreen mode after the fix for CVE-2023-6870 in Firefox 121. This could lead to spoofing the browser UI if the sudden appearance of the prompt distracted the user from noticing the visual transition happening behind the prompt. These notifications now use the Android Toast feature. *This bug only affects Firefox on Android. Other operating systems are unaffected.*
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2024-8388
reference_id
reference_type
scores
0
value 0.0046
scoring_system epss
scoring_elements 0.64174
published_at 2026-04-18T12:55:00Z
1
value 0.0046
scoring_system epss
scoring_elements 0.64128
published_at 2026-04-04T12:55:00Z
2
value 0.0046
scoring_system epss
scoring_elements 0.64087
published_at 2026-04-07T12:55:00Z
3
value 0.0046
scoring_system epss
scoring_elements 0.64138
published_at 2026-04-08T12:55:00Z
4
value 0.0046
scoring_system epss
scoring_elements 0.64153
published_at 2026-04-09T12:55:00Z
5
value 0.0046
scoring_system epss
scoring_elements 0.64165
published_at 2026-04-11T12:55:00Z
6
value 0.0046
scoring_system epss
scoring_elements 0.64154
published_at 2026-04-12T12:55:00Z
7
value 0.0046
scoring_system epss
scoring_elements 0.64125
published_at 2026-04-13T12:55:00Z
8
value 0.0046
scoring_system epss
scoring_elements 0.64162
published_at 2026-04-21T12:55:00Z
9
value 0.0046
scoring_system epss
scoring_elements 0.64101
published_at 2026-04-02T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2024-8388
1
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:L
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
2
reference_url https://bugzilla.mozilla.org/buglist.cgi?bug_id=1839074%2C1865413%2C1868970%2C1873367%2C1877820%2C1884642%2C1886469%2C1894326%2C1894891%2C1897648
reference_id buglist.cgi?bug_id=1839074%2C1865413%2C1868970%2C1873367%2C1877820%2C1884642%2C1886469%2C1894326%2C1894891%2C1897648
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-03T15:39:33Z/
url https://bugzilla.mozilla.org/buglist.cgi?bug_id=1839074%2C1865413%2C1868970%2C1873367%2C1877820%2C1884642%2C1886469%2C1894326%2C1894891%2C1897648
3
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2024-39
reference_id mfsa2024-39
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2024-39
4
reference_url https://www.mozilla.org/security/advisories/mfsa2024-39/
reference_id mfsa2024-39
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-03T15:39:33Z/
url https://www.mozilla.org/security/advisories/mfsa2024-39/
5
reference_url https://bugzilla.mozilla.org/show_bug.cgi?id=1902996
reference_id show_bug.cgi?id=1902996
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-03T15:39:33Z/
url https://bugzilla.mozilla.org/show_bug.cgi?id=1902996
fixed_packages
0
url pkg:deb/debian/firefox@150.0-1?distro=sid
purl pkg:deb/debian/firefox@150.0-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@150.0-1%3Fdistro=sid
1
url pkg:deb/debian/firefox@0?distro=sid
purl pkg:deb/debian/firefox@0?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@0%3Fdistro=sid
2
url pkg:deb/debian/firefox@149.0-1?distro=sid
purl pkg:deb/debian/firefox@149.0-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0-1%3Fdistro=sid
3
url pkg:deb/debian/firefox@149.0.2-1?distro=sid
purl pkg:deb/debian/firefox@149.0.2-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0.2-1%3Fdistro=sid
aliases CVE-2024-8388
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-57dt-91vn-pyfn
38
url VCID-5aga-y5nk-5fha
vulnerability_id VCID-5aga-y5nk-5fha
summary 
A locally-installed hostile program could send `WM_COPYDATA` messages that Firefox would processing incorrectly, leading to an out-of-bounds read.
*This bug only affects Firefox on Windows. Other operating systems are unaffected.*
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-29964.json
reference_id
reference_type
scores
0
value 7.1
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-29964.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2021-29964
reference_id
reference_type
scores
0
value 0.00324
scoring_system epss
scoring_elements 0.55481
published_at 2026-04-21T12:55:00Z
1
value 0.00324
scoring_system epss
scoring_elements 0.5548
published_at 2026-04-12T12:55:00Z
2
value 0.00324
scoring_system epss
scoring_elements 0.55463
published_at 2026-04-13T12:55:00Z
3
value 0.00324
scoring_system epss
scoring_elements 0.55499
published_at 2026-04-16T12:55:00Z
4
value 0.00324
scoring_system epss
scoring_elements 0.55502
published_at 2026-04-18T12:55:00Z
5
value 0.00324
scoring_system epss
scoring_elements 0.55326
published_at 2026-04-01T12:55:00Z
6
value 0.00324
scoring_system epss
scoring_elements 0.55437
published_at 2026-04-02T12:55:00Z
7
value 0.00324
scoring_system epss
scoring_elements 0.55461
published_at 2026-04-04T12:55:00Z
8
value 0.00324
scoring_system epss
scoring_elements 0.5544
published_at 2026-04-07T12:55:00Z
9
value 0.00324
scoring_system epss
scoring_elements 0.55491
published_at 2026-04-09T12:55:00Z
10
value 0.00324
scoring_system epss
scoring_elements 0.55501
published_at 2026-04-11T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2021-29964
2
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1966830
reference_id 1966830
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1966830
3
reference_url https://security.archlinux.org/AVG-2019
reference_id AVG-2019
reference_type
scores
0
value High
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-2019
4
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2021-23
reference_id mfsa2021-23
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2021-23
5
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2021-24
reference_id mfsa2021-24
reference_type
scores
0
value none
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2021-24
6
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2021-26
reference_id mfsa2021-26
reference_type
scores
0
value none
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2021-26
fixed_packages
0
url pkg:deb/debian/firefox@150.0-1?distro=sid
purl pkg:deb/debian/firefox@150.0-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@150.0-1%3Fdistro=sid
1
url pkg:deb/debian/firefox@0?distro=sid
purl pkg:deb/debian/firefox@0?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@0%3Fdistro=sid
2
url pkg:deb/debian/firefox@149.0-1?distro=sid
purl pkg:deb/debian/firefox@149.0-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0-1%3Fdistro=sid
3
url pkg:deb/debian/firefox@149.0.2-1?distro=sid
purl pkg:deb/debian/firefox@149.0.2-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0.2-1%3Fdistro=sid
aliases CVE-2021-29964
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-5aga-y5nk-5fha
39
url VCID-5c1p-6gjw-wkgx
vulnerability_id VCID-5c1p-6gjw-wkgx
summary 
Multiple vulnerabilities have been found in Mozilla Thunderbird,
    the worst of which could lead to the execution of arbitrary code.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-12391.json
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-12391.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2018-12391
reference_id
reference_type
scores
0
value 0.00547
scoring_system epss
scoring_elements 0.679
published_at 2026-04-21T12:55:00Z
1
value 0.00547
scoring_system epss
scoring_elements 0.67882
published_at 2026-04-08T12:55:00Z
2
value 0.00547
scoring_system epss
scoring_elements 0.67895
published_at 2026-04-09T12:55:00Z
3
value 0.00547
scoring_system epss
scoring_elements 0.67919
published_at 2026-04-11T12:55:00Z
4
value 0.00547
scoring_system epss
scoring_elements 0.67906
published_at 2026-04-16T12:55:00Z
5
value 0.00547
scoring_system epss
scoring_elements 0.67869
published_at 2026-04-13T12:55:00Z
6
value 0.00547
scoring_system epss
scoring_elements 0.67918
published_at 2026-04-18T12:55:00Z
7
value 0.00547
scoring_system epss
scoring_elements 0.67798
published_at 2026-04-01T12:55:00Z
8
value 0.00547
scoring_system epss
scoring_elements 0.67832
published_at 2026-04-02T12:55:00Z
9
value 0.00547
scoring_system epss
scoring_elements 0.67851
published_at 2026-04-04T12:55:00Z
10
value 0.00547
scoring_system epss
scoring_elements 0.67831
published_at 2026-04-07T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2018-12391
2
reference_url https://bugzilla.mozilla.org/show_bug.cgi?id=1478843
reference_id
reference_type
scores
url https://bugzilla.mozilla.org/show_bug.cgi?id=1478843
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://www.mozilla.org/security/advisories/mfsa2018-26/
reference_id
reference_type
scores
url https://www.mozilla.org/security/advisories/mfsa2018-26/
5
reference_url https://www.mozilla.org/security/advisories/mfsa2018-27/
reference_id
reference_type
scores
url https://www.mozilla.org/security/advisories/mfsa2018-27/
6
reference_url https://www.mozilla.org/security/advisories/mfsa2018-28/
reference_id
reference_type
scores
url https://www.mozilla.org/security/advisories/mfsa2018-28/
7
reference_url http://www.securityfocus.com/bid/105718
reference_id
reference_type
scores
url http://www.securityfocus.com/bid/105718
8
reference_url http://www.securityfocus.com/bid/105769
reference_id
reference_type
scores
url http://www.securityfocus.com/bid/105769
9
reference_url http://www.securitytracker.com/id/1041944
reference_id
reference_type
scores
url http://www.securitytracker.com/id/1041944
10
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1642181
reference_id 1642181
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1642181
11
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*
reference_id cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*
12
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox_esr:*:*:*:*:*:*:*:*
reference_id cpe:2.3:a:mozilla:firefox_esr:*:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox_esr:*:*:*:*:*:*:*:*
13
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*
reference_id cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*
14
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:google:android:-:*:*:*:*:*:*:*
reference_id cpe:2.3:o:google:android:-:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:google:android:-:*:*:*:*:*:*:*
15
reference_url https://nvd.nist.gov/vuln/detail/CVE-2018-12391
reference_id CVE-2018-12391
reference_type
scores
0
value 9.3
scoring_system cvssv2
scoring_elements AV:N/AC:M/Au:N/C:C/I:C/A:C
1
value 8.8
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
url https://nvd.nist.gov/vuln/detail/CVE-2018-12391
16
reference_url https://security.gentoo.org/glsa/201811-13
reference_id GLSA-201811-13
reference_type
scores
url https://security.gentoo.org/glsa/201811-13
17
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2018-26
reference_id mfsa2018-26
reference_type
scores
0
value critical
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2018-26
18
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2018-27
reference_id mfsa2018-27
reference_type
scores
0
value critical
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2018-27
19
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2018-28
reference_id mfsa2018-28
reference_type
scores
0
value critical
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2018-28
fixed_packages
0
url pkg:deb/debian/firefox@150.0-1?distro=sid
purl pkg:deb/debian/firefox@150.0-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@150.0-1%3Fdistro=sid
1
url pkg:deb/debian/firefox@0?distro=sid
purl pkg:deb/debian/firefox@0?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@0%3Fdistro=sid
2
url pkg:deb/debian/firefox@149.0-1?distro=sid
purl pkg:deb/debian/firefox@149.0-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0-1%3Fdistro=sid
3
url pkg:deb/debian/firefox@149.0.2-1?distro=sid
purl pkg:deb/debian/firefox@149.0.2-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0.2-1%3Fdistro=sid
aliases CVE-2018-12391
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-5c1p-6gjw-wkgx
40
url VCID-5kuc-8g2u-8baq
vulnerability_id VCID-5kuc-8g2u-8baq
summary When a link can be opened in an external application, Firefox for Android will, by default, prompt the user before doing so. An attacker could have bypassed this prompt, potentially exposing the user to security vulnerabilities or privacy leaks in external applications. *This bug only affects Firefox for Android. Other versions of Firefox are unaffected.*
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-6431.json
reference_id
reference_type
scores
0
value 3.4
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-6431.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2025-6431
reference_id
reference_type
scores
0
value 0.00046
scoring_system epss
scoring_elements 0.14237
published_at 2026-04-09T12:55:00Z
1
value 0.00046
scoring_system epss
scoring_elements 0.14233
published_at 2026-04-02T12:55:00Z
2
value 0.00046
scoring_system epss
scoring_elements 0.14292
published_at 2026-04-04T12:55:00Z
3
value 0.00046
scoring_system epss
scoring_elements 0.14103
published_at 2026-04-07T12:55:00Z
4
value 0.00046
scoring_system epss
scoring_elements 0.14184
published_at 2026-04-08T12:55:00Z
5
value 0.0005
scoring_system epss
scoring_elements 0.15431
published_at 2026-04-12T12:55:00Z
6
value 0.0005
scoring_system epss
scoring_elements 0.1529
published_at 2026-04-18T12:55:00Z
7
value 0.0005
scoring_system epss
scoring_elements 0.15469
published_at 2026-04-11T12:55:00Z
8
value 0.0005
scoring_system epss
scoring_elements 0.15284
published_at 2026-04-16T12:55:00Z
9
value 0.0005
scoring_system epss
scoring_elements 0.15366
published_at 2026-04-13T12:55:00Z
10
value 0.00181
scoring_system epss
scoring_elements 0.39681
published_at 2026-04-21T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2025-6431
2
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:L/A:L
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
3
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2374564
reference_id 2374564
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2374564
4
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2025-51
reference_id mfsa2025-51
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2025-51
5
reference_url https://www.mozilla.org/security/advisories/mfsa2025-51/
reference_id mfsa2025-51
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-25T12:33:35Z/
url https://www.mozilla.org/security/advisories/mfsa2025-51/
6
reference_url https://bugzilla.mozilla.org/show_bug.cgi?id=1942716
reference_id show_bug.cgi?id=1942716
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-25T12:33:35Z/
url https://bugzilla.mozilla.org/show_bug.cgi?id=1942716
fixed_packages
0
url pkg:deb/debian/firefox@150.0-1?distro=sid
purl pkg:deb/debian/firefox@150.0-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@150.0-1%3Fdistro=sid
1
url pkg:deb/debian/firefox@0?distro=sid
purl pkg:deb/debian/firefox@0?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@0%3Fdistro=sid
2
url pkg:deb/debian/firefox@149.0-1?distro=sid
purl pkg:deb/debian/firefox@149.0-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0-1%3Fdistro=sid
3
url pkg:deb/debian/firefox@149.0.2-1?distro=sid
purl pkg:deb/debian/firefox@149.0.2-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0.2-1%3Fdistro=sid
aliases CVE-2025-6431
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-5kuc-8g2u-8baq
41
url VCID-5p2x-6brd-xfad
vulnerability_id VCID-5p2x-6brd-xfad
summary Default fonts on OS X display some Tibetan characters as whitespace. When used in the addressbar as part of an IDN this can be used for domain name spoofing attacks. *Note: This attack only affects OS X operating systems. Other operating systems are unaffected.*
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2017-7763
reference_id
reference_type
scores
0
value 0.00509
scoring_system epss
scoring_elements 0.66384
published_at 2026-04-21T12:55:00Z
1
value 0.00509
scoring_system epss
scoring_elements 0.66392
published_at 2026-04-11T12:55:00Z
2
value 0.00509
scoring_system epss
scoring_elements 0.66378
published_at 2026-04-12T12:55:00Z
3
value 0.00509
scoring_system epss
scoring_elements 0.66348
published_at 2026-04-13T12:55:00Z
4
value 0.00509
scoring_system epss
scoring_elements 0.66383
published_at 2026-04-16T12:55:00Z
5
value 0.00509
scoring_system epss
scoring_elements 0.66399
published_at 2026-04-18T12:55:00Z
6
value 0.00509
scoring_system epss
scoring_elements 0.66274
published_at 2026-04-01T12:55:00Z
7
value 0.00509
scoring_system epss
scoring_elements 0.66313
published_at 2026-04-02T12:55:00Z
8
value 0.00509
scoring_system epss
scoring_elements 0.6634
published_at 2026-04-04T12:55:00Z
9
value 0.00509
scoring_system epss
scoring_elements 0.6631
published_at 2026-04-07T12:55:00Z
10
value 0.00509
scoring_system epss
scoring_elements 0.66358
published_at 2026-04-08T12:55:00Z
11
value 0.00509
scoring_system epss
scoring_elements 0.66372
published_at 2026-04-09T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2017-7763
1
reference_url https://bugzilla.mozilla.org/show_bug.cgi?id=1360309
reference_id
reference_type
scores
url https://bugzilla.mozilla.org/show_bug.cgi?id=1360309
2
reference_url https://www.mozilla.org/security/advisories/mfsa2017-15/
reference_id
reference_type
scores
url https://www.mozilla.org/security/advisories/mfsa2017-15/
3
reference_url https://www.mozilla.org/security/advisories/mfsa2017-16/
reference_id
reference_type
scores
url https://www.mozilla.org/security/advisories/mfsa2017-16/
4
reference_url https://www.mozilla.org/security/advisories/mfsa2017-17/
reference_id
reference_type
scores
url https://www.mozilla.org/security/advisories/mfsa2017-17/
5
reference_url http://www.securityfocus.com/bid/99057
reference_id
reference_type
scores
url http://www.securityfocus.com/bid/99057
6
reference_url http://www.securitytracker.com/id/1038689
reference_id
reference_type
scores
url http://www.securitytracker.com/id/1038689
7
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*
reference_id cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*
8
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*
reference_id cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*
9
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*
reference_id cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*
10
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*
reference_id cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*
11
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*
reference_id cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*
12
reference_url https://nvd.nist.gov/vuln/detail/CVE-2017-7763
reference_id CVE-2017-7763
reference_type
scores
0
value 5.0
scoring_system cvssv2
scoring_elements AV:N/AC:L/Au:N/C:N/I:P/A:N
1
value 5.3
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
url https://nvd.nist.gov/vuln/detail/CVE-2017-7763
13
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2017-15
reference_id mfsa2017-15
reference_type
scores
0
value critical
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2017-15
14
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2017-16
reference_id mfsa2017-16
reference_type
scores
0
value critical
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2017-16
15
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2017-17
reference_id mfsa2017-17
reference_type
scores
0
value critical
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2017-17
fixed_packages
0
url pkg:deb/debian/firefox@150.0-1?distro=sid
purl pkg:deb/debian/firefox@150.0-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@150.0-1%3Fdistro=sid
1
url pkg:deb/debian/firefox@0?distro=sid
purl pkg:deb/debian/firefox@0?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@0%3Fdistro=sid
2
url pkg:deb/debian/firefox@149.0-1?distro=sid
purl pkg:deb/debian/firefox@149.0-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0-1%3Fdistro=sid
3
url pkg:deb/debian/firefox@149.0.2-1?distro=sid
purl pkg:deb/debian/firefox@149.0.2-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0.2-1%3Fdistro=sid
aliases CVE-2017-7763
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-5p2x-6brd-xfad
42
url VCID-5srb-q1nd-1qfh
vulnerability_id VCID-5srb-q1nd-1qfh
summary A buffer overflow occurs when drawing and validating elements using Direct 3D 9 with the ANGLE graphics library, used for WebGL content. This is due to an incorrect value being passed within the library during checks and results in a potentially exploitable crash. *Note: This attack only affects Windows operating systems. Other operating systems are unaffected.*
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2017-7845
reference_id
reference_type
scores
0
value 0.00763
scoring_system epss
scoring_elements 0.73447
published_at 2026-04-21T12:55:00Z
1
value 0.00763
scoring_system epss
scoring_elements 0.73431
published_at 2026-04-11T12:55:00Z
2
value 0.00763
scoring_system epss
scoring_elements 0.7341
published_at 2026-04-12T12:55:00Z
3
value 0.00763
scoring_system epss
scoring_elements 0.73403
published_at 2026-04-13T12:55:00Z
4
value 0.00763
scoring_system epss
scoring_elements 0.73445
published_at 2026-04-16T12:55:00Z
5
value 0.00763
scoring_system epss
scoring_elements 0.73453
published_at 2026-04-18T12:55:00Z
6
value 0.00763
scoring_system epss
scoring_elements 0.73352
published_at 2026-04-01T12:55:00Z
7
value 0.00763
scoring_system epss
scoring_elements 0.73362
published_at 2026-04-02T12:55:00Z
8
value 0.00763
scoring_system epss
scoring_elements 0.73386
published_at 2026-04-04T12:55:00Z
9
value 0.00763
scoring_system epss
scoring_elements 0.73357
published_at 2026-04-07T12:55:00Z
10
value 0.00763
scoring_system epss
scoring_elements 0.73394
published_at 2026-04-08T12:55:00Z
11
value 0.00763
scoring_system epss
scoring_elements 0.73407
published_at 2026-04-09T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2017-7845
1
reference_url https://bugzilla.mozilla.org/show_bug.cgi?id=1402372
reference_id
reference_type
scores
url https://bugzilla.mozilla.org/show_bug.cgi?id=1402372
2
reference_url https://www.mozilla.org/security/advisories/mfsa2017-28/
reference_id
reference_type
scores
url https://www.mozilla.org/security/advisories/mfsa2017-28/
3
reference_url https://www.mozilla.org/security/advisories/mfsa2017-29/
reference_id
reference_type
scores
url https://www.mozilla.org/security/advisories/mfsa2017-29/
4
reference_url https://www.mozilla.org/security/advisories/mfsa2017-30/
reference_id
reference_type
scores
url https://www.mozilla.org/security/advisories/mfsa2017-30/
5
reference_url http://www.securityfocus.com/bid/102115
reference_id
reference_type
scores
url http://www.securityfocus.com/bid/102115
6
reference_url http://www.securitytracker.com/id/1040123
reference_id
reference_type
scores
url http://www.securitytracker.com/id/1040123
7
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*
reference_id cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*
8
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*
reference_id cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*
9
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*
reference_id cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*
10
reference_url https://nvd.nist.gov/vuln/detail/CVE-2017-7845
reference_id CVE-2017-7845
reference_type
scores
0
value 9.3
scoring_system cvssv2
scoring_elements AV:N/AC:M/Au:N/C:C/I:C/A:C
1
value 8.8
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
url https://nvd.nist.gov/vuln/detail/CVE-2017-7845
11
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2017-28
reference_id mfsa2017-28
reference_type
scores
0
value critical
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2017-28
12
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2017-29
reference_id mfsa2017-29
reference_type
scores
0
value critical
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2017-29
13
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2017-30
reference_id mfsa2017-30
reference_type
scores
0
value critical
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2017-30
fixed_packages
0
url pkg:deb/debian/firefox@150.0-1?distro=sid
purl pkg:deb/debian/firefox@150.0-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@150.0-1%3Fdistro=sid
1
url pkg:deb/debian/firefox@0?distro=sid
purl pkg:deb/debian/firefox@0?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@0%3Fdistro=sid
2
url pkg:deb/debian/firefox@149.0-1?distro=sid
purl pkg:deb/debian/firefox@149.0-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0-1%3Fdistro=sid
3
url pkg:deb/debian/firefox@149.0.2-1?distro=sid
purl pkg:deb/debian/firefox@149.0.2-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0.2-1%3Fdistro=sid
aliases CVE-2017-7845
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-5srb-q1nd-1qfh
43
url VCID-5vfr-zqvb-ykdv
vulnerability_id VCID-5vfr-zqvb-ykdv
summary Links in a sandboxed iframe could open an external app on Android without the required "allow-" permission.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2025-11716
reference_id
reference_type
scores
0
value 0.00028
scoring_system epss
scoring_elements 0.08104
published_at 2026-04-21T12:55:00Z
1
value 0.00028
scoring_system epss
scoring_elements 0.08018
published_at 2026-04-07T12:55:00Z
2
value 0.00028
scoring_system epss
scoring_elements 0.08079
published_at 2026-04-08T12:55:00Z
3
value 0.00028
scoring_system epss
scoring_elements 0.08102
published_at 2026-04-09T12:55:00Z
4
value 0.00028
scoring_system epss
scoring_elements 0.08092
published_at 2026-04-11T12:55:00Z
5
value 0.00028
scoring_system epss
scoring_elements 0.08072
published_at 2026-04-12T12:55:00Z
6
value 0.00028
scoring_system epss
scoring_elements 0.08056
published_at 2026-04-13T12:55:00Z
7
value 0.00028
scoring_system epss
scoring_elements 0.07961
published_at 2026-04-16T12:55:00Z
8
value 0.00028
scoring_system epss
scoring_elements 0.07945
published_at 2026-04-18T12:55:00Z
9
value 0.00028
scoring_system epss
scoring_elements 0.08014
published_at 2026-04-02T12:55:00Z
10
value 0.00028
scoring_system epss
scoring_elements 0.08058
published_at 2026-04-04T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2025-11716
1
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2025-81
reference_id mfsa2025-81
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2025-81
2
reference_url https://www.mozilla.org/security/advisories/mfsa2025-81/
reference_id mfsa2025-81
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-10-15T13:21:06Z/
url https://www.mozilla.org/security/advisories/mfsa2025-81/
3
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2025-84
reference_id mfsa2025-84
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2025-84
4
reference_url https://www.mozilla.org/security/advisories/mfsa2025-84/
reference_id mfsa2025-84
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-10-15T13:21:06Z/
url https://www.mozilla.org/security/advisories/mfsa2025-84/
5
reference_url https://bugzilla.mozilla.org/show_bug.cgi?id=1818679
reference_id show_bug.cgi?id=1818679
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-10-15T13:21:06Z/
url https://bugzilla.mozilla.org/show_bug.cgi?id=1818679
fixed_packages
0
url pkg:deb/debian/firefox@150.0-1?distro=sid
purl pkg:deb/debian/firefox@150.0-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@150.0-1%3Fdistro=sid
1
url pkg:deb/debian/firefox@0?distro=sid
purl pkg:deb/debian/firefox@0?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@0%3Fdistro=sid
2
url pkg:deb/debian/firefox@149.0-1?distro=sid
purl pkg:deb/debian/firefox@149.0-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0-1%3Fdistro=sid
3
url pkg:deb/debian/firefox@149.0.2-1?distro=sid
purl pkg:deb/debian/firefox@149.0.2-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0.2-1%3Fdistro=sid
aliases CVE-2025-11716
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-5vfr-zqvb-ykdv
44
url VCID-5wtc-metc-wfb1
vulnerability_id VCID-5wtc-metc-wfb1
summary If an insecure element was added to a page after a delay, Firefox would not replace the secure icon with a mixed content security status
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2024-31392
reference_id
reference_type
scores
0
value 0.00475
scoring_system epss
scoring_elements 0.64832
published_at 2026-04-21T12:55:00Z
1
value 0.00475
scoring_system epss
scoring_elements 0.64835
published_at 2026-04-11T12:55:00Z
2
value 0.00475
scoring_system epss
scoring_elements 0.64824
published_at 2026-04-12T12:55:00Z
3
value 0.00475
scoring_system epss
scoring_elements 0.64796
published_at 2026-04-13T12:55:00Z
4
value 0.00475
scoring_system epss
scoring_elements 0.64834
published_at 2026-04-16T12:55:00Z
5
value 0.00475
scoring_system epss
scoring_elements 0.64845
published_at 2026-04-18T12:55:00Z
6
value 0.00475
scoring_system epss
scoring_elements 0.64763
published_at 2026-04-02T12:55:00Z
7
value 0.00475
scoring_system epss
scoring_elements 0.64792
published_at 2026-04-04T12:55:00Z
8
value 0.00475
scoring_system epss
scoring_elements 0.64755
published_at 2026-04-07T12:55:00Z
9
value 0.00475
scoring_system epss
scoring_elements 0.64804
published_at 2026-04-08T12:55:00Z
10
value 0.00475
scoring_system epss
scoring_elements 0.64819
published_at 2026-04-09T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2024-31392
1
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2024-17
reference_id mfsa2024-17
reference_type
scores
0
value none
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2024-17
2
reference_url https://www.mozilla.org/security/advisories/mfsa2024-17/
reference_id mfsa2024-17
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-30T16:15:24Z/
url https://www.mozilla.org/security/advisories/mfsa2024-17/
3
reference_url https://bugzilla.mozilla.org/show_bug.cgi?id=1875925
reference_id show_bug.cgi?id=1875925
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-30T16:15:24Z/
url https://bugzilla.mozilla.org/show_bug.cgi?id=1875925
fixed_packages
0
url pkg:deb/debian/firefox@150.0-1?distro=sid
purl pkg:deb/debian/firefox@150.0-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@150.0-1%3Fdistro=sid
1
url pkg:deb/debian/firefox@0?distro=sid
purl pkg:deb/debian/firefox@0?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@0%3Fdistro=sid
2
url pkg:deb/debian/firefox@149.0-1?distro=sid
purl pkg:deb/debian/firefox@149.0-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0-1%3Fdistro=sid
3
url pkg:deb/debian/firefox@149.0.2-1?distro=sid
purl pkg:deb/debian/firefox@149.0.2-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0.2-1%3Fdistro=sid
aliases CVE-2024-31392
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-5wtc-metc-wfb1
45
url VCID-5zmj-5xkc-zkgc
vulnerability_id VCID-5zmj-5xkc-zkgc
summary A vulnerability exists in the Windows sandbox where an uninitialized value in memory can be leaked to a renderer from a broker when making a call to access an otherwise unavailable file. This results in the potential leaking of information stored at that memory location. *Note: this issue only occurs on Windows. Other operating systems are unaffected.*
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-11694.json
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-11694.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2019-11694
reference_id
reference_type
scores
0
value 0.00398
scoring_system epss
scoring_elements 0.60616
published_at 2026-04-21T12:55:00Z
1
value 0.00398
scoring_system epss
scoring_elements 0.60603
published_at 2026-04-12T12:55:00Z
2
value 0.00398
scoring_system epss
scoring_elements 0.60582
published_at 2026-04-13T12:55:00Z
3
value 0.00398
scoring_system epss
scoring_elements 0.60623
published_at 2026-04-16T12:55:00Z
4
value 0.00398
scoring_system epss
scoring_elements 0.60628
published_at 2026-04-18T12:55:00Z
5
value 0.00398
scoring_system epss
scoring_elements 0.60458
published_at 2026-04-01T12:55:00Z
6
value 0.00398
scoring_system epss
scoring_elements 0.60534
published_at 2026-04-02T12:55:00Z
7
value 0.00398
scoring_system epss
scoring_elements 0.6056
published_at 2026-04-04T12:55:00Z
8
value 0.00398
scoring_system epss
scoring_elements 0.60529
published_at 2026-04-07T12:55:00Z
9
value 0.00398
scoring_system epss
scoring_elements 0.60578
published_at 2026-04-08T12:55:00Z
10
value 0.00398
scoring_system epss
scoring_elements 0.60594
published_at 2026-04-09T12:55:00Z
11
value 0.00398
scoring_system epss
scoring_elements 0.60618
published_at 2026-04-11T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2019-11694
2
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
3
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1712620
reference_id 1712620
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1712620
4
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2019-13
reference_id mfsa2019-13
reference_type
scores
0
value critical
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2019-13
5
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2019-14
reference_id mfsa2019-14
reference_type
scores
0
value critical
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2019-14
6
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2019-15
reference_id mfsa2019-15
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2019-15
fixed_packages
0
url pkg:deb/debian/firefox@150.0-1?distro=sid
purl pkg:deb/debian/firefox@150.0-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@150.0-1%3Fdistro=sid
1
url pkg:deb/debian/firefox@0?distro=sid
purl pkg:deb/debian/firefox@0?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@0%3Fdistro=sid
2
url pkg:deb/debian/firefox@149.0-1?distro=sid
purl pkg:deb/debian/firefox@149.0-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0-1%3Fdistro=sid
3
url pkg:deb/debian/firefox@149.0.2-1?distro=sid
purl pkg:deb/debian/firefox@149.0.2-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0.2-1%3Fdistro=sid
aliases CVE-2019-11694
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-5zmj-5xkc-zkgc
46
url VCID-65u4-c84h-qqa1
vulnerability_id VCID-65u4-c84h-qqa1
summary Multiple vulnerabilities have been discovered in Mozilla Firefox, the worst of which could lead to remote code execution.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2024-4766
reference_id
reference_type
scores
0
value 0.00333
scoring_system epss
scoring_elements 0.56204
published_at 2026-04-21T12:55:00Z
1
value 0.00333
scoring_system epss
scoring_elements 0.56196
published_at 2026-04-04T12:55:00Z
2
value 0.00333
scoring_system epss
scoring_elements 0.56227
published_at 2026-04-08T12:55:00Z
3
value 0.00333
scoring_system epss
scoring_elements 0.56232
published_at 2026-04-09T12:55:00Z
4
value 0.00333
scoring_system epss
scoring_elements 0.56242
published_at 2026-04-11T12:55:00Z
5
value 0.00333
scoring_system epss
scoring_elements 0.56218
published_at 2026-04-12T12:55:00Z
6
value 0.00333
scoring_system epss
scoring_elements 0.56201
published_at 2026-04-13T12:55:00Z
7
value 0.00333
scoring_system epss
scoring_elements 0.56234
published_at 2026-04-16T12:55:00Z
8
value 0.00333
scoring_system epss
scoring_elements 0.56236
published_at 2026-04-18T12:55:00Z
9
value 0.00333
scoring_system epss
scoring_elements 0.56175
published_at 2026-04-07T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2024-4766
1
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 3.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
2
reference_url https://security.gentoo.org/glsa/202408-02
reference_id GLSA-202408-02
reference_type
scores
url https://security.gentoo.org/glsa/202408-02
3
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2024-21
reference_id mfsa2024-21
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2024-21
4
reference_url https://www.mozilla.org/security/advisories/mfsa2024-21/
reference_id mfsa2024-21
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-05-24T16:35:57Z/
url https://www.mozilla.org/security/advisories/mfsa2024-21/
5
reference_url https://bugzilla.mozilla.org/show_bug.cgi?id=1871214
reference_id show_bug.cgi?id=1871214
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-05-24T16:35:57Z/
url https://bugzilla.mozilla.org/show_bug.cgi?id=1871214
6
reference_url https://bugzilla.mozilla.org/show_bug.cgi?id=1871217
reference_id show_bug.cgi?id=1871217
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-05-24T16:35:57Z/
url https://bugzilla.mozilla.org/show_bug.cgi?id=1871217
fixed_packages
0
url pkg:deb/debian/firefox@150.0-1?distro=sid
purl pkg:deb/debian/firefox@150.0-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@150.0-1%3Fdistro=sid
1
url pkg:deb/debian/firefox@0?distro=sid
purl pkg:deb/debian/firefox@0?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@0%3Fdistro=sid
2
url pkg:deb/debian/firefox@149.0-1?distro=sid
purl pkg:deb/debian/firefox@149.0-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0-1%3Fdistro=sid
3
url pkg:deb/debian/firefox@149.0.2-1?distro=sid
purl pkg:deb/debian/firefox@149.0.2-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0.2-1%3Fdistro=sid
aliases CVE-2024-4766
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-65u4-c84h-qqa1
47
url VCID-6rpt-16pv-yfar
vulnerability_id VCID-6rpt-16pv-yfar
summary The Firefox installer on Windows can be made to load malicious DLL files stored in the same directory as the installer when it is run. This allows privileged execution if the installer is run with elevated privileges. *Note: This attack only affects Windows operating systems. Other operating systems are unaffected.*
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2017-7755
reference_id
reference_type
scores
0
value 0.00765
scoring_system epss
scoring_elements 0.73477
published_at 2026-04-21T12:55:00Z
1
value 0.00765
scoring_system epss
scoring_elements 0.7346
published_at 2026-04-11T12:55:00Z
2
value 0.00765
scoring_system epss
scoring_elements 0.7344
published_at 2026-04-12T12:55:00Z
3
value 0.00765
scoring_system epss
scoring_elements 0.73432
published_at 2026-04-13T12:55:00Z
4
value 0.00765
scoring_system epss
scoring_elements 0.73475
published_at 2026-04-16T12:55:00Z
5
value 0.00765
scoring_system epss
scoring_elements 0.73484
published_at 2026-04-18T12:55:00Z
6
value 0.00765
scoring_system epss
scoring_elements 0.73383
published_at 2026-04-01T12:55:00Z
7
value 0.00765
scoring_system epss
scoring_elements 0.73391
published_at 2026-04-02T12:55:00Z
8
value 0.00765
scoring_system epss
scoring_elements 0.73414
published_at 2026-04-04T12:55:00Z
9
value 0.00765
scoring_system epss
scoring_elements 0.73386
published_at 2026-04-07T12:55:00Z
10
value 0.00765
scoring_system epss
scoring_elements 0.73423
published_at 2026-04-08T12:55:00Z
11
value 0.00765
scoring_system epss
scoring_elements 0.73437
published_at 2026-04-09T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2017-7755
1
reference_url https://bugzilla.mozilla.org/show_bug.cgi?id=1361326
reference_id
reference_type
scores
url https://bugzilla.mozilla.org/show_bug.cgi?id=1361326
2
reference_url https://www.mozilla.org/security/advisories/mfsa2017-15/
reference_id
reference_type
scores
url https://www.mozilla.org/security/advisories/mfsa2017-15/
3
reference_url https://www.mozilla.org/security/advisories/mfsa2017-16/
reference_id
reference_type
scores
url https://www.mozilla.org/security/advisories/mfsa2017-16/
4
reference_url https://www.mozilla.org/security/advisories/mfsa2017-17/
reference_id
reference_type
scores
url https://www.mozilla.org/security/advisories/mfsa2017-17/
5
reference_url http://www.securityfocus.com/bid/99057
reference_id
reference_type
scores
url http://www.securityfocus.com/bid/99057
6
reference_url http://www.securitytracker.com/id/1038689
reference_id
reference_type
scores
url http://www.securitytracker.com/id/1038689
7
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*
reference_id cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*
8
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*
reference_id cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*
9
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*
reference_id cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*
10
reference_url https://nvd.nist.gov/vuln/detail/CVE-2017-7755
reference_id CVE-2017-7755
reference_type
scores
0
value 6.8
scoring_system cvssv2
scoring_elements AV:N/AC:M/Au:N/C:P/I:P/A:P
1
value 7.8
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
url https://nvd.nist.gov/vuln/detail/CVE-2017-7755
11
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2017-15
reference_id mfsa2017-15
reference_type
scores
0
value critical
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2017-15
12
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2017-16
reference_id mfsa2017-16
reference_type
scores
0
value critical
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2017-16
13
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2017-17
reference_id mfsa2017-17
reference_type
scores
0
value critical
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2017-17
fixed_packages
0
url pkg:deb/debian/firefox@150.0-1?distro=sid
purl pkg:deb/debian/firefox@150.0-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@150.0-1%3Fdistro=sid
1
url pkg:deb/debian/firefox@0?distro=sid
purl pkg:deb/debian/firefox@0?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@0%3Fdistro=sid
2
url pkg:deb/debian/firefox@149.0-1?distro=sid
purl pkg:deb/debian/firefox@149.0-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0-1%3Fdistro=sid
3
url pkg:deb/debian/firefox@149.0.2-1?distro=sid
purl pkg:deb/debian/firefox@149.0.2-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0.2-1%3Fdistro=sid
aliases CVE-2017-7755
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-6rpt-16pv-yfar
48
url VCID-6uth-8k3d-7qdj
vulnerability_id VCID-6uth-8k3d-7qdj
summary 
Multiple vulnerabilities have been found in Mozilla Firefox, the
    worst of which may allow execution of arbitrary code.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-12381.json
reference_id
reference_type
scores
0
value 4.4
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-12381.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2018-12381
reference_id
reference_type
scores
0
value 0.00637
scoring_system epss
scoring_elements 0.7053
published_at 2026-04-18T12:55:00Z
1
value 0.00637
scoring_system epss
scoring_elements 0.70479
published_at 2026-04-13T12:55:00Z
2
value 0.00637
scoring_system epss
scoring_elements 0.70522
published_at 2026-04-16T12:55:00Z
3
value 0.00637
scoring_system epss
scoring_elements 0.70415
published_at 2026-04-01T12:55:00Z
4
value 0.00637
scoring_system epss
scoring_elements 0.70429
published_at 2026-04-02T12:55:00Z
5
value 0.00637
scoring_system epss
scoring_elements 0.70446
published_at 2026-04-04T12:55:00Z
6
value 0.00637
scoring_system epss
scoring_elements 0.70424
published_at 2026-04-07T12:55:00Z
7
value 0.00637
scoring_system epss
scoring_elements 0.70469
published_at 2026-04-08T12:55:00Z
8
value 0.00637
scoring_system epss
scoring_elements 0.70485
published_at 2026-04-09T12:55:00Z
9
value 0.00637
scoring_system epss
scoring_elements 0.70509
published_at 2026-04-21T12:55:00Z
10
value 0.00637
scoring_system epss
scoring_elements 0.70494
published_at 2026-04-12T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2018-12381
2
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1625529
reference_id 1625529
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1625529
3
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2018-20
reference_id mfsa2018-20
reference_type
scores
0
value critical
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2018-20
4
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2018-21
reference_id mfsa2018-21
reference_type
scores
0
value critical
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2018-21
fixed_packages
0
url pkg:deb/debian/firefox@150.0-1?distro=sid
purl pkg:deb/debian/firefox@150.0-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@150.0-1%3Fdistro=sid
1
url pkg:deb/debian/firefox@0?distro=sid
purl pkg:deb/debian/firefox@0?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@0%3Fdistro=sid
2
url pkg:deb/debian/firefox@149.0-1?distro=sid
purl pkg:deb/debian/firefox@149.0-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0-1%3Fdistro=sid
3
url pkg:deb/debian/firefox@149.0.2-1?distro=sid
purl pkg:deb/debian/firefox@149.0.2-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0.2-1%3Fdistro=sid
aliases CVE-2018-12381
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-6uth-8k3d-7qdj
49
url VCID-6zjy-1agk-nbd9
vulnerability_id VCID-6zjy-1agk-nbd9
summary Multiple vulnerabilities have been discovered in Mozilla Thunderbird, the worst of which could lead to remote code execution.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-5174.json
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-5174.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2023-5174
reference_id
reference_type
scores
0
value 0.00445
scoring_system epss
scoring_elements 0.63452
published_at 2026-04-21T12:55:00Z
1
value 0.00445
scoring_system epss
scoring_elements 0.63466
published_at 2026-04-18T12:55:00Z
2
value 0.00445
scoring_system epss
scoring_elements 0.63397
published_at 2026-04-02T12:55:00Z
3
value 0.00445
scoring_system epss
scoring_elements 0.63458
published_at 2026-04-16T12:55:00Z
4
value 0.00445
scoring_system epss
scoring_elements 0.6346
published_at 2026-04-12T12:55:00Z
5
value 0.00445
scoring_system epss
scoring_elements 0.63476
published_at 2026-04-11T12:55:00Z
6
value 0.00445
scoring_system epss
scoring_elements 0.6339
published_at 2026-04-07T12:55:00Z
7
value 0.00445
scoring_system epss
scoring_elements 0.63441
published_at 2026-04-08T12:55:00Z
8
value 0.00445
scoring_system epss
scoring_elements 0.63424
published_at 2026-04-13T12:55:00Z
9
value 0.00445
scoring_system epss
scoring_elements 0.63459
published_at 2026-04-09T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2023-5174
2
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2240895
reference_id 2240895
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2240895
3
reference_url https://security.gentoo.org/glsa/202402-25
reference_id GLSA-202402-25
reference_type
scores
url https://security.gentoo.org/glsa/202402-25
4
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2023-41
reference_id mfsa2023-41
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2023-41
5
reference_url https://www.mozilla.org/security/advisories/mfsa2023-41/
reference_id mfsa2023-41
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-04-23T13:27:08Z/
url https://www.mozilla.org/security/advisories/mfsa2023-41/
6
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2023-42
reference_id mfsa2023-42
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2023-42
7
reference_url https://www.mozilla.org/security/advisories/mfsa2023-42/
reference_id mfsa2023-42
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-04-23T13:27:08Z/
url https://www.mozilla.org/security/advisories/mfsa2023-42/
8
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2023-43
reference_id mfsa2023-43
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2023-43
9
reference_url https://www.mozilla.org/security/advisories/mfsa2023-43/
reference_id mfsa2023-43
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-04-23T13:27:08Z/
url https://www.mozilla.org/security/advisories/mfsa2023-43/
10
reference_url https://bugzilla.mozilla.org/show_bug.cgi?id=1848454
reference_id show_bug.cgi?id=1848454
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-04-23T13:27:08Z/
url https://bugzilla.mozilla.org/show_bug.cgi?id=1848454
fixed_packages
0
url pkg:deb/debian/firefox@150.0-1?distro=sid
purl pkg:deb/debian/firefox@150.0-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@150.0-1%3Fdistro=sid
1
url pkg:deb/debian/firefox@0?distro=sid
purl pkg:deb/debian/firefox@0?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@0%3Fdistro=sid
2
url pkg:deb/debian/firefox@149.0-1?distro=sid
purl pkg:deb/debian/firefox@149.0-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0-1%3Fdistro=sid
3
url pkg:deb/debian/firefox@149.0.2-1?distro=sid
purl pkg:deb/debian/firefox@149.0.2-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0.2-1%3Fdistro=sid
aliases CVE-2023-5174
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-6zjy-1agk-nbd9
50
url VCID-754j-7erb-z7ae
vulnerability_id VCID-754j-7erb-z7ae
summary Mozilla Firefox's update mechanism allowed a medium-integrity user process to interfere with the SYSTEM-level updater by manipulating the file-locking behavior. By injecting code into the user-privileged process, an attacker could bypass intended access controls, allowing SYSTEM-level file operations on paths controlled by a non-privileged user and enabling privilege escalation.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-2817.json
reference_id
reference_type
scores
0
value 8.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-2817.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2025-2817
reference_id
reference_type
scores
0
value 0.00378
scoring_system epss
scoring_elements 0.59359
published_at 2026-04-21T12:55:00Z
1
value 0.00378
scoring_system epss
scoring_elements 0.59378
published_at 2026-04-18T12:55:00Z
2
value 0.00378
scoring_system epss
scoring_elements 0.59326
published_at 2026-04-04T12:55:00Z
3
value 0.00378
scoring_system epss
scoring_elements 0.59339
published_at 2026-04-13T12:55:00Z
4
value 0.00378
scoring_system epss
scoring_elements 0.59357
published_at 2026-04-12T12:55:00Z
5
value 0.00378
scoring_system epss
scoring_elements 0.59374
published_at 2026-04-11T12:55:00Z
6
value 0.00378
scoring_system epss
scoring_elements 0.59354
published_at 2026-04-09T12:55:00Z
7
value 0.00378
scoring_system epss
scoring_elements 0.59341
published_at 2026-04-08T12:55:00Z
8
value 0.00378
scoring_system epss
scoring_elements 0.59291
published_at 2026-04-07T12:55:00Z
9
value 0.00378
scoring_system epss
scoring_elements 0.59303
published_at 2026-04-02T12:55:00Z
10
value 0.00378
scoring_system epss
scoring_elements 0.59372
published_at 2026-04-16T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2025-2817
2
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 7.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
3
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2362902
reference_id 2362902
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2362902
4
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2025-28
reference_id mfsa2025-28
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2025-28
5
reference_url https://www.mozilla.org/security/advisories/mfsa2025-28/
reference_id mfsa2025-28
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-29T14:20:44Z/
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-30T03:56:27Z/
url https://www.mozilla.org/security/advisories/mfsa2025-28/
6
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2025-29
reference_id mfsa2025-29
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2025-29
7
reference_url https://www.mozilla.org/security/advisories/mfsa2025-29/
reference_id mfsa2025-29
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-30T03:56:27Z/
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-29T14:20:44Z/
url https://www.mozilla.org/security/advisories/mfsa2025-29/
8
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2025-30
reference_id mfsa2025-30
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2025-30
9
reference_url https://www.mozilla.org/security/advisories/mfsa2025-30/
reference_id mfsa2025-30
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-29T14:20:44Z/
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-30T03:56:27Z/
url https://www.mozilla.org/security/advisories/mfsa2025-30/
10
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2025-31
reference_id mfsa2025-31
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2025-31
11
reference_url https://www.mozilla.org/security/advisories/mfsa2025-31/
reference_id mfsa2025-31
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-30T03:56:27Z/
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-29T14:20:44Z/
url https://www.mozilla.org/security/advisories/mfsa2025-31/
12
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2025-32
reference_id mfsa2025-32
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2025-32
13
reference_url https://www.mozilla.org/security/advisories/mfsa2025-32/
reference_id mfsa2025-32
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-29T14:20:44Z/
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-30T03:56:27Z/
url https://www.mozilla.org/security/advisories/mfsa2025-32/
14
reference_url https://access.redhat.com/errata/RHSA-2025:4443
reference_id RHSA-2025:4443
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:4443
15
reference_url https://access.redhat.com/errata/RHSA-2025:4458
reference_id RHSA-2025:4458
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:4458
16
reference_url https://access.redhat.com/errata/RHSA-2025:4460
reference_id RHSA-2025:4460
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:4460
17
reference_url https://access.redhat.com/errata/RHSA-2025:4751
reference_id RHSA-2025:4751
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:4751
18
reference_url https://access.redhat.com/errata/RHSA-2025:4752
reference_id RHSA-2025:4752
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:4752
19
reference_url https://access.redhat.com/errata/RHSA-2025:4753
reference_id RHSA-2025:4753
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:4753
20
reference_url https://access.redhat.com/errata/RHSA-2025:4756
reference_id RHSA-2025:4756
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:4756
21
reference_url https://access.redhat.com/errata/RHSA-2025:4797
reference_id RHSA-2025:4797
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:4797
22
reference_url https://access.redhat.com/errata/RHSA-2025:7428
reference_id RHSA-2025:7428
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:7428
23
reference_url https://access.redhat.com/errata/RHSA-2025:7506
reference_id RHSA-2025:7506
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:7506
24
reference_url https://access.redhat.com/errata/RHSA-2025:7507
reference_id RHSA-2025:7507
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:7507
25
reference_url https://access.redhat.com/errata/RHSA-2025:7543
reference_id RHSA-2025:7543
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:7543
26
reference_url https://access.redhat.com/errata/RHSA-2025:7544
reference_id RHSA-2025:7544
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:7544
27
reference_url https://access.redhat.com/errata/RHSA-2025:7545
reference_id RHSA-2025:7545
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:7545
28
reference_url https://access.redhat.com/errata/RHSA-2025:7547
reference_id RHSA-2025:7547
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:7547
29
reference_url https://access.redhat.com/errata/RHSA-2025:7689
reference_id RHSA-2025:7689
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:7689
30
reference_url https://access.redhat.com/errata/RHSA-2025:7690
reference_id RHSA-2025:7690
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:7690
31
reference_url https://access.redhat.com/errata/RHSA-2025:7691
reference_id RHSA-2025:7691
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:7691
32
reference_url https://access.redhat.com/errata/RHSA-2025:7692
reference_id RHSA-2025:7692
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:7692
33
reference_url https://access.redhat.com/errata/RHSA-2025:7693
reference_id RHSA-2025:7693
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:7693
34
reference_url https://access.redhat.com/errata/RHSA-2025:7694
reference_id RHSA-2025:7694
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:7694
35
reference_url https://access.redhat.com/errata/RHSA-2025:7695
reference_id RHSA-2025:7695
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:7695
36
reference_url https://bugzilla.mozilla.org/show_bug.cgi?id=1917536
reference_id show_bug.cgi?id=1917536
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-30T03:56:27Z/
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-29T14:20:44Z/
url https://bugzilla.mozilla.org/show_bug.cgi?id=1917536
fixed_packages
0
url pkg:deb/debian/firefox@150.0-1?distro=sid
purl pkg:deb/debian/firefox@150.0-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@150.0-1%3Fdistro=sid
1
url pkg:deb/debian/firefox@0?distro=sid
purl pkg:deb/debian/firefox@0?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@0%3Fdistro=sid
2
url pkg:deb/debian/firefox@149.0-1?distro=sid
purl pkg:deb/debian/firefox@149.0-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0-1%3Fdistro=sid
3
url pkg:deb/debian/firefox@149.0.2-1?distro=sid
purl pkg:deb/debian/firefox@149.0.2-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0.2-1%3Fdistro=sid
aliases CVE-2025-2817
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-754j-7erb-z7ae
51
url VCID-7939-5qcd-tqgg
vulnerability_id VCID-7939-5qcd-tqgg
summary Modification of specific WebGL shader attributes could trigger an out-of-bounds read, which, when chained with other vulnerabilities, could be used to escalate privileges.*This bug only affects Firefox for macOS. Other versions of Firefox are unaffected.*
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-4082.json
reference_id
reference_type
scores
0
value 7.6
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-4082.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2025-4082
reference_id
reference_type
scores
0
value 0.00335
scoring_system epss
scoring_elements 0.56392
published_at 2026-04-21T12:55:00Z
1
value 0.00335
scoring_system epss
scoring_elements 0.5642
published_at 2026-04-18T12:55:00Z
2
value 0.00335
scoring_system epss
scoring_elements 0.56382
published_at 2026-04-04T12:55:00Z
3
value 0.00335
scoring_system epss
scoring_elements 0.56406
published_at 2026-04-12T12:55:00Z
4
value 0.00335
scoring_system epss
scoring_elements 0.56431
published_at 2026-04-11T12:55:00Z
5
value 0.00335
scoring_system epss
scoring_elements 0.56418
published_at 2026-04-09T12:55:00Z
6
value 0.00335
scoring_system epss
scoring_elements 0.56413
published_at 2026-04-08T12:55:00Z
7
value 0.00335
scoring_system epss
scoring_elements 0.56362
published_at 2026-04-07T12:55:00Z
8
value 0.00335
scoring_system epss
scoring_elements 0.56359
published_at 2026-04-02T12:55:00Z
9
value 0.00335
scoring_system epss
scoring_elements 0.56419
published_at 2026-04-16T12:55:00Z
10
value 0.00335
scoring_system epss
scoring_elements 0.56387
published_at 2026-04-13T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2025-4082
2
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
3
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2362903
reference_id 2362903
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2362903
4
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2025-28
reference_id mfsa2025-28
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2025-28
5
reference_url https://www.mozilla.org/security/advisories/mfsa2025-28/
reference_id mfsa2025-28
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-30T03:56:28Z/
url https://www.mozilla.org/security/advisories/mfsa2025-28/
6
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2025-29
reference_id mfsa2025-29
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2025-29
7
reference_url https://www.mozilla.org/security/advisories/mfsa2025-29/
reference_id mfsa2025-29
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-30T03:56:28Z/
url https://www.mozilla.org/security/advisories/mfsa2025-29/
8
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2025-30
reference_id mfsa2025-30
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2025-30
9
reference_url https://www.mozilla.org/security/advisories/mfsa2025-30/
reference_id mfsa2025-30
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-30T03:56:28Z/
url https://www.mozilla.org/security/advisories/mfsa2025-30/
10
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2025-31
reference_id mfsa2025-31
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2025-31
11
reference_url https://www.mozilla.org/security/advisories/mfsa2025-31/
reference_id mfsa2025-31
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-30T03:56:28Z/
url https://www.mozilla.org/security/advisories/mfsa2025-31/
12
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2025-32
reference_id mfsa2025-32
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2025-32
13
reference_url https://www.mozilla.org/security/advisories/mfsa2025-32/
reference_id mfsa2025-32
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-30T03:56:28Z/
url https://www.mozilla.org/security/advisories/mfsa2025-32/
14
reference_url https://bugzilla.mozilla.org/show_bug.cgi?id=1937097
reference_id show_bug.cgi?id=1937097
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-30T03:56:28Z/
url https://bugzilla.mozilla.org/show_bug.cgi?id=1937097
fixed_packages
0
url pkg:deb/debian/firefox@150.0-1?distro=sid
purl pkg:deb/debian/firefox@150.0-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@150.0-1%3Fdistro=sid
1
url pkg:deb/debian/firefox@0?distro=sid
purl pkg:deb/debian/firefox@0?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@0%3Fdistro=sid
2
url pkg:deb/debian/firefox@149.0-1?distro=sid
purl pkg:deb/debian/firefox@149.0-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0-1%3Fdistro=sid
3
url pkg:deb/debian/firefox@149.0.2-1?distro=sid
purl pkg:deb/debian/firefox@149.0.2-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0.2-1%3Fdistro=sid
aliases CVE-2025-4082
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-7939-5qcd-tqgg
52
url VCID-7ej3-csq2-9ycp
vulnerability_id VCID-7ej3-csq2-9ycp
summary When a user downloaded a file in Firefox for Android, if a cookie is set, it would have been re-sent during a subsequent file download operation on the same domain, regardless of whether the original and subsequent request were in private and non-private browsing modes.*Note: This issue only affected Firefox for Android. Other operating systems are unaffected.*
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2020-26955
reference_id
reference_type
scores
0
value 0.00284
scoring_system epss
scoring_elements 0.5184
published_at 2026-04-21T12:55:00Z
1
value 0.00284
scoring_system epss
scoring_elements 0.51707
published_at 2026-04-01T12:55:00Z
2
value 0.00284
scoring_system epss
scoring_elements 0.51756
published_at 2026-04-02T12:55:00Z
3
value 0.00284
scoring_system epss
scoring_elements 0.51782
published_at 2026-04-04T12:55:00Z
4
value 0.00284
scoring_system epss
scoring_elements 0.51742
published_at 2026-04-07T12:55:00Z
5
value 0.00284
scoring_system epss
scoring_elements 0.51797
published_at 2026-04-08T12:55:00Z
6
value 0.00284
scoring_system epss
scoring_elements 0.51794
published_at 2026-04-09T12:55:00Z
7
value 0.00284
scoring_system epss
scoring_elements 0.51845
published_at 2026-04-11T12:55:00Z
8
value 0.00284
scoring_system epss
scoring_elements 0.51824
published_at 2026-04-12T12:55:00Z
9
value 0.00284
scoring_system epss
scoring_elements 0.51809
published_at 2026-04-13T12:55:00Z
10
value 0.00284
scoring_system epss
scoring_elements 0.51852
published_at 2026-04-16T12:55:00Z
11
value 0.00284
scoring_system epss
scoring_elements 0.51859
published_at 2026-04-18T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2020-26955
1
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2020-50
reference_id mfsa2020-50
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2020-50
fixed_packages
0
url pkg:deb/debian/firefox@150.0-1?distro=sid
purl pkg:deb/debian/firefox@150.0-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@150.0-1%3Fdistro=sid
1
url pkg:deb/debian/firefox@0?distro=sid
purl pkg:deb/debian/firefox@0?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@0%3Fdistro=sid
2
url pkg:deb/debian/firefox@149.0-1?distro=sid
purl pkg:deb/debian/firefox@149.0-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0-1%3Fdistro=sid
3
url pkg:deb/debian/firefox@149.0.2-1?distro=sid
purl pkg:deb/debian/firefox@149.0.2-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0.2-1%3Fdistro=sid
aliases CVE-2020-26955
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-7ej3-csq2-9ycp
53
url VCID-7fvy-7hpe-kbej
vulnerability_id VCID-7fvy-7hpe-kbej
summary Multiple vulnerabilities have been found in Mozilla Thunderbird, the worst of which could result in the arbitrary execution of code.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-38492.json
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-38492.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2021-38492
reference_id
reference_type
scores
0
value 0.00406
scoring_system epss
scoring_elements 0.61091
published_at 2026-04-21T12:55:00Z
1
value 0.00406
scoring_system epss
scoring_elements 0.61009
published_at 2026-04-07T12:55:00Z
2
value 0.00406
scoring_system epss
scoring_elements 0.61057
published_at 2026-04-08T12:55:00Z
3
value 0.00406
scoring_system epss
scoring_elements 0.61073
published_at 2026-04-09T12:55:00Z
4
value 0.00406
scoring_system epss
scoring_elements 0.61094
published_at 2026-04-11T12:55:00Z
5
value 0.00406
scoring_system epss
scoring_elements 0.61081
published_at 2026-04-12T12:55:00Z
6
value 0.00406
scoring_system epss
scoring_elements 0.61061
published_at 2026-04-13T12:55:00Z
7
value 0.00406
scoring_system epss
scoring_elements 0.61103
published_at 2026-04-16T12:55:00Z
8
value 0.00406
scoring_system epss
scoring_elements 0.61108
published_at 2026-04-18T12:55:00Z
9
value 0.00406
scoring_system epss
scoring_elements 0.60938
published_at 2026-04-01T12:55:00Z
10
value 0.00406
scoring_system epss
scoring_elements 0.61015
published_at 2026-04-02T12:55:00Z
11
value 0.00406
scoring_system epss
scoring_elements 0.61044
published_at 2026-04-04T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2021-38492
2
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
3
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2002118
reference_id 2002118
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2002118
4
reference_url https://security.archlinux.org/AVG-2351
reference_id AVG-2351
reference_type
scores
0
value Medium
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-2351
5
reference_url https://security.archlinux.org/AVG-2353
reference_id AVG-2353
reference_type
scores
0
value Medium
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-2353
6
reference_url https://security.gentoo.org/glsa/202208-14
reference_id GLSA-202208-14
reference_type
scores
url https://security.gentoo.org/glsa/202208-14
7
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2021-38
reference_id mfsa2021-38
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2021-38
8
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2021-39
reference_id mfsa2021-39
reference_type
scores
0
value none
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2021-39
9
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2021-40
reference_id mfsa2021-40
reference_type
scores
0
value low
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2021-40
10
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2021-41
reference_id mfsa2021-41
reference_type
scores
0
value low
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2021-41
11
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2021-42
reference_id mfsa2021-42
reference_type
scores
0
value none
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2021-42
fixed_packages
0
url pkg:deb/debian/firefox@150.0-1?distro=sid
purl pkg:deb/debian/firefox@150.0-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@150.0-1%3Fdistro=sid
1
url pkg:deb/debian/firefox@0?distro=sid
purl pkg:deb/debian/firefox@0?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@0%3Fdistro=sid
2
url pkg:deb/debian/firefox@149.0-1?distro=sid
purl pkg:deb/debian/firefox@149.0-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0-1%3Fdistro=sid
3
url pkg:deb/debian/firefox@149.0.2-1?distro=sid
purl pkg:deb/debian/firefox@149.0.2-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0.2-1%3Fdistro=sid
aliases CVE-2021-38492
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-7fvy-7hpe-kbej
54
url VCID-7jjr-g2uj-wqdr
vulnerability_id VCID-7jjr-g2uj-wqdr
summary An attacker could have executed unauthorized scripts on top origin sites using a JavaScript URI when opening an external URL with a custom Firefox scheme.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2024-26283
reference_id
reference_type
scores
0
value 0.00127
scoring_system epss
scoring_elements 0.32069
published_at 2026-04-21T12:55:00Z
1
value 0.00127
scoring_system epss
scoring_elements 0.32155
published_at 2026-04-11T12:55:00Z
2
value 0.00127
scoring_system epss
scoring_elements 0.32117
published_at 2026-04-12T12:55:00Z
3
value 0.00127
scoring_system epss
scoring_elements 0.32085
published_at 2026-04-13T12:55:00Z
4
value 0.00127
scoring_system epss
scoring_elements 0.32119
published_at 2026-04-16T12:55:00Z
5
value 0.00127
scoring_system epss
scoring_elements 0.32096
published_at 2026-04-18T12:55:00Z
6
value 0.00127
scoring_system epss
scoring_elements 0.32212
published_at 2026-04-02T12:55:00Z
7
value 0.00127
scoring_system epss
scoring_elements 0.32249
published_at 2026-04-04T12:55:00Z
8
value 0.00127
scoring_system epss
scoring_elements 0.32073
published_at 2026-04-07T12:55:00Z
9
value 0.00127
scoring_system epss
scoring_elements 0.32124
published_at 2026-04-08T12:55:00Z
10
value 0.00127
scoring_system epss
scoring_elements 0.32151
published_at 2026-04-09T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2024-26283
1
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2024-08
reference_id mfsa2024-08
reference_type
scores
0
value none
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2024-08
2
reference_url https://www.mozilla.org/security/advisories/mfsa2024-08/
reference_id mfsa2024-08
reference_type
scores
0
value 7.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-03-15T20:32:46Z/
url https://www.mozilla.org/security/advisories/mfsa2024-08/
3
reference_url https://bugzilla.mozilla.org/show_bug.cgi?id=1850158
reference_id show_bug.cgi?id=1850158
reference_type
scores
0
value 7.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-03-15T20:32:46Z/
url https://bugzilla.mozilla.org/show_bug.cgi?id=1850158
fixed_packages
0
url pkg:deb/debian/firefox@150.0-1?distro=sid
purl pkg:deb/debian/firefox@150.0-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@150.0-1%3Fdistro=sid
1
url pkg:deb/debian/firefox@0?distro=sid
purl pkg:deb/debian/firefox@0?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@0%3Fdistro=sid
2
url pkg:deb/debian/firefox@149.0-1?distro=sid
purl pkg:deb/debian/firefox@149.0-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0-1%3Fdistro=sid
3
url pkg:deb/debian/firefox@149.0.2-1?distro=sid
purl pkg:deb/debian/firefox@149.0.2-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0.2-1%3Fdistro=sid
aliases CVE-2024-26283
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-7jjr-g2uj-wqdr
55
url VCID-7taq-vg8p-f3dj
vulnerability_id VCID-7taq-vg8p-f3dj
summary Android intents can be used to launch Firefox for Android in reader mode with a user specified URL. This allows an attacker to spoof the contents of the addressbar as displayed to users. *Note: This attack only affects Firefox for Android. Other operating systems are not affected.*
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2017-5463
reference_id
reference_type
scores
0
value 0.0077
scoring_system epss
scoring_elements 0.73559
published_at 2026-04-21T12:55:00Z
1
value 0.0077
scoring_system epss
scoring_elements 0.73462
published_at 2026-04-01T12:55:00Z
2
value 0.0077
scoring_system epss
scoring_elements 0.73512
published_at 2026-04-13T12:55:00Z
3
value 0.0077
scoring_system epss
scoring_elements 0.73555
published_at 2026-04-16T12:55:00Z
4
value 0.0077
scoring_system epss
scoring_elements 0.73565
published_at 2026-04-18T12:55:00Z
5
value 0.0077
scoring_system epss
scoring_elements 0.73471
published_at 2026-04-02T12:55:00Z
6
value 0.0077
scoring_system epss
scoring_elements 0.73493
published_at 2026-04-04T12:55:00Z
7
value 0.0077
scoring_system epss
scoring_elements 0.73465
published_at 2026-04-07T12:55:00Z
8
value 0.0077
scoring_system epss
scoring_elements 0.73501
published_at 2026-04-08T12:55:00Z
9
value 0.0077
scoring_system epss
scoring_elements 0.73515
published_at 2026-04-09T12:55:00Z
10
value 0.0077
scoring_system epss
scoring_elements 0.73538
published_at 2026-04-11T12:55:00Z
11
value 0.0077
scoring_system epss
scoring_elements 0.73519
published_at 2026-04-12T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2017-5463
1
reference_url https://bugzilla.mozilla.org/show_bug.cgi?id=1338867
reference_id
reference_type
scores
url https://bugzilla.mozilla.org/show_bug.cgi?id=1338867
2
reference_url https://www.mozilla.org/security/advisories/mfsa2017-10/
reference_id
reference_type
scores
url https://www.mozilla.org/security/advisories/mfsa2017-10/
3
reference_url http://www.securityfocus.com/bid/97940
reference_id
reference_type
scores
url http://www.securityfocus.com/bid/97940
4
reference_url http://www.securitytracker.com/id/1038320
reference_id
reference_type
scores
url http://www.securitytracker.com/id/1038320
5
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*
reference_id cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*
6
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:google:android:-:*:*:*:*:*:*:*
reference_id cpe:2.3:o:google:android:-:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:google:android:-:*:*:*:*:*:*:*
7
reference_url https://nvd.nist.gov/vuln/detail/CVE-2017-5463
reference_id CVE-2017-5463
reference_type
scores
0
value 5.0
scoring_system cvssv2
scoring_elements AV:N/AC:L/Au:N/C:N/I:P/A:N
1
value 5.3
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
url https://nvd.nist.gov/vuln/detail/CVE-2017-5463
8
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2017-10
reference_id mfsa2017-10
reference_type
scores
0
value critical
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2017-10
fixed_packages
0
url pkg:deb/debian/firefox@150.0-1?distro=sid
purl pkg:deb/debian/firefox@150.0-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@150.0-1%3Fdistro=sid
1
url pkg:deb/debian/firefox@0?distro=sid
purl pkg:deb/debian/firefox@0?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@0%3Fdistro=sid
2
url pkg:deb/debian/firefox@149.0-1?distro=sid
purl pkg:deb/debian/firefox@149.0-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0-1%3Fdistro=sid
3
url pkg:deb/debian/firefox@149.0.2-1?distro=sid
purl pkg:deb/debian/firefox@149.0.2-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0.2-1%3Fdistro=sid
aliases CVE-2017-5463
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-7taq-vg8p-f3dj
56
url VCID-7u5b-uzd5-7kdc
vulnerability_id VCID-7u5b-uzd5-7kdc
summary Certain WebGL operations on Apple silicon M series devices could have lead to an out-of-bounds write and memory corruption due to a flaw in Apple's GPU driver. *This bug only affected the application on Apple M series hardware. Other platforms were unaffected.*
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-11691.json
reference_id
reference_type
scores
0
value 8.2
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-11691.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2024-11691
reference_id
reference_type
scores
0
value 0.00161
scoring_system epss
scoring_elements 0.37069
published_at 2026-04-09T12:55:00Z
1
value 0.00161
scoring_system epss
scoring_elements 0.37056
published_at 2026-04-08T12:55:00Z
2
value 0.00161
scoring_system epss
scoring_elements 0.37063
published_at 2026-04-16T12:55:00Z
3
value 0.00161
scoring_system epss
scoring_elements 0.37017
published_at 2026-04-13T12:55:00Z
4
value 0.00161
scoring_system epss
scoring_elements 0.37044
published_at 2026-04-12T12:55:00Z
5
value 0.00161
scoring_system epss
scoring_elements 0.37078
published_at 2026-04-11T12:55:00Z
6
value 0.00161
scoring_system epss
scoring_elements 0.37143
published_at 2026-04-02T12:55:00Z
7
value 0.00161
scoring_system epss
scoring_elements 0.37175
published_at 2026-04-04T12:55:00Z
8
value 0.00161
scoring_system epss
scoring_elements 0.37005
published_at 2026-04-07T12:55:00Z
9
value 0.00219
scoring_system epss
scoring_elements 0.44625
published_at 2026-04-18T12:55:00Z
10
value 0.00219
scoring_system epss
scoring_elements 0.44555
published_at 2026-04-21T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2024-11691
2
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 8.2
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
3
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2328940
reference_id 2328940
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2328940
4
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2024-63
reference_id mfsa2024-63
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2024-63
5
reference_url https://www.mozilla.org/security/advisories/mfsa2024-63/
reference_id mfsa2024-63
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-11-30T04:55:57Z/
url https://www.mozilla.org/security/advisories/mfsa2024-63/
6
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2024-64
reference_id mfsa2024-64
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2024-64
7
reference_url https://www.mozilla.org/security/advisories/mfsa2024-64/
reference_id mfsa2024-64
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-11-30T04:55:57Z/
url https://www.mozilla.org/security/advisories/mfsa2024-64/
8
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2024-65
reference_id mfsa2024-65
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2024-65
9
reference_url https://www.mozilla.org/security/advisories/mfsa2024-65/
reference_id mfsa2024-65
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-11-30T04:55:57Z/
url https://www.mozilla.org/security/advisories/mfsa2024-65/
10
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2024-67
reference_id mfsa2024-67
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2024-67
11
reference_url https://www.mozilla.org/security/advisories/mfsa2024-67/
reference_id mfsa2024-67
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-11-30T04:55:57Z/
url https://www.mozilla.org/security/advisories/mfsa2024-67/
12
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2024-68
reference_id mfsa2024-68
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2024-68
13
reference_url https://www.mozilla.org/security/advisories/mfsa2024-68/
reference_id mfsa2024-68
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-11-30T04:55:57Z/
url https://www.mozilla.org/security/advisories/mfsa2024-68/
14
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2024-70
reference_id mfsa2024-70
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2024-70
15
reference_url https://www.mozilla.org/security/advisories/mfsa2024-70/
reference_id mfsa2024-70
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-11-30T04:55:57Z/
url https://www.mozilla.org/security/advisories/mfsa2024-70/
16
reference_url https://bugzilla.mozilla.org/show_bug.cgi?id=1914707
reference_id show_bug.cgi?id=1914707
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-11-30T04:55:57Z/
url https://bugzilla.mozilla.org/show_bug.cgi?id=1914707
17
reference_url https://bugzilla.mozilla.org/show_bug.cgi?id=1924184
reference_id show_bug.cgi?id=1924184
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-11-30T04:55:57Z/
url https://bugzilla.mozilla.org/show_bug.cgi?id=1924184
fixed_packages
0
url pkg:deb/debian/firefox@150.0-1?distro=sid
purl pkg:deb/debian/firefox@150.0-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@150.0-1%3Fdistro=sid
1
url pkg:deb/debian/firefox@0?distro=sid
purl pkg:deb/debian/firefox@0?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@0%3Fdistro=sid
2
url pkg:deb/debian/firefox@149.0-1?distro=sid
purl pkg:deb/debian/firefox@149.0-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0-1%3Fdistro=sid
3
url pkg:deb/debian/firefox@149.0.2-1?distro=sid
purl pkg:deb/debian/firefox@149.0.2-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0.2-1%3Fdistro=sid
aliases CVE-2024-11691
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-7u5b-uzd5-7kdc
57
url VCID-7xh6-s1h4-dbhw
vulnerability_id VCID-7xh6-s1h4-dbhw
summary
references
0
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-30
reference_id mfsa2026-30
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-30
1
reference_url https://www.mozilla.org/security/advisories/mfsa2026-30/
reference_id mfsa2026-30
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-22T15:06:08Z/
url https://www.mozilla.org/security/advisories/mfsa2026-30/
2
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-32
reference_id mfsa2026-32
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-32
3
reference_url https://www.mozilla.org/security/advisories/mfsa2026-32/
reference_id mfsa2026-32
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-22T15:06:08Z/
url https://www.mozilla.org/security/advisories/mfsa2026-32/
4
reference_url https://www.mozilla.org/security/advisories/mfsa2026-33/
reference_id mfsa2026-33
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-22T15:06:08Z/
url https://www.mozilla.org/security/advisories/mfsa2026-33/
5
reference_url https://www.mozilla.org/security/advisories/mfsa2026-34/
reference_id mfsa2026-34
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-22T15:06:08Z/
url https://www.mozilla.org/security/advisories/mfsa2026-34/
6
reference_url https://bugzilla.mozilla.org/show_bug.cgi?id=2016164
reference_id show_bug.cgi?id=2016164
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-22T15:06:08Z/
url https://bugzilla.mozilla.org/show_bug.cgi?id=2016164
fixed_packages
0
url pkg:deb/debian/firefox@150.0-1?distro=sid
purl pkg:deb/debian/firefox@150.0-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@150.0-1%3Fdistro=sid
1
url pkg:deb/debian/firefox@0?distro=sid
purl pkg:deb/debian/firefox@0?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@0%3Fdistro=sid
aliases CVE-2026-6759
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-7xh6-s1h4-dbhw
58
url VCID-7zbd-n414-43b7
vulnerability_id VCID-7zbd-n414-43b7
summary If cursor visibility is toggled by script using from 'none' to an image and back through script, the cursor will be rendered temporarily invisible within Firefox. *Note: This vulnerability only affects OS X. Other operating systems are not affected.*
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2018-5110
reference_id
reference_type
scores
0
value 0.00981
scoring_system epss
scoring_elements 0.76814
published_at 2026-04-21T12:55:00Z
1
value 0.00981
scoring_system epss
scoring_elements 0.76719
published_at 2026-04-01T12:55:00Z
2
value 0.00981
scoring_system epss
scoring_elements 0.76776
published_at 2026-04-13T12:55:00Z
3
value 0.00981
scoring_system epss
scoring_elements 0.76817
published_at 2026-04-16T12:55:00Z
4
value 0.00981
scoring_system epss
scoring_elements 0.76822
published_at 2026-04-18T12:55:00Z
5
value 0.00981
scoring_system epss
scoring_elements 0.76722
published_at 2026-04-02T12:55:00Z
6
value 0.00981
scoring_system epss
scoring_elements 0.76751
published_at 2026-04-04T12:55:00Z
7
value 0.00981
scoring_system epss
scoring_elements 0.76733
published_at 2026-04-07T12:55:00Z
8
value 0.00981
scoring_system epss
scoring_elements 0.76764
published_at 2026-04-08T12:55:00Z
9
value 0.00981
scoring_system epss
scoring_elements 0.76775
published_at 2026-04-09T12:55:00Z
10
value 0.00981
scoring_system epss
scoring_elements 0.76804
published_at 2026-04-11T12:55:00Z
11
value 0.00981
scoring_system epss
scoring_elements 0.76784
published_at 2026-04-12T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2018-5110
1
reference_url https://bugzilla.mozilla.org/show_bug.cgi?id=1423275
reference_id
reference_type
scores
url https://bugzilla.mozilla.org/show_bug.cgi?id=1423275
2
reference_url https://www.mozilla.org/security/advisories/mfsa2018-02/
reference_id
reference_type
scores
url https://www.mozilla.org/security/advisories/mfsa2018-02/
3
reference_url http://www.securityfocus.com/bid/102786
reference_id
reference_type
scores
url http://www.securityfocus.com/bid/102786
4
reference_url http://www.securitytracker.com/id/1040270
reference_id
reference_type
scores
url http://www.securitytracker.com/id/1040270
5
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*
reference_id cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*
6
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*
reference_id cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*
7
reference_url https://nvd.nist.gov/vuln/detail/CVE-2018-5110
reference_id CVE-2018-5110
reference_type
scores
0
value 5.0
scoring_system cvssv2
scoring_elements AV:N/AC:L/Au:N/C:N/I:P/A:N
1
value 5.3
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
url https://nvd.nist.gov/vuln/detail/CVE-2018-5110
8
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2018-02
reference_id mfsa2018-02
reference_type
scores
0
value critical
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2018-02
fixed_packages
0
url pkg:deb/debian/firefox@150.0-1?distro=sid
purl pkg:deb/debian/firefox@150.0-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@150.0-1%3Fdistro=sid
1
url pkg:deb/debian/firefox@0?distro=sid
purl pkg:deb/debian/firefox@0?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@0%3Fdistro=sid
2
url pkg:deb/debian/firefox@149.0-1?distro=sid
purl pkg:deb/debian/firefox@149.0-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0-1%3Fdistro=sid
3
url pkg:deb/debian/firefox@149.0.2-1?distro=sid
purl pkg:deb/debian/firefox@149.0.2-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0.2-1%3Fdistro=sid
aliases CVE-2018-5110
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-7zbd-n414-43b7
59
url VCID-84nu-ma7v-efd1
vulnerability_id VCID-84nu-ma7v-efd1
summary When scanning QR codes, Firefox for Android would have allowed navigation to some URLs that do not point to web content.*This bug only affects Firefox for Android. Other operating systems are unaffected.*
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2022-22749
reference_id
reference_type
scores
0
value 0.00308
scoring_system epss
scoring_elements 0.54067
published_at 2026-04-21T12:55:00Z
1
value 0.00308
scoring_system epss
scoring_elements 0.53975
published_at 2026-04-02T12:55:00Z
2
value 0.00308
scoring_system epss
scoring_elements 0.54076
published_at 2026-04-11T12:55:00Z
3
value 0.00308
scoring_system epss
scoring_elements 0.54058
published_at 2026-04-12T12:55:00Z
4
value 0.00308
scoring_system epss
scoring_elements 0.5404
published_at 2026-04-13T12:55:00Z
5
value 0.00308
scoring_system epss
scoring_elements 0.5408
published_at 2026-04-16T12:55:00Z
6
value 0.00308
scoring_system epss
scoring_elements 0.54085
published_at 2026-04-18T12:55:00Z
7
value 0.00308
scoring_system epss
scoring_elements 0.54002
published_at 2026-04-04T12:55:00Z
8
value 0.00308
scoring_system epss
scoring_elements 0.53978
published_at 2026-04-07T12:55:00Z
9
value 0.00308
scoring_system epss
scoring_elements 0.5403
published_at 2026-04-09T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2022-22749
1
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2022-01
reference_id mfsa2022-01
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2022-01
2
reference_url https://www.mozilla.org/security/advisories/mfsa2022-01/
reference_id mfsa2022-01
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-16T14:51:30Z/
url https://www.mozilla.org/security/advisories/mfsa2022-01/
3
reference_url https://bugzilla.mozilla.org/show_bug.cgi?id=1705094
reference_id show_bug.cgi?id=1705094
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-16T14:51:30Z/
url https://bugzilla.mozilla.org/show_bug.cgi?id=1705094
fixed_packages
0
url pkg:deb/debian/firefox@150.0-1?distro=sid
purl pkg:deb/debian/firefox@150.0-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@150.0-1%3Fdistro=sid
1
url pkg:deb/debian/firefox@0?distro=sid
purl pkg:deb/debian/firefox@0?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@0%3Fdistro=sid
2
url pkg:deb/debian/firefox@149.0-1?distro=sid
purl pkg:deb/debian/firefox@149.0-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0-1%3Fdistro=sid
3
url pkg:deb/debian/firefox@149.0.2-1?distro=sid
purl pkg:deb/debian/firefox@149.0.2-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0.2-1%3Fdistro=sid
aliases CVE-2022-22749
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-84nu-ma7v-efd1
60
url VCID-89nm-zgtp-cqc1
vulnerability_id VCID-89nm-zgtp-cqc1
summary The Gecko Media Plugin sandbox allows access to local files that match specific regular expressions. On OS OX, this matching allows access to some data in subdirectories of /private/var that could expose personal or temporary data. This has been updated to not allow access to /private/var and its subdirectories. *Note: this issue only affects OS X. Other operating systems are not affected.*
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2017-5425
reference_id
reference_type
scores
0
value 0.00468
scoring_system epss
scoring_elements 0.64501
published_at 2026-04-21T12:55:00Z
1
value 0.00468
scoring_system epss
scoring_elements 0.64502
published_at 2026-04-11T12:55:00Z
2
value 0.00468
scoring_system epss
scoring_elements 0.64491
published_at 2026-04-12T12:55:00Z
3
value 0.00468
scoring_system epss
scoring_elements 0.64463
published_at 2026-04-13T12:55:00Z
4
value 0.00468
scoring_system epss
scoring_elements 0.64497
published_at 2026-04-16T12:55:00Z
5
value 0.00468
scoring_system epss
scoring_elements 0.64509
published_at 2026-04-18T12:55:00Z
6
value 0.00468
scoring_system epss
scoring_elements 0.64379
published_at 2026-04-01T12:55:00Z
7
value 0.00468
scoring_system epss
scoring_elements 0.64434
published_at 2026-04-02T12:55:00Z
8
value 0.00468
scoring_system epss
scoring_elements 0.64464
published_at 2026-04-04T12:55:00Z
9
value 0.00468
scoring_system epss
scoring_elements 0.64423
published_at 2026-04-07T12:55:00Z
10
value 0.00468
scoring_system epss
scoring_elements 0.64471
published_at 2026-04-08T12:55:00Z
11
value 0.00468
scoring_system epss
scoring_elements 0.64487
published_at 2026-04-09T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2017-5425
1
reference_url https://bugzilla.mozilla.org/show_bug.cgi?id=1322716
reference_id
reference_type
scores
url https://bugzilla.mozilla.org/show_bug.cgi?id=1322716
2
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv2
scoring_elements AV:N/AC:M/Au:N/C:P/I:N/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
3
reference_url https://www.mozilla.org/security/advisories/mfsa2017-05/
reference_id
reference_type
scores
url https://www.mozilla.org/security/advisories/mfsa2017-05/
4
reference_url https://www.mozilla.org/security/advisories/mfsa2017-09/
reference_id
reference_type
scores
url https://www.mozilla.org/security/advisories/mfsa2017-09/
5
reference_url http://www.securityfocus.com/bid/96692
reference_id
reference_type
scores
url http://www.securityfocus.com/bid/96692
6
reference_url http://www.securitytracker.com/id/1037966
reference_id
reference_type
scores
url http://www.securitytracker.com/id/1037966
7
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*
reference_id cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*
8
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*
reference_id cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*
9
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*
reference_id cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*
10
reference_url https://nvd.nist.gov/vuln/detail/CVE-2017-5425
reference_id CVE-2017-5425
reference_type
scores
0
value 5.0
scoring_system cvssv2
scoring_elements AV:N/AC:L/Au:N/C:P/I:N/A:N
1
value 7.5
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
url https://nvd.nist.gov/vuln/detail/CVE-2017-5425
11
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2017-05
reference_id mfsa2017-05
reference_type
scores
0
value critical
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2017-05
12
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2017-09
reference_id mfsa2017-09
reference_type
scores
0
value critical
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2017-09
fixed_packages
0
url pkg:deb/debian/firefox@150.0-1?distro=sid
purl pkg:deb/debian/firefox@150.0-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@150.0-1%3Fdistro=sid
1
url pkg:deb/debian/firefox@0?distro=sid
purl pkg:deb/debian/firefox@0?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@0%3Fdistro=sid
2
url pkg:deb/debian/firefox@149.0-1?distro=sid
purl pkg:deb/debian/firefox@149.0-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0-1%3Fdistro=sid
3
url pkg:deb/debian/firefox@149.0.2-1?distro=sid
purl pkg:deb/debian/firefox@149.0.2-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0.2-1%3Fdistro=sid
aliases CVE-2017-5425
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-89nm-zgtp-cqc1
61
url VCID-8b6h-ptgc-3yfs
vulnerability_id VCID-8b6h-ptgc-3yfs
summary Malicious scripts that interrupt new tab page loading could cause desynchronization between the address bar and page content, allowing the attacker to spoof arbitrary HTML under a trusted domain.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-2032
reference_id
reference_type
scores
0
value 0.00033
scoring_system epss
scoring_elements 0.0966
published_at 2026-04-21T12:55:00Z
1
value 0.00033
scoring_system epss
scoring_elements 0.09566
published_at 2026-04-02T12:55:00Z
2
value 0.00033
scoring_system epss
scoring_elements 0.09661
published_at 2026-04-11T12:55:00Z
3
value 0.00033
scoring_system epss
scoring_elements 0.09629
published_at 2026-04-12T12:55:00Z
4
value 0.00033
scoring_system epss
scoring_elements 0.09613
published_at 2026-04-13T12:55:00Z
5
value 0.00033
scoring_system epss
scoring_elements 0.09504
published_at 2026-04-16T12:55:00Z
6
value 0.00033
scoring_system epss
scoring_elements 0.09509
published_at 2026-04-18T12:55:00Z
7
value 0.00033
scoring_system epss
scoring_elements 0.09617
published_at 2026-04-04T12:55:00Z
8
value 0.00033
scoring_system epss
scoring_elements 0.09528
published_at 2026-04-07T12:55:00Z
9
value 0.00033
scoring_system epss
scoring_elements 0.09601
published_at 2026-04-08T12:55:00Z
10
value 0.00033
scoring_system epss
scoring_elements 0.0965
published_at 2026-04-09T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-2032
1
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-09
reference_id mfsa2026-09
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-09
2
reference_url https://www.mozilla.org/security/advisories/mfsa2026-09/
reference_id mfsa2026-09
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-02-17T14:49:33Z/
url https://www.mozilla.org/security/advisories/mfsa2026-09/
3
reference_url https://bugzilla.mozilla.org/show_bug.cgi?id=2012152
reference_id show_bug.cgi?id=2012152
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-02-17T14:49:33Z/
url https://bugzilla.mozilla.org/show_bug.cgi?id=2012152
fixed_packages
0
url pkg:deb/debian/firefox@150.0-1?distro=sid
purl pkg:deb/debian/firefox@150.0-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@150.0-1%3Fdistro=sid
1
url pkg:deb/debian/firefox@0?distro=sid
purl pkg:deb/debian/firefox@0?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@0%3Fdistro=sid
2
url pkg:deb/debian/firefox@149.0-1?distro=sid
purl pkg:deb/debian/firefox@149.0-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0-1%3Fdistro=sid
3
url pkg:deb/debian/firefox@149.0.2-1?distro=sid
purl pkg:deb/debian/firefox@149.0.2-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0.2-1%3Fdistro=sid
aliases CVE-2026-2032
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-8b6h-ptgc-3yfs
62
url VCID-8bvd-y3qe-8qfk
vulnerability_id VCID-8bvd-y3qe-8qfk
summary The Mozilla Maintenance Service does not guard against files being hardlinked to another file in the updates directory, allowing for the replacement of local files, including the Maintenance Service executable, which is run with privileged access. Additionally, there was a race condition during checks for junctions and symbolic links by the Maintenance Service, allowing for potential local file and directory manipulation to be undetected in some circumstances. This allows for potential privilege escalation by a user with unprivileged local access. *Note: These attacks requires local system access and only affects Windows. Other operating systems are not affected.*
references
0
reference_url http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00011.html
reference_id
reference_type
scores
url http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00011.html
1
reference_url http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00017.html
reference_id
reference_type
scores
url http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00017.html
2
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-11736.json
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-11736.json
3
reference_url https://api.first.org/data/v1/epss?cve=CVE-2019-11736
reference_id
reference_type
scores
0
value 0.00057
scoring_system epss
scoring_elements 0.17705
published_at 2026-04-21T12:55:00Z
1
value 0.00057
scoring_system epss
scoring_elements 0.17804
published_at 2026-04-11T12:55:00Z
2
value 0.00057
scoring_system epss
scoring_elements 0.17758
published_at 2026-04-12T12:55:00Z
3
value 0.00057
scoring_system epss
scoring_elements 0.17711
published_at 2026-04-13T12:55:00Z
4
value 0.00057
scoring_system epss
scoring_elements 0.17657
published_at 2026-04-16T12:55:00Z
5
value 0.00057
scoring_system epss
scoring_elements 0.17665
published_at 2026-04-18T12:55:00Z
6
value 0.00057
scoring_system epss
scoring_elements 0.17727
published_at 2026-04-01T12:55:00Z
7
value 0.00057
scoring_system epss
scoring_elements 0.17888
published_at 2026-04-02T12:55:00Z
8
value 0.00057
scoring_system epss
scoring_elements 0.17941
published_at 2026-04-04T12:55:00Z
9
value 0.00057
scoring_system epss
scoring_elements 0.17642
published_at 2026-04-07T12:55:00Z
10
value 0.00057
scoring_system epss
scoring_elements 0.1773
published_at 2026-04-08T12:55:00Z
11
value 0.00057
scoring_system epss
scoring_elements 0.17791
published_at 2026-04-09T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2019-11736
4
reference_url https://bugzilla.mozilla.org/show_bug.cgi?id=1551913
reference_id
reference_type
scores
url https://bugzilla.mozilla.org/show_bug.cgi?id=1551913
5
reference_url https://bugzilla.mozilla.org/show_bug.cgi?id=1552206
reference_id
reference_type
scores
url https://bugzilla.mozilla.org/show_bug.cgi?id=1552206
6
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
7
reference_url https://www.mozilla.org/security/advisories/mfsa2019-25/
reference_id
reference_type
scores
url https://www.mozilla.org/security/advisories/mfsa2019-25/
8
reference_url https://www.mozilla.org/security/advisories/mfsa2019-26/
reference_id
reference_type
scores
url https://www.mozilla.org/security/advisories/mfsa2019-26/
9
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1748662
reference_id 1748662
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1748662
10
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*
reference_id cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*
11
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox_esr:*:*:*:*:*:*:*:*
reference_id cpe:2.3:a:mozilla:firefox_esr:*:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox_esr:*:*:*:*:*:*:*:*
12
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*
reference_id cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*
13
reference_url https://nvd.nist.gov/vuln/detail/CVE-2019-11736
reference_id CVE-2019-11736
reference_type
scores
0
value 4.4
scoring_system cvssv2
scoring_elements AV:L/AC:M/Au:N/C:P/I:P/A:P
1
value 7.0
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
url https://nvd.nist.gov/vuln/detail/CVE-2019-11736
14
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2019-25
reference_id mfsa2019-25
reference_type
scores
0
value critical
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2019-25
15
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2019-26
reference_id mfsa2019-26
reference_type
scores
0
value critical
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2019-26
fixed_packages
0
url pkg:deb/debian/firefox@150.0-1?distro=sid
purl pkg:deb/debian/firefox@150.0-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@150.0-1%3Fdistro=sid
1
url pkg:deb/debian/firefox@0?distro=sid
purl pkg:deb/debian/firefox@0?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@0%3Fdistro=sid
2
url pkg:deb/debian/firefox@149.0-1?distro=sid
purl pkg:deb/debian/firefox@149.0-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0-1%3Fdistro=sid
3
url pkg:deb/debian/firefox@149.0.2-1?distro=sid
purl pkg:deb/debian/firefox@149.0.2-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0.2-1%3Fdistro=sid
aliases CVE-2019-11736
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-8bvd-y3qe-8qfk
63
url VCID-8gzb-8g1n-yqfw
vulnerability_id VCID-8gzb-8g1n-yqfw
summary If a specific sequence of actions is performed when opening a new tab, the triggering principal associated with the new tab may have been incorrect. The triggering principal is used to calculate many values, including the Referer and Sec-* headers, meaning there is the potential for incorrect security checks within the browser in addition to incorrect or misleading information sent to remote websites.*This bug only affects Firefox for Android. Other versions of Firefox are unaffected.*
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2024-5687
reference_id
reference_type
scores
0
value 0.00607
scoring_system epss
scoring_elements 0.69691
published_at 2026-04-21T12:55:00Z
1
value 0.00607
scoring_system epss
scoring_elements 0.6969
published_at 2026-04-11T12:55:00Z
2
value 0.00607
scoring_system epss
scoring_elements 0.69675
published_at 2026-04-12T12:55:00Z
3
value 0.00607
scoring_system epss
scoring_elements 0.69661
published_at 2026-04-13T12:55:00Z
4
value 0.00607
scoring_system epss
scoring_elements 0.69702
published_at 2026-04-16T12:55:00Z
5
value 0.00607
scoring_system epss
scoring_elements 0.6971
published_at 2026-04-18T12:55:00Z
6
value 0.00607
scoring_system epss
scoring_elements 0.69606
published_at 2026-04-02T12:55:00Z
7
value 0.00607
scoring_system epss
scoring_elements 0.69622
published_at 2026-04-04T12:55:00Z
8
value 0.00607
scoring_system epss
scoring_elements 0.69601
published_at 2026-04-07T12:55:00Z
9
value 0.00607
scoring_system epss
scoring_elements 0.69652
published_at 2026-04-08T12:55:00Z
10
value 0.00607
scoring_system epss
scoring_elements 0.69668
published_at 2026-04-09T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2024-5687
1
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2024-25
reference_id mfsa2024-25
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2024-25
2
reference_url https://www.mozilla.org/security/advisories/mfsa2024-25/
reference_id mfsa2024-25
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-06-11T16:11:54Z/
url https://www.mozilla.org/security/advisories/mfsa2024-25/
3
reference_url https://bugzilla.mozilla.org/show_bug.cgi?id=1889066
reference_id show_bug.cgi?id=1889066
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-06-11T16:11:54Z/
url https://bugzilla.mozilla.org/show_bug.cgi?id=1889066
fixed_packages
0
url pkg:deb/debian/firefox@150.0-1?distro=sid
purl pkg:deb/debian/firefox@150.0-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@150.0-1%3Fdistro=sid
1
url pkg:deb/debian/firefox@0?distro=sid
purl pkg:deb/debian/firefox@0?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@0%3Fdistro=sid
2
url pkg:deb/debian/firefox@149.0-1?distro=sid
purl pkg:deb/debian/firefox@149.0-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0-1%3Fdistro=sid
3
url pkg:deb/debian/firefox@149.0.2-1?distro=sid
purl pkg:deb/debian/firefox@149.0.2-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0.2-1%3Fdistro=sid
aliases CVE-2024-5687
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-8gzb-8g1n-yqfw
64
url VCID-8hgj-7cb6-fbbp
vulnerability_id VCID-8hgj-7cb6-fbbp
summary A race condition is present in the crash generation server used to generate data for the crash reporter. This issue can lead to a use-after-free in the main process, resulting in a potentially exploitable crash and a sandbox escape. *Note: this vulnerability only affects Windows. Other operating systems are unaffected.*
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-9818.json
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-9818.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2019-9818
reference_id
reference_type
scores
0
value 0.00343
scoring_system epss
scoring_elements 0.57007
published_at 2026-04-18T12:55:00Z
1
value 0.00343
scoring_system epss
scoring_elements 0.57024
published_at 2026-04-11T12:55:00Z
2
value 0.00343
scoring_system epss
scoring_elements 0.57004
published_at 2026-04-12T12:55:00Z
3
value 0.00343
scoring_system epss
scoring_elements 0.5698
published_at 2026-04-13T12:55:00Z
4
value 0.00343
scoring_system epss
scoring_elements 0.57009
published_at 2026-04-16T12:55:00Z
5
value 0.00343
scoring_system epss
scoring_elements 0.56865
published_at 2026-04-01T12:55:00Z
6
value 0.00343
scoring_system epss
scoring_elements 0.56962
published_at 2026-04-02T12:55:00Z
7
value 0.00343
scoring_system epss
scoring_elements 0.56983
published_at 2026-04-21T12:55:00Z
8
value 0.00343
scoring_system epss
scoring_elements 0.56959
published_at 2026-04-07T12:55:00Z
9
value 0.00343
scoring_system epss
scoring_elements 0.5701
published_at 2026-04-08T12:55:00Z
10
value 0.00343
scoring_system epss
scoring_elements 0.57012
published_at 2026-04-09T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2019-9818
2
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
3
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1712627
reference_id 1712627
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1712627
4
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2019-13
reference_id mfsa2019-13
reference_type
scores
0
value critical
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2019-13
5
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2019-14
reference_id mfsa2019-14
reference_type
scores
0
value critical
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2019-14
6
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2019-15
reference_id mfsa2019-15
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2019-15
fixed_packages
0
url pkg:deb/debian/firefox@150.0-1?distro=sid
purl pkg:deb/debian/firefox@150.0-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@150.0-1%3Fdistro=sid
1
url pkg:deb/debian/firefox@0?distro=sid
purl pkg:deb/debian/firefox@0?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@0%3Fdistro=sid
2
url pkg:deb/debian/firefox@149.0-1?distro=sid
purl pkg:deb/debian/firefox@149.0-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0-1%3Fdistro=sid
3
url pkg:deb/debian/firefox@149.0.2-1?distro=sid
purl pkg:deb/debian/firefox@149.0.2-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0.2-1%3Fdistro=sid
aliases CVE-2019-9818
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-8hgj-7cb6-fbbp
65
url VCID-8wa6-ce1p-fbh8
vulnerability_id VCID-8wa6-ce1p-fbh8
summary In private browsing mode on Firefox for Android, favicons are cached in the cache/icons folder as they are in non-private mode. This allows information leakage of sites visited during private browsing sessions. *Note: this issue only affects Firefox for Android. Desktop versions of Firefox are unaffected.*
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2018-12400
reference_id
reference_type
scores
0
value 0.00259
scoring_system epss
scoring_elements 0.49294
published_at 2026-04-21T12:55:00Z
1
value 0.00259
scoring_system epss
scoring_elements 0.49221
published_at 2026-04-01T12:55:00Z
2
value 0.00259
scoring_system epss
scoring_elements 0.49275
published_at 2026-04-12T12:55:00Z
3
value 0.00259
scoring_system epss
scoring_elements 0.49327
published_at 2026-04-16T12:55:00Z
4
value 0.00259
scoring_system epss
scoring_elements 0.49324
published_at 2026-04-18T12:55:00Z
5
value 0.00259
scoring_system epss
scoring_elements 0.49252
published_at 2026-04-02T12:55:00Z
6
value 0.00259
scoring_system epss
scoring_elements 0.4928
published_at 2026-04-13T12:55:00Z
7
value 0.00259
scoring_system epss
scoring_elements 0.49232
published_at 2026-04-07T12:55:00Z
8
value 0.00259
scoring_system epss
scoring_elements 0.49287
published_at 2026-04-08T12:55:00Z
9
value 0.00259
scoring_system epss
scoring_elements 0.49283
published_at 2026-04-09T12:55:00Z
10
value 0.00259
scoring_system epss
scoring_elements 0.49301
published_at 2026-04-11T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2018-12400
1
reference_url https://bugzilla.mozilla.org/show_bug.cgi?id=1448305
reference_id
reference_type
scores
url https://bugzilla.mozilla.org/show_bug.cgi?id=1448305
2
reference_url https://www.mozilla.org/security/advisories/mfsa2018-26/
reference_id
reference_type
scores
url https://www.mozilla.org/security/advisories/mfsa2018-26/
3
reference_url http://www.securityfocus.com/bid/105721
reference_id
reference_type
scores
url http://www.securityfocus.com/bid/105721
4
reference_url http://www.securitytracker.com/id/1041944
reference_id
reference_type
scores
url http://www.securitytracker.com/id/1041944
5
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*
reference_id cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*
6
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:google:android:-:*:*:*:*:*:*:*
reference_id cpe:2.3:o:google:android:-:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:google:android:-:*:*:*:*:*:*:*
7
reference_url https://nvd.nist.gov/vuln/detail/CVE-2018-12400
reference_id CVE-2018-12400
reference_type
scores
0
value 5.0
scoring_system cvssv2
scoring_elements AV:N/AC:L/Au:N/C:P/I:N/A:N
1
value 5.3
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
url https://nvd.nist.gov/vuln/detail/CVE-2018-12400
8
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2018-26
reference_id mfsa2018-26
reference_type
scores
0
value critical
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2018-26
fixed_packages
0
url pkg:deb/debian/firefox@150.0-1?distro=sid
purl pkg:deb/debian/firefox@150.0-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@150.0-1%3Fdistro=sid
1
url pkg:deb/debian/firefox@0?distro=sid
purl pkg:deb/debian/firefox@0?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@0%3Fdistro=sid
2
url pkg:deb/debian/firefox@149.0-1?distro=sid
purl pkg:deb/debian/firefox@149.0-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0-1%3Fdistro=sid
3
url pkg:deb/debian/firefox@149.0.2-1?distro=sid
purl pkg:deb/debian/firefox@149.0.2-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0.2-1%3Fdistro=sid
aliases CVE-2018-12400
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-8wa6-ce1p-fbh8
66
url VCID-8x12-urec-77e2
vulnerability_id VCID-8x12-urec-77e2
summary When transitioning in and out of fullscreen mode, a graphics object was not correctly protected; resulting in memory corruption and a potentially exploitable crash.*This bug only affects Firefox on MacOS. Other operating systems are unaffected.*
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2021-4128
reference_id
reference_type
scores
0
value 0.00234
scoring_system epss
scoring_elements 0.46242
published_at 2026-04-21T12:55:00Z
1
value 0.00234
scoring_system epss
scoring_elements 0.46182
published_at 2026-04-07T12:55:00Z
2
value 0.00234
scoring_system epss
scoring_elements 0.46238
published_at 2026-04-08T12:55:00Z
3
value 0.00234
scoring_system epss
scoring_elements 0.4624
published_at 2026-04-09T12:55:00Z
4
value 0.00234
scoring_system epss
scoring_elements 0.46263
published_at 2026-04-11T12:55:00Z
5
value 0.00234
scoring_system epss
scoring_elements 0.46235
published_at 2026-04-12T12:55:00Z
6
value 0.00234
scoring_system epss
scoring_elements 0.46245
published_at 2026-04-13T12:55:00Z
7
value 0.00234
scoring_system epss
scoring_elements 0.46302
published_at 2026-04-16T12:55:00Z
8
value 0.00234
scoring_system epss
scoring_elements 0.46298
published_at 2026-04-18T12:55:00Z
9
value 0.00352
scoring_system epss
scoring_elements 0.57529
published_at 2026-04-01T12:55:00Z
10
value 0.00352
scoring_system epss
scoring_elements 0.57613
published_at 2026-04-02T12:55:00Z
11
value 0.00352
scoring_system epss
scoring_elements 0.57634
published_at 2026-04-04T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2021-4128
1
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2021-52
reference_id mfsa2021-52
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2021-52
2
reference_url https://www.mozilla.org/security/advisories/mfsa2021-52/
reference_id mfsa2021-52
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-16T15:57:08Z/
url https://www.mozilla.org/security/advisories/mfsa2021-52/
3
reference_url https://bugzilla.mozilla.org/show_bug.cgi?id=1735852
reference_id show_bug.cgi?id=1735852
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-16T15:57:08Z/
url https://bugzilla.mozilla.org/show_bug.cgi?id=1735852
fixed_packages
0
url pkg:deb/debian/firefox@150.0-1?distro=sid
purl pkg:deb/debian/firefox@150.0-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@150.0-1%3Fdistro=sid
1
url pkg:deb/debian/firefox@0?distro=sid
purl pkg:deb/debian/firefox@0?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@0%3Fdistro=sid
2
url pkg:deb/debian/firefox@149.0-1?distro=sid
purl pkg:deb/debian/firefox@149.0-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0-1%3Fdistro=sid
3
url pkg:deb/debian/firefox@149.0.2-1?distro=sid
purl pkg:deb/debian/firefox@149.0.2-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0.2-1%3Fdistro=sid
aliases CVE-2021-4128
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-8x12-urec-77e2
67
url VCID-92b6-64g1-3kbn
vulnerability_id VCID-92b6-64g1-3kbn
summary When redirecting to an invalid protocol scheme, an attacker could spoof the address bar. *Note: This issue only affected Android operating systems. Other operating systems are unaffected.*
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-0244.json
reference_id
reference_type
scores
0
value 8.1
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-0244.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2025-0244
reference_id
reference_type
scores
0
value 0.07489
scoring_system epss
scoring_elements 0.918
published_at 2026-04-18T12:55:00Z
1
value 0.07489
scoring_system epss
scoring_elements 0.91755
published_at 2026-04-02T12:55:00Z
2
value 0.07489
scoring_system epss
scoring_elements 0.91808
published_at 2026-04-16T12:55:00Z
3
value 0.07489
scoring_system epss
scoring_elements 0.91792
published_at 2026-04-12T12:55:00Z
4
value 0.07489
scoring_system epss
scoring_elements 0.91791
published_at 2026-04-11T12:55:00Z
5
value 0.07489
scoring_system epss
scoring_elements 0.91788
published_at 2026-04-13T12:55:00Z
6
value 0.07489
scoring_system epss
scoring_elements 0.91761
published_at 2026-04-04T12:55:00Z
7
value 0.07489
scoring_system epss
scoring_elements 0.91781
published_at 2026-04-08T12:55:00Z
8
value 0.07489
scoring_system epss
scoring_elements 0.91768
published_at 2026-04-07T12:55:00Z
9
value 0.07678
scoring_system epss
scoring_elements 0.91917
published_at 2026-04-21T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2025-0244
2
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
3
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2336187
reference_id 2336187
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2336187
4
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2025-01
reference_id mfsa2025-01
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2025-01
5
reference_url https://www.mozilla.org/security/advisories/mfsa2025-01/
reference_id mfsa2025-01
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-08T15:16:18Z/
url https://www.mozilla.org/security/advisories/mfsa2025-01/
6
reference_url https://bugzilla.mozilla.org/show_bug.cgi?id=1929584
reference_id show_bug.cgi?id=1929584
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-08T15:16:18Z/
url https://bugzilla.mozilla.org/show_bug.cgi?id=1929584
fixed_packages
0
url pkg:deb/debian/firefox@150.0-1?distro=sid
purl pkg:deb/debian/firefox@150.0-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@150.0-1%3Fdistro=sid
1
url pkg:deb/debian/firefox@0?distro=sid
purl pkg:deb/debian/firefox@0?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@0%3Fdistro=sid
2
url pkg:deb/debian/firefox@149.0-1?distro=sid
purl pkg:deb/debian/firefox@149.0-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0-1%3Fdistro=sid
3
url pkg:deb/debian/firefox@149.0.2-1?distro=sid
purl pkg:deb/debian/firefox@149.0.2-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0.2-1%3Fdistro=sid
aliases CVE-2025-0244
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-92b6-64g1-3kbn
68
url VCID-942z-zc2a-n3cc
vulnerability_id VCID-942z-zc2a-n3cc
summary Multiple vulnerabilities have been discovered in Mozilla Firefox, the worst of which could result in arbitrary code execution.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2022-45413
reference_id
reference_type
scores
0
value 0.00169
scoring_system epss
scoring_elements 0.38042
published_at 2026-04-21T12:55:00Z
1
value 0.00169
scoring_system epss
scoring_elements 0.38171
published_at 2026-04-02T12:55:00Z
2
value 0.00169
scoring_system epss
scoring_elements 0.3814
published_at 2026-04-11T12:55:00Z
3
value 0.00169
scoring_system epss
scoring_elements 0.38104
published_at 2026-04-12T12:55:00Z
4
value 0.00169
scoring_system epss
scoring_elements 0.3808
published_at 2026-04-13T12:55:00Z
5
value 0.00169
scoring_system epss
scoring_elements 0.38125
published_at 2026-04-16T12:55:00Z
6
value 0.00169
scoring_system epss
scoring_elements 0.38106
published_at 2026-04-18T12:55:00Z
7
value 0.00169
scoring_system epss
scoring_elements 0.38193
published_at 2026-04-04T12:55:00Z
8
value 0.00169
scoring_system epss
scoring_elements 0.38064
published_at 2026-04-07T12:55:00Z
9
value 0.00169
scoring_system epss
scoring_elements 0.38114
published_at 2026-04-08T12:55:00Z
10
value 0.00169
scoring_system epss
scoring_elements 0.38122
published_at 2026-04-09T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2022-45413
1
reference_url https://security.gentoo.org/glsa/202211-06
reference_id GLSA-202211-06
reference_type
scores
url https://security.gentoo.org/glsa/202211-06
2
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2022-47
reference_id mfsa2022-47
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2022-47
3
reference_url https://www.mozilla.org/security/advisories/mfsa2022-47/
reference_id mfsa2022-47
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-15T15:01:41Z/
url https://www.mozilla.org/security/advisories/mfsa2022-47/
4
reference_url https://bugzilla.mozilla.org/show_bug.cgi?id=1791201
reference_id show_bug.cgi?id=1791201
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-15T15:01:41Z/
url https://bugzilla.mozilla.org/show_bug.cgi?id=1791201
5
reference_url https://usn.ubuntu.com/5726-1/
reference_id USN-5726-1
reference_type
scores
url https://usn.ubuntu.com/5726-1/
fixed_packages
0
url pkg:deb/debian/firefox@150.0-1?distro=sid
purl pkg:deb/debian/firefox@150.0-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@150.0-1%3Fdistro=sid
1
url pkg:deb/debian/firefox@0?distro=sid
purl pkg:deb/debian/firefox@0?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@0%3Fdistro=sid
2
url pkg:deb/debian/firefox@149.0-1?distro=sid
purl pkg:deb/debian/firefox@149.0-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0-1%3Fdistro=sid
3
url pkg:deb/debian/firefox@149.0.2-1?distro=sid
purl pkg:deb/debian/firefox@149.0.2-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0.2-1%3Fdistro=sid
aliases CVE-2022-45413
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-942z-zc2a-n3cc
69
url VCID-96tr-zf8q-gkfu
vulnerability_id VCID-96tr-zf8q-gkfu
summary An attacker could have performed HTML template injection via Reader Mode and exfiltrated user information.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2023-49061
reference_id
reference_type
scores
0
value 0.002
scoring_system epss
scoring_elements 0.42031
published_at 2026-04-21T12:55:00Z
1
value 0.002
scoring_system epss
scoring_elements 0.42088
published_at 2026-04-02T12:55:00Z
2
value 0.002
scoring_system epss
scoring_elements 0.42116
published_at 2026-04-04T12:55:00Z
3
value 0.002
scoring_system epss
scoring_elements 0.42053
published_at 2026-04-07T12:55:00Z
4
value 0.002
scoring_system epss
scoring_elements 0.42105
published_at 2026-04-08T12:55:00Z
5
value 0.002
scoring_system epss
scoring_elements 0.42117
published_at 2026-04-09T12:55:00Z
6
value 0.002
scoring_system epss
scoring_elements 0.42138
published_at 2026-04-11T12:55:00Z
7
value 0.002
scoring_system epss
scoring_elements 0.42101
published_at 2026-04-18T12:55:00Z
8
value 0.002
scoring_system epss
scoring_elements 0.42076
published_at 2026-04-13T12:55:00Z
9
value 0.002
scoring_system epss
scoring_elements 0.42128
published_at 2026-04-16T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2023-49061
1
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2023-51
reference_id mfsa2023-51
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2023-51
fixed_packages
0
url pkg:deb/debian/firefox@150.0-1?distro=sid
purl pkg:deb/debian/firefox@150.0-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@150.0-1%3Fdistro=sid
1
url pkg:deb/debian/firefox@0?distro=sid
purl pkg:deb/debian/firefox@0?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@0%3Fdistro=sid
2
url pkg:deb/debian/firefox@149.0-1?distro=sid
purl pkg:deb/debian/firefox@149.0-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0-1%3Fdistro=sid
3
url pkg:deb/debian/firefox@149.0.2-1?distro=sid
purl pkg:deb/debian/firefox@149.0.2-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0.2-1%3Fdistro=sid
aliases CVE-2023-49061
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-96tr-zf8q-gkfu
70
url VCID-9bth-c8sa-mkdk
vulnerability_id VCID-9bth-c8sa-mkdk
summary An attacker could have accessed internal pages or data by ex-filtrating a security key from ReaderMode via the referrerpolicy attribute.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2023-49060
reference_id
reference_type
scores
0
value 0.00461
scoring_system epss
scoring_elements 0.64189
published_at 2026-04-18T12:55:00Z
1
value 0.00461
scoring_system epss
scoring_elements 0.64116
published_at 2026-04-02T12:55:00Z
2
value 0.00461
scoring_system epss
scoring_elements 0.64143
published_at 2026-04-04T12:55:00Z
3
value 0.00461
scoring_system epss
scoring_elements 0.64103
published_at 2026-04-07T12:55:00Z
4
value 0.00461
scoring_system epss
scoring_elements 0.64154
published_at 2026-04-08T12:55:00Z
5
value 0.00461
scoring_system epss
scoring_elements 0.6417
published_at 2026-04-09T12:55:00Z
6
value 0.00461
scoring_system epss
scoring_elements 0.64182
published_at 2026-04-11T12:55:00Z
7
value 0.00461
scoring_system epss
scoring_elements 0.64171
published_at 2026-04-12T12:55:00Z
8
value 0.00461
scoring_system epss
scoring_elements 0.64142
published_at 2026-04-13T12:55:00Z
9
value 0.00461
scoring_system epss
scoring_elements 0.64178
published_at 2026-04-21T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2023-49060
1
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2023-51
reference_id mfsa2023-51
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2023-51
fixed_packages
0
url pkg:deb/debian/firefox@150.0-1?distro=sid
purl pkg:deb/debian/firefox@150.0-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@150.0-1%3Fdistro=sid
1
url pkg:deb/debian/firefox@0?distro=sid
purl pkg:deb/debian/firefox@0?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@0%3Fdistro=sid
2
url pkg:deb/debian/firefox@149.0-1?distro=sid
purl pkg:deb/debian/firefox@149.0-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0-1%3Fdistro=sid
3
url pkg:deb/debian/firefox@149.0.2-1?distro=sid
purl pkg:deb/debian/firefox@149.0.2-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0.2-1%3Fdistro=sid
aliases CVE-2023-49060
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-9bth-c8sa-mkdk
71
url VCID-9h1s-hhn8-9ydy
vulnerability_id VCID-9h1s-hhn8-9ydy
summary Using an AMP url with a canonical element, an attacker could have executed JavaScript from an opened bookmarked page.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2024-26282
reference_id
reference_type
scores
0
value 0.00405
scoring_system epss
scoring_elements 0.61025
published_at 2026-04-21T12:55:00Z
1
value 0.00405
scoring_system epss
scoring_elements 0.61027
published_at 2026-04-11T12:55:00Z
2
value 0.00405
scoring_system epss
scoring_elements 0.61012
published_at 2026-04-12T12:55:00Z
3
value 0.00405
scoring_system epss
scoring_elements 0.60993
published_at 2026-04-13T12:55:00Z
4
value 0.00405
scoring_system epss
scoring_elements 0.61034
published_at 2026-04-16T12:55:00Z
5
value 0.00405
scoring_system epss
scoring_elements 0.6104
published_at 2026-04-18T12:55:00Z
6
value 0.00405
scoring_system epss
scoring_elements 0.60946
published_at 2026-04-02T12:55:00Z
7
value 0.00405
scoring_system epss
scoring_elements 0.60976
published_at 2026-04-04T12:55:00Z
8
value 0.00405
scoring_system epss
scoring_elements 0.60941
published_at 2026-04-07T12:55:00Z
9
value 0.00405
scoring_system epss
scoring_elements 0.6099
published_at 2026-04-08T12:55:00Z
10
value 0.00405
scoring_system epss
scoring_elements 0.61006
published_at 2026-04-09T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2024-26282
1
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2024-08
reference_id mfsa2024-08
reference_type
scores
0
value none
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2024-08
2
reference_url https://www.mozilla.org/security/advisories/mfsa2024-08/
reference_id mfsa2024-08
reference_type
scores
0
value 7.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:H/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-22T18:20:57Z/
url https://www.mozilla.org/security/advisories/mfsa2024-08/
3
reference_url https://bugzilla.mozilla.org/show_bug.cgi?id=1863788
reference_id show_bug.cgi?id=1863788
reference_type
scores
0
value 7.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:H/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-22T18:20:57Z/
url https://bugzilla.mozilla.org/show_bug.cgi?id=1863788
fixed_packages
0
url pkg:deb/debian/firefox@150.0-1?distro=sid
purl pkg:deb/debian/firefox@150.0-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@150.0-1%3Fdistro=sid
1
url pkg:deb/debian/firefox@0?distro=sid
purl pkg:deb/debian/firefox@0?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@0%3Fdistro=sid
2
url pkg:deb/debian/firefox@149.0-1?distro=sid
purl pkg:deb/debian/firefox@149.0-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0-1%3Fdistro=sid
3
url pkg:deb/debian/firefox@149.0.2-1?distro=sid
purl pkg:deb/debian/firefox@149.0.2-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0.2-1%3Fdistro=sid
aliases CVE-2024-26282
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-9h1s-hhn8-9ydy
72
url VCID-9hep-yqmw-8bg4
vulnerability_id VCID-9hep-yqmw-8bg4
summary When a new Firefox profile is created on 64-bit Windows installations, the sandbox for 64-bit NPAPI plugins is not enabled by default. *Note: This issue only affects 64-bit Windows. 32-bit Windows and other operating systems are unaffected.*
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2016-9072
reference_id
reference_type
scores
0
value 0.00369
scoring_system epss
scoring_elements 0.58789
published_at 2026-04-21T12:55:00Z
1
value 0.00369
scoring_system epss
scoring_elements 0.58661
published_at 2026-04-01T12:55:00Z
2
value 0.00369
scoring_system epss
scoring_elements 0.58811
published_at 2026-04-18T12:55:00Z
3
value 0.00369
scoring_system epss
scoring_elements 0.58773
published_at 2026-04-13T12:55:00Z
4
value 0.00369
scoring_system epss
scoring_elements 0.58806
published_at 2026-04-16T12:55:00Z
5
value 0.00369
scoring_system epss
scoring_elements 0.58744
published_at 2026-04-02T12:55:00Z
6
value 0.00369
scoring_system epss
scoring_elements 0.58765
published_at 2026-04-04T12:55:00Z
7
value 0.00369
scoring_system epss
scoring_elements 0.58733
published_at 2026-04-07T12:55:00Z
8
value 0.00369
scoring_system epss
scoring_elements 0.58786
published_at 2026-04-08T12:55:00Z
9
value 0.00369
scoring_system epss
scoring_elements 0.58793
published_at 2026-04-12T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2016-9072
1
reference_url https://bugzilla.mozilla.org/show_bug.cgi?id=1300083
reference_id
reference_type
scores
url https://bugzilla.mozilla.org/show_bug.cgi?id=1300083
2
reference_url https://www.mozilla.org/security/advisories/mfsa2016-89/
reference_id
reference_type
scores
url https://www.mozilla.org/security/advisories/mfsa2016-89/
3
reference_url http://www.securityfocus.com/bid/94337
reference_id
reference_type
scores
url http://www.securityfocus.com/bid/94337
4
reference_url http://www.securitytracker.com/id/1037298
reference_id
reference_type
scores
url http://www.securitytracker.com/id/1037298
5
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*
reference_id cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*
6
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:x64:*
reference_id cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:x64:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:x64:*
7
reference_url https://nvd.nist.gov/vuln/detail/CVE-2016-9072
reference_id CVE-2016-9072
reference_type
scores
0
value 5.0
scoring_system cvssv2
scoring_elements AV:N/AC:L/Au:N/C:N/I:P/A:N
1
value 7.5
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
url https://nvd.nist.gov/vuln/detail/CVE-2016-9072
8
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2016-89
reference_id mfsa2016-89
reference_type
scores
0
value critical
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2016-89
fixed_packages
0
url pkg:deb/debian/firefox@150.0-1?distro=sid
purl pkg:deb/debian/firefox@150.0-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@150.0-1%3Fdistro=sid
1
url pkg:deb/debian/firefox@0?distro=sid
purl pkg:deb/debian/firefox@0?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@0%3Fdistro=sid
2
url pkg:deb/debian/firefox@149.0-1?distro=sid
purl pkg:deb/debian/firefox@149.0-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0-1%3Fdistro=sid
3
url pkg:deb/debian/firefox@149.0.2-1?distro=sid
purl pkg:deb/debian/firefox@149.0.2-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0.2-1%3Fdistro=sid
aliases CVE-2016-9072
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-9hep-yqmw-8bg4
73
url VCID-9tnr-m8mg-3ffw
vulnerability_id VCID-9tnr-m8mg-3ffw
summary Due to insufficient escaping of the ampersand character in the “Copy as cURL” feature, an attacker could trick a user into using this command, potentially leading to local code execution on the user's system.*This bug only affects Firefox for Windows. Other versions of Firefox are unaffected.*
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-5265.json
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-5265.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2025-5265
reference_id
reference_type
scores
0
value 0.00059
scoring_system epss
scoring_elements 0.18475
published_at 2026-04-21T12:55:00Z
1
value 0.00059
scoring_system epss
scoring_elements 0.18453
published_at 2026-04-18T12:55:00Z
2
value 0.00059
scoring_system epss
scoring_elements 0.18444
published_at 2026-04-16T12:55:00Z
3
value 0.00059
scoring_system epss
scoring_elements 0.18466
published_at 2026-04-07T12:55:00Z
4
value 0.00059
scoring_system epss
scoring_elements 0.18602
published_at 2026-04-11T12:55:00Z
5
value 0.00059
scoring_system epss
scoring_elements 0.186
published_at 2026-04-09T12:55:00Z
6
value 0.00059
scoring_system epss
scoring_elements 0.18547
published_at 2026-04-08T12:55:00Z
7
value 0.00059
scoring_system epss
scoring_elements 0.1875
published_at 2026-04-04T12:55:00Z
8
value 0.00059
scoring_system epss
scoring_elements 0.18696
published_at 2026-04-02T12:55:00Z
9
value 0.00059
scoring_system epss
scoring_elements 0.18502
published_at 2026-04-13T12:55:00Z
10
value 0.00059
scoring_system epss
scoring_elements 0.18555
published_at 2026-04-12T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2025-5265
2
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 4.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:L
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
3
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2368748
reference_id 2368748
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2368748
4
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2025-42
reference_id mfsa2025-42
reference_type
scores
0
value critical
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2025-42
5
reference_url https://www.mozilla.org/security/advisories/mfsa2025-42/
reference_id mfsa2025-42
reference_type
scores
0
value 4.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:L
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-05-28T03:55:57Z/
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-27T15:10:15Z/
url https://www.mozilla.org/security/advisories/mfsa2025-42/
6
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2025-43
reference_id mfsa2025-43
reference_type
scores
0
value critical
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2025-43
7
reference_url https://www.mozilla.org/security/advisories/mfsa2025-43/
reference_id mfsa2025-43
reference_type
scores
0
value 4.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:L
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-05-28T03:55:57Z/
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-27T15:10:15Z/
url https://www.mozilla.org/security/advisories/mfsa2025-43/
8
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2025-44
reference_id mfsa2025-44
reference_type
scores
0
value critical
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2025-44
9
reference_url https://www.mozilla.org/security/advisories/mfsa2025-44/
reference_id mfsa2025-44
reference_type
scores
0
value 4.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:L
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-05-28T03:55:57Z/
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-27T15:10:15Z/
url https://www.mozilla.org/security/advisories/mfsa2025-44/
10
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2025-45
reference_id mfsa2025-45
reference_type
scores
0
value critical
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2025-45
11
reference_url https://www.mozilla.org/security/advisories/mfsa2025-45/
reference_id mfsa2025-45
reference_type
scores
0
value 4.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:L
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-27T15:10:15Z/
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-05-28T03:55:57Z/
url https://www.mozilla.org/security/advisories/mfsa2025-45/
12
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2025-46
reference_id mfsa2025-46
reference_type
scores
0
value critical
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2025-46
13
reference_url https://www.mozilla.org/security/advisories/mfsa2025-46/
reference_id mfsa2025-46
reference_type
scores
0
value 4.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:L
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-05-28T03:55:57Z/
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-27T15:10:15Z/
url https://www.mozilla.org/security/advisories/mfsa2025-46/
14
reference_url https://bugzilla.mozilla.org/show_bug.cgi?id=1962301
reference_id show_bug.cgi?id=1962301
reference_type
scores
0
value 4.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:L
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-05-28T03:55:57Z/
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-27T15:10:15Z/
url https://bugzilla.mozilla.org/show_bug.cgi?id=1962301
15
reference_url https://usn.ubuntu.com/7663-1/
reference_id USN-7663-1
reference_type
scores
url https://usn.ubuntu.com/7663-1/
fixed_packages
0
url pkg:deb/debian/firefox@150.0-1?distro=sid
purl pkg:deb/debian/firefox@150.0-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@150.0-1%3Fdistro=sid
1
url pkg:deb/debian/firefox@0?distro=sid
purl pkg:deb/debian/firefox@0?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@0%3Fdistro=sid
2
url pkg:deb/debian/firefox@149.0-1?distro=sid
purl pkg:deb/debian/firefox@149.0-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0-1%3Fdistro=sid
3
url pkg:deb/debian/firefox@149.0.2-1?distro=sid
purl pkg:deb/debian/firefox@149.0.2-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0.2-1%3Fdistro=sid
aliases CVE-2025-5265
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-9tnr-m8mg-3ffw
74
url VCID-a2as-nfu2-ykax
vulnerability_id VCID-a2as-nfu2-ykax
summary Multiple vulnerabilities have been found in Mozilla Thunderbird, the worst of which could lead to remote code execution.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-32214.json
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-32214.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2023-32214
reference_id
reference_type
scores
0
value 0.00229
scoring_system epss
scoring_elements 0.45719
published_at 2026-04-12T12:55:00Z
1
value 0.00229
scoring_system epss
scoring_elements 0.45749
published_at 2026-04-11T12:55:00Z
2
value 0.00229
scoring_system epss
scoring_elements 0.45731
published_at 2026-04-08T12:55:00Z
3
value 0.00229
scoring_system epss
scoring_elements 0.45707
published_at 2026-04-02T12:55:00Z
4
value 0.00229
scoring_system epss
scoring_elements 0.45727
published_at 2026-04-13T12:55:00Z
5
value 0.00229
scoring_system epss
scoring_elements 0.45675
published_at 2026-04-07T12:55:00Z
6
value 0.00244
scoring_system epss
scoring_elements 0.47731
published_at 2026-04-21T12:55:00Z
7
value 0.00244
scoring_system epss
scoring_elements 0.47787
published_at 2026-04-16T12:55:00Z
8
value 0.00244
scoring_system epss
scoring_elements 0.4778
published_at 2026-04-18T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2023-32214
2
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2196743
reference_id 2196743
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2196743
3
reference_url https://security.gentoo.org/glsa/202312-03
reference_id GLSA-202312-03
reference_type
scores
url https://security.gentoo.org/glsa/202312-03
4
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2023-16
reference_id mfsa2023-16
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2023-16
5
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2023-17
reference_id mfsa2023-17
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2023-17
6
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2023-18
reference_id mfsa2023-18
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2023-18
fixed_packages
0
url pkg:deb/debian/firefox@150.0-1?distro=sid
purl pkg:deb/debian/firefox@150.0-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@150.0-1%3Fdistro=sid
1
url pkg:deb/debian/firefox@0?distro=sid
purl pkg:deb/debian/firefox@0?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@0%3Fdistro=sid
2
url pkg:deb/debian/firefox@149.0-1?distro=sid
purl pkg:deb/debian/firefox@149.0-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0-1%3Fdistro=sid
3
url pkg:deb/debian/firefox@149.0.2-1?distro=sid
purl pkg:deb/debian/firefox@149.0.2-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0.2-1%3Fdistro=sid
aliases CVE-2023-32214
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-a2as-nfu2-ykax
75
url VCID-a68p-hcz6-jffj
vulnerability_id VCID-a68p-hcz6-jffj
summary The Firefox content processes did not sufficiently lockdown access control which could result in a sandbox escape.*Note: this issue only affects Firefox on Windows operating systems.*
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-12388.json
reference_id
reference_type
scores
0
value 10.0
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-12388.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2020-12388
reference_id
reference_type
scores
0
value 0.0071
scoring_system epss
scoring_elements 0.72256
published_at 2026-04-21T12:55:00Z
1
value 0.0071
scoring_system epss
scoring_elements 0.72216
published_at 2026-04-13T12:55:00Z
2
value 0.0071
scoring_system epss
scoring_elements 0.72259
published_at 2026-04-16T12:55:00Z
3
value 0.0071
scoring_system epss
scoring_elements 0.72269
published_at 2026-04-18T12:55:00Z
4
value 0.0071
scoring_system epss
scoring_elements 0.72174
published_at 2026-04-07T12:55:00Z
5
value 0.0071
scoring_system epss
scoring_elements 0.72179
published_at 2026-04-02T12:55:00Z
6
value 0.0071
scoring_system epss
scoring_elements 0.722
published_at 2026-04-04T12:55:00Z
7
value 0.0071
scoring_system epss
scoring_elements 0.72211
published_at 2026-04-08T12:55:00Z
8
value 0.0071
scoring_system epss
scoring_elements 0.72223
published_at 2026-04-09T12:55:00Z
9
value 0.0071
scoring_system epss
scoring_elements 0.72247
published_at 2026-04-11T12:55:00Z
10
value 0.0071
scoring_system epss
scoring_elements 0.7223
published_at 2026-04-12T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2020-12388
2
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
3
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1831944
reference_id 1831944
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1831944
4
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2020-16
reference_id mfsa2020-16
reference_type
scores
0
value critical
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2020-16
5
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2020-17
reference_id mfsa2020-17
reference_type
scores
0
value critical
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2020-17
fixed_packages
0
url pkg:deb/debian/firefox@150.0-1?distro=sid
purl pkg:deb/debian/firefox@150.0-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@150.0-1%3Fdistro=sid
1
url pkg:deb/debian/firefox@0?distro=sid
purl pkg:deb/debian/firefox@0?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@0%3Fdistro=sid
2
url pkg:deb/debian/firefox@149.0-1?distro=sid
purl pkg:deb/debian/firefox@149.0-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0-1%3Fdistro=sid
3
url pkg:deb/debian/firefox@149.0.2-1?distro=sid
purl pkg:deb/debian/firefox@149.0.2-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0.2-1%3Fdistro=sid
aliases CVE-2020-12388
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-a68p-hcz6-jffj
76
url VCID-a9j8-ync3-jfgy
vulnerability_id VCID-a9j8-ync3-jfgy
summary Multiple vulnerabilities have been found in Mozilla Firefox, the worst of which could lead to remote code execution.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2023-5758
reference_id
reference_type
scores
0
value 0.00297
scoring_system epss
scoring_elements 0.53144
published_at 2026-04-21T12:55:00Z
1
value 0.00297
scoring_system epss
scoring_elements 0.53057
published_at 2026-04-02T12:55:00Z
2
value 0.00297
scoring_system epss
scoring_elements 0.53101
published_at 2026-04-08T12:55:00Z
3
value 0.00297
scoring_system epss
scoring_elements 0.53094
published_at 2026-04-09T12:55:00Z
4
value 0.00297
scoring_system epss
scoring_elements 0.53145
published_at 2026-04-11T12:55:00Z
5
value 0.00297
scoring_system epss
scoring_elements 0.5313
published_at 2026-04-12T12:55:00Z
6
value 0.00297
scoring_system epss
scoring_elements 0.53113
published_at 2026-04-13T12:55:00Z
7
value 0.00297
scoring_system epss
scoring_elements 0.53154
published_at 2026-04-16T12:55:00Z
8
value 0.00297
scoring_system epss
scoring_elements 0.53162
published_at 2026-04-18T12:55:00Z
9
value 0.00297
scoring_system epss
scoring_elements 0.53082
published_at 2026-04-04T12:55:00Z
10
value 0.00297
scoring_system epss
scoring_elements 0.5305
published_at 2026-04-07T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2023-5758
1
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2023-48
reference_id mfsa2023-48
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2023-48
2
reference_url https://www.mozilla.org/security/advisories/mfsa2023-48/
reference_id mfsa2023-48
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-12T14:59:16Z/
url https://www.mozilla.org/security/advisories/mfsa2023-48/
3
reference_url https://bugzilla.mozilla.org/show_bug.cgi?id=1850019
reference_id show_bug.cgi?id=1850019
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-12T14:59:16Z/
url https://bugzilla.mozilla.org/show_bug.cgi?id=1850019
fixed_packages
0
url pkg:deb/debian/firefox@150.0-1?distro=sid
purl pkg:deb/debian/firefox@150.0-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@150.0-1%3Fdistro=sid
1
url pkg:deb/debian/firefox@0?distro=sid
purl pkg:deb/debian/firefox@0?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@0%3Fdistro=sid
2
url pkg:deb/debian/firefox@149.0-1?distro=sid
purl pkg:deb/debian/firefox@149.0-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0-1%3Fdistro=sid
3
url pkg:deb/debian/firefox@149.0.2-1?distro=sid
purl pkg:deb/debian/firefox@149.0.2-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0.2-1%3Fdistro=sid
aliases CVE-2023-5758
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-a9j8-ync3-jfgy
77
url VCID-aby2-r7bt-vybb
vulnerability_id VCID-aby2-r7bt-vybb
summary 
Multiple vulnerabilities have been found in Mozilla Firefox, the
    worst of which could result in the arbitrary execution of code.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2021-23977
reference_id
reference_type
scores
0
value 0.00372
scoring_system epss
scoring_elements 0.59012
published_at 2026-04-18T12:55:00Z
1
value 0.00372
scoring_system epss
scoring_elements 0.5887
published_at 2026-04-01T12:55:00Z
2
value 0.00372
scoring_system epss
scoring_elements 0.58992
published_at 2026-04-12T12:55:00Z
3
value 0.00372
scoring_system epss
scoring_elements 0.58974
published_at 2026-04-13T12:55:00Z
4
value 0.00372
scoring_system epss
scoring_elements 0.59008
published_at 2026-04-16T12:55:00Z
5
value 0.00372
scoring_system epss
scoring_elements 0.58945
published_at 2026-04-02T12:55:00Z
6
value 0.00372
scoring_system epss
scoring_elements 0.58968
published_at 2026-04-04T12:55:00Z
7
value 0.00372
scoring_system epss
scoring_elements 0.58934
published_at 2026-04-07T12:55:00Z
8
value 0.00372
scoring_system epss
scoring_elements 0.58986
published_at 2026-04-08T12:55:00Z
9
value 0.00372
scoring_system epss
scoring_elements 0.58991
published_at 2026-04-21T12:55:00Z
10
value 0.00372
scoring_system epss
scoring_elements 0.59011
published_at 2026-04-11T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2021-23977
1
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
2
reference_url https://security.archlinux.org/AVG-1600
reference_id AVG-1600
reference_type
scores
0
value Medium
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-1600
3
reference_url https://security.gentoo.org/glsa/202104-10
reference_id GLSA-202104-10
reference_type
scores
url https://security.gentoo.org/glsa/202104-10
4
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2021-07
reference_id mfsa2021-07
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2021-07
fixed_packages
0
url pkg:deb/debian/firefox@150.0-1?distro=sid
purl pkg:deb/debian/firefox@150.0-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@150.0-1%3Fdistro=sid
1
url pkg:deb/debian/firefox@0?distro=sid
purl pkg:deb/debian/firefox@0?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@0%3Fdistro=sid
2
url pkg:deb/debian/firefox@149.0-1?distro=sid
purl pkg:deb/debian/firefox@149.0-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0-1%3Fdistro=sid
3
url pkg:deb/debian/firefox@149.0.2-1?distro=sid
purl pkg:deb/debian/firefox@149.0.2-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0.2-1%3Fdistro=sid
aliases CVE-2021-23977
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-aby2-r7bt-vybb
78
url VCID-af5n-5ye1-s3fd
vulnerability_id VCID-af5n-5ye1-s3fd
summary Mozilla Firefox before 3.6 is vulnerable to XSS via the rendering of Cascading Style Sheets
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2011-2670
reference_id
reference_type
scores
0
value 0.00328
scoring_system epss
scoring_elements 0.55661
published_at 2026-04-01T12:55:00Z
1
value 0.00328
scoring_system epss
scoring_elements 0.55772
published_at 2026-04-02T12:55:00Z
2
value 0.00328
scoring_system epss
scoring_elements 0.55795
published_at 2026-04-04T12:55:00Z
3
value 0.00328
scoring_system epss
scoring_elements 0.55775
published_at 2026-04-07T12:55:00Z
4
value 0.00328
scoring_system epss
scoring_elements 0.55826
published_at 2026-04-08T12:55:00Z
5
value 0.00328
scoring_system epss
scoring_elements 0.55829
published_at 2026-04-09T12:55:00Z
6
value 0.00328
scoring_system epss
scoring_elements 0.55837
published_at 2026-04-11T12:55:00Z
7
value 0.00328
scoring_system epss
scoring_elements 0.55818
published_at 2026-04-21T12:55:00Z
8
value 0.00328
scoring_system epss
scoring_elements 0.558
published_at 2026-04-13T12:55:00Z
9
value 0.00328
scoring_system epss
scoring_elements 0.55838
published_at 2026-04-16T12:55:00Z
10
value 0.00328
scoring_system epss
scoring_elements 0.55842
published_at 2026-04-18T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2011-2670
fixed_packages
0
url pkg:deb/debian/firefox@150.0-1?distro=sid
purl pkg:deb/debian/firefox@150.0-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@150.0-1%3Fdistro=sid
1
url pkg:deb/debian/firefox@0?distro=sid
purl pkg:deb/debian/firefox@0?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@0%3Fdistro=sid
2
url pkg:deb/debian/firefox@149.0-1?distro=sid
purl pkg:deb/debian/firefox@149.0-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0-1%3Fdistro=sid
3
url pkg:deb/debian/firefox@149.0.2-1?distro=sid
purl pkg:deb/debian/firefox@149.0.2-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0.2-1%3Fdistro=sid
aliases CVE-2011-2670
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-af5n-5ye1-s3fd
79
url VCID-akhr-nck5-sfh2
vulnerability_id VCID-akhr-nck5-sfh2
summary When opening a Windows shortcut from the local filesystem, an attacker could supply a remote path that would lead to unexpected network requests from the operating system.This bug only affects Thunderbird for Windows. Other operating systems are unaffected.*
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-36314.json
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-36314.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2022-36314
reference_id
reference_type
scores
0
value 0.00043
scoring_system epss
scoring_elements 0.13098
published_at 2026-04-21T12:55:00Z
1
value 0.00043
scoring_system epss
scoring_elements 0.13
published_at 2026-04-18T12:55:00Z
2
value 0.00043
scoring_system epss
scoring_elements 0.12997
published_at 2026-04-16T12:55:00Z
3
value 0.00043
scoring_system epss
scoring_elements 0.13219
published_at 2026-04-02T12:55:00Z
4
value 0.00043
scoring_system epss
scoring_elements 0.13096
published_at 2026-04-13T12:55:00Z
5
value 0.00043
scoring_system epss
scoring_elements 0.13148
published_at 2026-04-12T12:55:00Z
6
value 0.00043
scoring_system epss
scoring_elements 0.13185
published_at 2026-04-11T12:55:00Z
7
value 0.00043
scoring_system epss
scoring_elements 0.13217
published_at 2026-04-09T12:55:00Z
8
value 0.00043
scoring_system epss
scoring_elements 0.13165
published_at 2026-04-08T12:55:00Z
9
value 0.00043
scoring_system epss
scoring_elements 0.13285
published_at 2026-04-04T12:55:00Z
10
value 0.00043
scoring_system epss
scoring_elements 0.13084
published_at 2026-04-07T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2022-36314
2
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
3
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2111909
reference_id 2111909
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2111909
4
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2022-28
reference_id mfsa2022-28
reference_type
scores
0
value none
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2022-28
5
reference_url https://www.mozilla.org/security/advisories/mfsa2022-28/
reference_id mfsa2022-28
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-15T17:33:47Z/
url https://www.mozilla.org/security/advisories/mfsa2022-28/
6
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2022-30
reference_id mfsa2022-30
reference_type
scores
0
value none
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2022-30
7
reference_url https://www.mozilla.org/security/advisories/mfsa2022-30/
reference_id mfsa2022-30
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-15T17:33:47Z/
url https://www.mozilla.org/security/advisories/mfsa2022-30/
8
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2022-32
reference_id mfsa2022-32
reference_type
scores
0
value none
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2022-32
9
reference_url https://www.mozilla.org/security/advisories/mfsa2022-32/
reference_id mfsa2022-32
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-15T17:33:47Z/
url https://www.mozilla.org/security/advisories/mfsa2022-32/
10
reference_url https://bugzilla.mozilla.org/show_bug.cgi?id=1773894
reference_id show_bug.cgi?id=1773894
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-15T17:33:47Z/
url https://bugzilla.mozilla.org/show_bug.cgi?id=1773894
fixed_packages
0
url pkg:deb/debian/firefox@150.0-1?distro=sid
purl pkg:deb/debian/firefox@150.0-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@150.0-1%3Fdistro=sid
1
url pkg:deb/debian/firefox@0?distro=sid
purl pkg:deb/debian/firefox@0?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@0%3Fdistro=sid
2
url pkg:deb/debian/firefox@149.0-1?distro=sid
purl pkg:deb/debian/firefox@149.0-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0-1%3Fdistro=sid
3
url pkg:deb/debian/firefox@149.0.2-1?distro=sid
purl pkg:deb/debian/firefox@149.0.2-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0.2-1%3Fdistro=sid
aliases CVE-2022-36314
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-akhr-nck5-sfh2
80
url VCID-akwm-tx92-bqfs
vulnerability_id VCID-akwm-tx92-bqfs
summary Mozilla Firefox through 1.5.0.3 has a vulnerability in processing the content-length header
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2011-2668
reference_id
reference_type
scores
0
value 0.00418
scoring_system epss
scoring_elements 0.61722
published_at 2026-04-01T12:55:00Z
1
value 0.00418
scoring_system epss
scoring_elements 0.61796
published_at 2026-04-07T12:55:00Z
2
value 0.00418
scoring_system epss
scoring_elements 0.61826
published_at 2026-04-04T12:55:00Z
3
value 0.00418
scoring_system epss
scoring_elements 0.61845
published_at 2026-04-08T12:55:00Z
4
value 0.00418
scoring_system epss
scoring_elements 0.6186
published_at 2026-04-09T12:55:00Z
5
value 0.00418
scoring_system epss
scoring_elements 0.61882
published_at 2026-04-21T12:55:00Z
6
value 0.00418
scoring_system epss
scoring_elements 0.6187
published_at 2026-04-12T12:55:00Z
7
value 0.00418
scoring_system epss
scoring_elements 0.6185
published_at 2026-04-13T12:55:00Z
8
value 0.00418
scoring_system epss
scoring_elements 0.61893
published_at 2026-04-16T12:55:00Z
9
value 0.00418
scoring_system epss
scoring_elements 0.61898
published_at 2026-04-18T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2011-2668
fixed_packages
0
url pkg:deb/debian/firefox@150.0-1?distro=sid
purl pkg:deb/debian/firefox@150.0-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@150.0-1%3Fdistro=sid
1
url pkg:deb/debian/firefox@0?distro=sid
purl pkg:deb/debian/firefox@0?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@0%3Fdistro=sid
2
url pkg:deb/debian/firefox@149.0-1?distro=sid
purl pkg:deb/debian/firefox@149.0-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0-1%3Fdistro=sid
3
url pkg:deb/debian/firefox@149.0.2-1?distro=sid
purl pkg:deb/debian/firefox@149.0.2-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0.2-1%3Fdistro=sid
aliases CVE-2011-2668
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-akwm-tx92-bqfs
81
url VCID-avgs-nz9j-gqg8
vulnerability_id VCID-avgs-nz9j-gqg8
summary On Windows, a compromised content process could use bad StreamData sent over AudioIPC to trigger a use-after-free in the Browser process. This could have led to a sandbox escape.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-1930.json
reference_id
reference_type
scores
0
value 8.3
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:L/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-1930.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2025-1930
reference_id
reference_type
scores
0
value 0.00329
scoring_system epss
scoring_elements 0.55858
published_at 2026-04-04T12:55:00Z
1
value 0.00329
scoring_system epss
scoring_elements 0.55836
published_at 2026-04-02T12:55:00Z
2
value 0.00329
scoring_system epss
scoring_elements 0.55901
published_at 2026-04-11T12:55:00Z
3
value 0.00329
scoring_system epss
scoring_elements 0.55891
published_at 2026-04-09T12:55:00Z
4
value 0.00329
scoring_system epss
scoring_elements 0.55888
published_at 2026-04-08T12:55:00Z
5
value 0.00329
scoring_system epss
scoring_elements 0.55837
published_at 2026-04-07T12:55:00Z
6
value 0.00342
scoring_system epss
scoring_elements 0.56934
published_at 2026-04-16T12:55:00Z
7
value 0.00342
scoring_system epss
scoring_elements 0.56931
published_at 2026-04-18T12:55:00Z
8
value 0.00342
scoring_system epss
scoring_elements 0.56905
published_at 2026-04-13T12:55:00Z
9
value 0.00342
scoring_system epss
scoring_elements 0.56928
published_at 2026-04-12T12:55:00Z
10
value 0.00352
scoring_system epss
scoring_elements 0.57621
published_at 2026-04-21T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2025-1930
2
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 8.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:L/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
3
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2349787
reference_id 2349787
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2349787
4
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2025-14
reference_id mfsa2025-14
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2025-14
5
reference_url https://www.mozilla.org/security/advisories/mfsa2025-14/
reference_id mfsa2025-14
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-03-05T16:42:08Z/
url https://www.mozilla.org/security/advisories/mfsa2025-14/
6
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2025-15
reference_id mfsa2025-15
reference_type
scores
0
value critical
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2025-15
7
reference_url https://www.mozilla.org/security/advisories/mfsa2025-15/
reference_id mfsa2025-15
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-03-05T16:42:08Z/
url https://www.mozilla.org/security/advisories/mfsa2025-15/
8
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2025-16
reference_id mfsa2025-16
reference_type
scores
0
value critical
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2025-16
9
reference_url https://www.mozilla.org/security/advisories/mfsa2025-16/
reference_id mfsa2025-16
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-03-05T16:42:08Z/
url https://www.mozilla.org/security/advisories/mfsa2025-16/
10
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2025-17
reference_id mfsa2025-17
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2025-17
11
reference_url https://www.mozilla.org/security/advisories/mfsa2025-17/
reference_id mfsa2025-17
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-03-05T16:42:08Z/
url https://www.mozilla.org/security/advisories/mfsa2025-17/
12
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2025-18
reference_id mfsa2025-18
reference_type
scores
0
value critical
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2025-18
13
reference_url https://www.mozilla.org/security/advisories/mfsa2025-18/
reference_id mfsa2025-18
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-03-05T16:42:08Z/
url https://www.mozilla.org/security/advisories/mfsa2025-18/
14
reference_url https://access.redhat.com/errata/RHSA-2025:2359
reference_id RHSA-2025:2359
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:2359
15
reference_url https://access.redhat.com/errata/RHSA-2025:2452
reference_id RHSA-2025:2452
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:2452
16
reference_url https://access.redhat.com/errata/RHSA-2025:2479
reference_id RHSA-2025:2479
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:2479
17
reference_url https://access.redhat.com/errata/RHSA-2025:2480
reference_id RHSA-2025:2480
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:2480
18
reference_url https://access.redhat.com/errata/RHSA-2025:2481
reference_id RHSA-2025:2481
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:2481
19
reference_url https://access.redhat.com/errata/RHSA-2025:2484
reference_id RHSA-2025:2484
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:2484
20
reference_url https://access.redhat.com/errata/RHSA-2025:2485
reference_id RHSA-2025:2485
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:2485
21
reference_url https://access.redhat.com/errata/RHSA-2025:2486
reference_id RHSA-2025:2486
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:2486
22
reference_url https://access.redhat.com/errata/RHSA-2025:2699
reference_id RHSA-2025:2699
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:2699
23
reference_url https://access.redhat.com/errata/RHSA-2025:2708
reference_id RHSA-2025:2708
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:2708
24
reference_url https://bugzilla.mozilla.org/show_bug.cgi?id=1902309
reference_id show_bug.cgi?id=1902309
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-03-05T16:42:08Z/
url https://bugzilla.mozilla.org/show_bug.cgi?id=1902309
25
reference_url https://usn.ubuntu.com/7663-1/
reference_id USN-7663-1
reference_type
scores
url https://usn.ubuntu.com/7663-1/
fixed_packages
0
url pkg:deb/debian/firefox@150.0-1?distro=sid
purl pkg:deb/debian/firefox@150.0-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@150.0-1%3Fdistro=sid
1
url pkg:deb/debian/firefox@0?distro=sid
purl pkg:deb/debian/firefox@0?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@0%3Fdistro=sid
2
url pkg:deb/debian/firefox@149.0-1?distro=sid
purl pkg:deb/debian/firefox@149.0-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0-1%3Fdistro=sid
3
url pkg:deb/debian/firefox@149.0.2-1?distro=sid
purl pkg:deb/debian/firefox@149.0.2-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0.2-1%3Fdistro=sid
aliases CVE-2025-1930
risk_score 4.5
exploitability 0.5
weighted_severity 9.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-avgs-nz9j-gqg8
82
url VCID-aw1p-efnf-57e1
vulnerability_id VCID-aw1p-efnf-57e1
summary Websites redirecting to a non-HTTP scheme URL could allow a website address to be spoofed for a malicious page
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2025-27424
reference_id
reference_type
scores
0
value 0.00035
scoring_system epss
scoring_elements 0.10523
published_at 2026-04-11T12:55:00Z
1
value 0.00035
scoring_system epss
scoring_elements 0.10427
published_at 2026-04-02T12:55:00Z
2
value 0.00035
scoring_system epss
scoring_elements 0.10495
published_at 2026-04-04T12:55:00Z
3
value 0.00035
scoring_system epss
scoring_elements 0.10355
published_at 2026-04-07T12:55:00Z
4
value 0.00035
scoring_system epss
scoring_elements 0.10428
published_at 2026-04-08T12:55:00Z
5
value 0.00035
scoring_system epss
scoring_elements 0.10492
published_at 2026-04-09T12:55:00Z
6
value 0.00326
scoring_system epss
scoring_elements 0.55621
published_at 2026-04-12T12:55:00Z
7
value 0.00379
scoring_system epss
scoring_elements 0.59463
published_at 2026-04-18T12:55:00Z
8
value 0.00379
scoring_system epss
scoring_elements 0.59457
published_at 2026-04-16T12:55:00Z
9
value 0.00379
scoring_system epss
scoring_elements 0.59425
published_at 2026-04-13T12:55:00Z
10
value 0.0039
scoring_system epss
scoring_elements 0.60064
published_at 2026-04-21T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2025-27424
1
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2025-13
reference_id mfsa2025-13
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2025-13
2
reference_url https://www.mozilla.org/security/advisories/mfsa2025-13/
reference_id mfsa2025-13
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-03-04T15:27:30Z/
url https://www.mozilla.org/security/advisories/mfsa2025-13/
3
reference_url https://bugzilla.mozilla.org/show_bug.cgi?id=1945392
reference_id show_bug.cgi?id=1945392
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-03-04T15:27:30Z/
url https://bugzilla.mozilla.org/show_bug.cgi?id=1945392
fixed_packages
0
url pkg:deb/debian/firefox@150.0-1?distro=sid
purl pkg:deb/debian/firefox@150.0-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@150.0-1%3Fdistro=sid
1
url pkg:deb/debian/firefox@0?distro=sid
purl pkg:deb/debian/firefox@0?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@0%3Fdistro=sid
2
url pkg:deb/debian/firefox@149.0-1?distro=sid
purl pkg:deb/debian/firefox@149.0-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0-1%3Fdistro=sid
3
url pkg:deb/debian/firefox@149.0.2-1?distro=sid
purl pkg:deb/debian/firefox@149.0.2-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0.2-1%3Fdistro=sid
aliases CVE-2025-27424
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-aw1p-efnf-57e1
83
url VCID-ax8a-z9s4-e3dk
vulnerability_id VCID-ax8a-z9s4-e3dk
summary A vulnerability was discovered where specific command line arguments are not properly discarded during Firefox invocation as a shell handler for URLs. This could be used to retrieve and execute files whose location is supplied through these command line arguments if Firefox is configured as the default URI handler for a given URI scheme in third party applications and these applications insufficiently sanitize URL data. *Note: This issue only affects Windows operating systems. Other operating systems are unaffected.*
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-9794.json
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-9794.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2019-9794
reference_id
reference_type
scores
0
value 0.00419
scoring_system epss
scoring_elements 0.6189
published_at 2026-04-21T12:55:00Z
1
value 0.00419
scoring_system epss
scoring_elements 0.61879
published_at 2026-04-12T12:55:00Z
2
value 0.00419
scoring_system epss
scoring_elements 0.61859
published_at 2026-04-13T12:55:00Z
3
value 0.00419
scoring_system epss
scoring_elements 0.61902
published_at 2026-04-16T12:55:00Z
4
value 0.00419
scoring_system epss
scoring_elements 0.61907
published_at 2026-04-18T12:55:00Z
5
value 0.00419
scoring_system epss
scoring_elements 0.6173
published_at 2026-04-01T12:55:00Z
6
value 0.00419
scoring_system epss
scoring_elements 0.61804
published_at 2026-04-02T12:55:00Z
7
value 0.00419
scoring_system epss
scoring_elements 0.61834
published_at 2026-04-04T12:55:00Z
8
value 0.00419
scoring_system epss
scoring_elements 0.61805
published_at 2026-04-07T12:55:00Z
9
value 0.00419
scoring_system epss
scoring_elements 0.61854
published_at 2026-04-08T12:55:00Z
10
value 0.00419
scoring_system epss
scoring_elements 0.61869
published_at 2026-04-09T12:55:00Z
11
value 0.00419
scoring_system epss
scoring_elements 0.61891
published_at 2026-04-11T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2019-9794
2
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
3
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1690679
reference_id 1690679
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1690679
4
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2019-07
reference_id mfsa2019-07
reference_type
scores
0
value critical
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2019-07
5
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2019-08
reference_id mfsa2019-08
reference_type
scores
0
value critical
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2019-08
6
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2019-11
reference_id mfsa2019-11
reference_type
scores
0
value critical
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2019-11
fixed_packages
0
url pkg:deb/debian/firefox@150.0-1?distro=sid
purl pkg:deb/debian/firefox@150.0-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@150.0-1%3Fdistro=sid
1
url pkg:deb/debian/firefox@0?distro=sid
purl pkg:deb/debian/firefox@0?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@0%3Fdistro=sid
2
url pkg:deb/debian/firefox@149.0-1?distro=sid
purl pkg:deb/debian/firefox@149.0-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0-1%3Fdistro=sid
3
url pkg:deb/debian/firefox@149.0.2-1?distro=sid
purl pkg:deb/debian/firefox@149.0.2-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0.2-1%3Fdistro=sid
aliases CVE-2019-9794
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-ax8a-z9s4-e3dk
84
url VCID-b7sc-ty24-k7gj
vulnerability_id VCID-b7sc-ty24-k7gj
summary Multiple vulnerabilities have been discovered in Mozilla Firefox, the worst of which could lead to remote code execution.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2024-4765
reference_id
reference_type
scores
0
value 0.00154
scoring_system epss
scoring_elements 0.36038
published_at 2026-04-21T12:55:00Z
1
value 0.00154
scoring_system epss
scoring_elements 0.36103
published_at 2026-04-08T12:55:00Z
2
value 0.00154
scoring_system epss
scoring_elements 0.36122
published_at 2026-04-09T12:55:00Z
3
value 0.00154
scoring_system epss
scoring_elements 0.36128
published_at 2026-04-11T12:55:00Z
4
value 0.00154
scoring_system epss
scoring_elements 0.3609
published_at 2026-04-18T12:55:00Z
5
value 0.00154
scoring_system epss
scoring_elements 0.36064
published_at 2026-04-13T12:55:00Z
6
value 0.00154
scoring_system epss
scoring_elements 0.36105
published_at 2026-04-16T12:55:00Z
7
value 0.00154
scoring_system epss
scoring_elements 0.36188
published_at 2026-04-02T12:55:00Z
8
value 0.00154
scoring_system epss
scoring_elements 0.36218
published_at 2026-04-04T12:55:00Z
9
value 0.00154
scoring_system epss
scoring_elements 0.36054
published_at 2026-04-07T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2024-4765
1
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
2
reference_url https://security.gentoo.org/glsa/202408-02
reference_id GLSA-202408-02
reference_type
scores
url https://security.gentoo.org/glsa/202408-02
3
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2024-21
reference_id mfsa2024-21
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2024-21
4
reference_url https://www.mozilla.org/security/advisories/mfsa2024-21/
reference_id mfsa2024-21
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-08-08T18:46:51Z/
url https://www.mozilla.org/security/advisories/mfsa2024-21/
5
reference_url https://bugzilla.mozilla.org/show_bug.cgi?id=1871109
reference_id show_bug.cgi?id=1871109
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-08-08T18:46:51Z/
url https://bugzilla.mozilla.org/show_bug.cgi?id=1871109
fixed_packages
0
url pkg:deb/debian/firefox@150.0-1?distro=sid
purl pkg:deb/debian/firefox@150.0-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@150.0-1%3Fdistro=sid
1
url pkg:deb/debian/firefox@0?distro=sid
purl pkg:deb/debian/firefox@0?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@0%3Fdistro=sid
2
url pkg:deb/debian/firefox@149.0-1?distro=sid
purl pkg:deb/debian/firefox@149.0-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0-1%3Fdistro=sid
3
url pkg:deb/debian/firefox@149.0.2-1?distro=sid
purl pkg:deb/debian/firefox@149.0.2-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0.2-1%3Fdistro=sid
aliases CVE-2024-4765
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-b7sc-ty24-k7gj
85
url VCID-b8qk-zbj4-yfg2
vulnerability_id VCID-b8qk-zbj4-yfg2
summary When setting a thread name on Windows in WebRTC, an incorrect number of arguments could have been supplied, leading to stack corruption and a potentially exploitable crash. *Note: this issue only occurs on Windows. Other operating systems are unaffected.*
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-13722.json
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-13722.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2019-13722
reference_id
reference_type
scores
0
value 0.00356
scoring_system epss
scoring_elements 0.57873
published_at 2026-04-21T12:55:00Z
1
value 0.00356
scoring_system epss
scoring_elements 0.57888
published_at 2026-04-12T12:55:00Z
2
value 0.00356
scoring_system epss
scoring_elements 0.57867
published_at 2026-04-13T12:55:00Z
3
value 0.00356
scoring_system epss
scoring_elements 0.57897
published_at 2026-04-16T12:55:00Z
4
value 0.00356
scoring_system epss
scoring_elements 0.57896
published_at 2026-04-18T12:55:00Z
5
value 0.00356
scoring_system epss
scoring_elements 0.57759
published_at 2026-04-01T12:55:00Z
6
value 0.00356
scoring_system epss
scoring_elements 0.57843
published_at 2026-04-02T12:55:00Z
7
value 0.00356
scoring_system epss
scoring_elements 0.57863
published_at 2026-04-04T12:55:00Z
8
value 0.00356
scoring_system epss
scoring_elements 0.57839
published_at 2026-04-07T12:55:00Z
9
value 0.00356
scoring_system epss
scoring_elements 0.57893
published_at 2026-04-08T12:55:00Z
10
value 0.00356
scoring_system epss
scoring_elements 0.57895
published_at 2026-04-09T12:55:00Z
11
value 0.00356
scoring_system epss
scoring_elements 0.57911
published_at 2026-04-11T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2019-13722
2
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
3
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1779432
reference_id 1779432
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1779432
4
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2019-36
reference_id mfsa2019-36
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2019-36
5
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2019-37
reference_id mfsa2019-37
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2019-37
6
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2019-38
reference_id mfsa2019-38
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2019-38
fixed_packages
0
url pkg:deb/debian/firefox@150.0-1?distro=sid
purl pkg:deb/debian/firefox@150.0-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@150.0-1%3Fdistro=sid
1
url pkg:deb/debian/firefox@0?distro=sid
purl pkg:deb/debian/firefox@0?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@0%3Fdistro=sid
2
url pkg:deb/debian/firefox@149.0-1?distro=sid
purl pkg:deb/debian/firefox@149.0-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0-1%3Fdistro=sid
3
url pkg:deb/debian/firefox@149.0.2-1?distro=sid
purl pkg:deb/debian/firefox@149.0.2-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0.2-1%3Fdistro=sid
aliases CVE-2019-13722
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-b8qk-zbj4-yfg2
86
url VCID-baq3-sm51-3qae
vulnerability_id VCID-baq3-sm51-3qae
summary An error in the WindowsDllDetourPatcher where a RWX ("Read/Write/Execute") 4k block is allocated but never protected, violating DEP protections. *Note: This attack only affects Windows operating systems. Other operating systems are not affected.*
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2017-7782
reference_id
reference_type
scores
0
value 0.0051
scoring_system epss
scoring_elements 0.66404
published_at 2026-04-21T12:55:00Z
1
value 0.0051
scoring_system epss
scoring_elements 0.66412
published_at 2026-04-11T12:55:00Z
2
value 0.0051
scoring_system epss
scoring_elements 0.66398
published_at 2026-04-12T12:55:00Z
3
value 0.0051
scoring_system epss
scoring_elements 0.66368
published_at 2026-04-13T12:55:00Z
4
value 0.0051
scoring_system epss
scoring_elements 0.66403
published_at 2026-04-16T12:55:00Z
5
value 0.0051
scoring_system epss
scoring_elements 0.66419
published_at 2026-04-18T12:55:00Z
6
value 0.0051
scoring_system epss
scoring_elements 0.66294
published_at 2026-04-01T12:55:00Z
7
value 0.0051
scoring_system epss
scoring_elements 0.66333
published_at 2026-04-02T12:55:00Z
8
value 0.0051
scoring_system epss
scoring_elements 0.6636
published_at 2026-04-04T12:55:00Z
9
value 0.0051
scoring_system epss
scoring_elements 0.66329
published_at 2026-04-07T12:55:00Z
10
value 0.0051
scoring_system epss
scoring_elements 0.66377
published_at 2026-04-08T12:55:00Z
11
value 0.0051
scoring_system epss
scoring_elements 0.66391
published_at 2026-04-09T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2017-7782
1
reference_url https://bugzilla.mozilla.org/show_bug.cgi?id=1344034
reference_id
reference_type
scores
url https://bugzilla.mozilla.org/show_bug.cgi?id=1344034
2
reference_url https://www.mozilla.org/security/advisories/mfsa2017-18/
reference_id
reference_type
scores
url https://www.mozilla.org/security/advisories/mfsa2017-18/
3
reference_url https://www.mozilla.org/security/advisories/mfsa2017-19/
reference_id
reference_type
scores
url https://www.mozilla.org/security/advisories/mfsa2017-19/
4
reference_url https://www.mozilla.org/security/advisories/mfsa2017-20/
reference_id
reference_type
scores
url https://www.mozilla.org/security/advisories/mfsa2017-20/
5
reference_url http://www.securityfocus.com/bid/100243
reference_id
reference_type
scores
url http://www.securityfocus.com/bid/100243
6
reference_url http://www.securitytracker.com/id/1039124
reference_id
reference_type
scores
url http://www.securitytracker.com/id/1039124
7
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*
reference_id cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*
8
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*
reference_id cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*
9
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*
reference_id cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*
10
reference_url https://nvd.nist.gov/vuln/detail/CVE-2017-7782
reference_id CVE-2017-7782
reference_type
scores
0
value 5.0
scoring_system cvssv2
scoring_elements AV:N/AC:L/Au:N/C:N/I:P/A:N
1
value 5.3
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
url https://nvd.nist.gov/vuln/detail/CVE-2017-7782
11
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2017-18
reference_id mfsa2017-18
reference_type
scores
0
value critical
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2017-18
12
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2017-19
reference_id mfsa2017-19
reference_type
scores
0
value critical
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2017-19
13
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2017-20
reference_id mfsa2017-20
reference_type
scores
0
value critical
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2017-20
fixed_packages
0
url pkg:deb/debian/firefox@150.0-1?distro=sid
purl pkg:deb/debian/firefox@150.0-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@150.0-1%3Fdistro=sid
1
url pkg:deb/debian/firefox@0?distro=sid
purl pkg:deb/debian/firefox@0?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@0%3Fdistro=sid
2
url pkg:deb/debian/firefox@149.0-1?distro=sid
purl pkg:deb/debian/firefox@149.0-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0-1%3Fdistro=sid
3
url pkg:deb/debian/firefox@149.0.2-1?distro=sid
purl pkg:deb/debian/firefox@149.0.2-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0.2-1%3Fdistro=sid
aliases CVE-2017-7782
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-baq3-sm51-3qae
87
url VCID-bva6-xgue-q3dh
vulnerability_id VCID-bva6-xgue-q3dh
summary In Firefox Developer Tools it is possible that pasting the result of the 'Copy as cURL' command into a command shell on macOS will cause the execution of unintended additional bash script commands if the URL was maliciously crafted. This is the result of an issue with the native version of Bash on macOS. *Note: This issue only affects macOS. Other operating systems are unaffected.*
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2019-9804
reference_id
reference_type
scores
0
value 0.01151
scoring_system epss
scoring_elements 0.78522
published_at 2026-04-21T12:55:00Z
1
value 0.01151
scoring_system epss
scoring_elements 0.78449
published_at 2026-04-01T12:55:00Z
2
value 0.01151
scoring_system epss
scoring_elements 0.78455
published_at 2026-04-02T12:55:00Z
3
value 0.01151
scoring_system epss
scoring_elements 0.78486
published_at 2026-04-04T12:55:00Z
4
value 0.01151
scoring_system epss
scoring_elements 0.78469
published_at 2026-04-07T12:55:00Z
5
value 0.01151
scoring_system epss
scoring_elements 0.78496
published_at 2026-04-08T12:55:00Z
6
value 0.01151
scoring_system epss
scoring_elements 0.78501
published_at 2026-04-09T12:55:00Z
7
value 0.01151
scoring_system epss
scoring_elements 0.78526
published_at 2026-04-16T12:55:00Z
8
value 0.01151
scoring_system epss
scoring_elements 0.78506
published_at 2026-04-12T12:55:00Z
9
value 0.01151
scoring_system epss
scoring_elements 0.78499
published_at 2026-04-13T12:55:00Z
10
value 0.01151
scoring_system epss
scoring_elements 0.78525
published_at 2026-04-18T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2019-9804
1
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2019-07
reference_id mfsa2019-07
reference_type
scores
0
value critical
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2019-07
fixed_packages
0
url pkg:deb/debian/firefox@150.0-1?distro=sid
purl pkg:deb/debian/firefox@150.0-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@150.0-1%3Fdistro=sid
1
url pkg:deb/debian/firefox@0?distro=sid
purl pkg:deb/debian/firefox@0?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@0%3Fdistro=sid
2
url pkg:deb/debian/firefox@149.0-1?distro=sid
purl pkg:deb/debian/firefox@149.0-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0-1%3Fdistro=sid
3
url pkg:deb/debian/firefox@149.0.2-1?distro=sid
purl pkg:deb/debian/firefox@149.0.2-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0.2-1%3Fdistro=sid
aliases CVE-2019-9804
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-bva6-xgue-q3dh
88
url VCID-c52k-tg8d-sbeg
vulnerability_id VCID-c52k-tg8d-sbeg
summary Multiple vulnerabilities have been discovered in Mozilla Thunderbird, the worst of which could result in arbitrary code execution.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-23599.json
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-23599.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2023-23599
reference_id
reference_type
scores
0
value 0.00142
scoring_system epss
scoring_elements 0.34371
published_at 2026-04-21T12:55:00Z
1
value 0.00142
scoring_system epss
scoring_elements 0.34422
published_at 2026-04-08T12:55:00Z
2
value 0.00142
scoring_system epss
scoring_elements 0.34451
published_at 2026-04-09T12:55:00Z
3
value 0.00142
scoring_system epss
scoring_elements 0.34453
published_at 2026-04-11T12:55:00Z
4
value 0.00142
scoring_system epss
scoring_elements 0.34414
published_at 2026-04-12T12:55:00Z
5
value 0.00142
scoring_system epss
scoring_elements 0.3439
published_at 2026-04-13T12:55:00Z
6
value 0.00142
scoring_system epss
scoring_elements 0.34425
published_at 2026-04-16T12:55:00Z
7
value 0.00142
scoring_system epss
scoring_elements 0.34412
published_at 2026-04-18T12:55:00Z
8
value 0.00142
scoring_system epss
scoring_elements 0.34484
published_at 2026-04-02T12:55:00Z
9
value 0.00142
scoring_system epss
scoring_elements 0.34512
published_at 2026-04-04T12:55:00Z
10
value 0.00142
scoring_system epss
scoring_elements 0.34379
published_at 2026-04-07T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2023-23599
2
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2162339
reference_id 2162339
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2162339
3
reference_url https://security.gentoo.org/glsa/202305-06
reference_id GLSA-202305-06
reference_type
scores
url https://security.gentoo.org/glsa/202305-06
4
reference_url https://security.gentoo.org/glsa/202305-13
reference_id GLSA-202305-13
reference_type
scores
url https://security.gentoo.org/glsa/202305-13
5
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2023-01
reference_id mfsa2023-01
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2023-01
6
reference_url https://www.mozilla.org/security/advisories/mfsa2023-01/
reference_id mfsa2023-01
reference_type
scores
0
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-09T16:21:01Z/
url https://www.mozilla.org/security/advisories/mfsa2023-01/
7
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2023-02
reference_id mfsa2023-02
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2023-02
8
reference_url https://www.mozilla.org/security/advisories/mfsa2023-02/
reference_id mfsa2023-02
reference_type
scores
0
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-09T16:21:01Z/
url https://www.mozilla.org/security/advisories/mfsa2023-02/
9
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2023-03
reference_id mfsa2023-03
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2023-03
10
reference_url https://www.mozilla.org/security/advisories/mfsa2023-03/
reference_id mfsa2023-03
reference_type
scores
0
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-09T16:21:01Z/
url https://www.mozilla.org/security/advisories/mfsa2023-03/
11
reference_url https://access.redhat.com/errata/RHSA-2023:0285
reference_id RHSA-2023:0285
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:0285
12
reference_url https://access.redhat.com/errata/RHSA-2023:0286
reference_id RHSA-2023:0286
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:0286
13
reference_url https://access.redhat.com/errata/RHSA-2023:0288
reference_id RHSA-2023:0288
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:0288
14
reference_url https://access.redhat.com/errata/RHSA-2023:0289
reference_id RHSA-2023:0289
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:0289
15
reference_url https://access.redhat.com/errata/RHSA-2023:0290
reference_id RHSA-2023:0290
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:0290
16
reference_url https://access.redhat.com/errata/RHSA-2023:0294
reference_id RHSA-2023:0294
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:0294
17
reference_url https://access.redhat.com/errata/RHSA-2023:0295
reference_id RHSA-2023:0295
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:0295
18
reference_url https://access.redhat.com/errata/RHSA-2023:0296
reference_id RHSA-2023:0296
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:0296
19
reference_url https://access.redhat.com/errata/RHSA-2023:0456
reference_id RHSA-2023:0456
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:0456
20
reference_url https://access.redhat.com/errata/RHSA-2023:0457
reference_id RHSA-2023:0457
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:0457
21
reference_url https://access.redhat.com/errata/RHSA-2023:0459
reference_id RHSA-2023:0459
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:0459
22
reference_url https://access.redhat.com/errata/RHSA-2023:0460
reference_id RHSA-2023:0460
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:0460
23
reference_url https://access.redhat.com/errata/RHSA-2023:0461
reference_id RHSA-2023:0461
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:0461
24
reference_url https://access.redhat.com/errata/RHSA-2023:0462
reference_id RHSA-2023:0462
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:0462
25
reference_url https://access.redhat.com/errata/RHSA-2023:0463
reference_id RHSA-2023:0463
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:0463
26
reference_url https://access.redhat.com/errata/RHSA-2023:0476
reference_id RHSA-2023:0476
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:0476
27
reference_url https://bugzilla.mozilla.org/show_bug.cgi?id=1777800
reference_id show_bug.cgi?id=1777800
reference_type
scores
0
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-09T16:21:01Z/
url https://bugzilla.mozilla.org/show_bug.cgi?id=1777800
28
reference_url https://usn.ubuntu.com/5816-1/
reference_id USN-5816-1
reference_type
scores
url https://usn.ubuntu.com/5816-1/
29
reference_url https://usn.ubuntu.com/5824-1/
reference_id USN-5824-1
reference_type
scores
url https://usn.ubuntu.com/5824-1/
fixed_packages
0
url pkg:deb/debian/firefox@150.0-1?distro=sid
purl pkg:deb/debian/firefox@150.0-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@150.0-1%3Fdistro=sid
1
url pkg:deb/debian/firefox@0?distro=sid
purl pkg:deb/debian/firefox@0?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@0%3Fdistro=sid
2
url pkg:deb/debian/firefox@149.0-1?distro=sid
purl pkg:deb/debian/firefox@149.0-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0-1%3Fdistro=sid
3
url pkg:deb/debian/firefox@149.0.2-1?distro=sid
purl pkg:deb/debian/firefox@149.0.2-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0.2-1%3Fdistro=sid
aliases CVE-2023-23599
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-c52k-tg8d-sbeg
89
url VCID-c9pz-t1b3-ykf2
vulnerability_id VCID-c9pz-t1b3-ykf2
summary Firefox for Android allowed a sandboxed iframe without the allow-downloads attribute to start downloads.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2025-8042
reference_id
reference_type
scores
0
value 0.00067
scoring_system epss
scoring_elements 0.2075
published_at 2026-04-21T12:55:00Z
1
value 0.00067
scoring_system epss
scoring_elements 0.20949
published_at 2026-04-02T12:55:00Z
2
value 0.00067
scoring_system epss
scoring_elements 0.20877
published_at 2026-04-11T12:55:00Z
3
value 0.00067
scoring_system epss
scoring_elements 0.20834
published_at 2026-04-12T12:55:00Z
4
value 0.00067
scoring_system epss
scoring_elements 0.20782
published_at 2026-04-13T12:55:00Z
5
value 0.00067
scoring_system epss
scoring_elements 0.20772
published_at 2026-04-16T12:55:00Z
6
value 0.00067
scoring_system epss
scoring_elements 0.20764
published_at 2026-04-18T12:55:00Z
7
value 0.00067
scoring_system epss
scoring_elements 0.21006
published_at 2026-04-04T12:55:00Z
8
value 0.00067
scoring_system epss
scoring_elements 0.20723
published_at 2026-04-07T12:55:00Z
9
value 0.00067
scoring_system epss
scoring_elements 0.20801
published_at 2026-04-08T12:55:00Z
10
value 0.00067
scoring_system epss
scoring_elements 0.20862
published_at 2026-04-09T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2025-8042
1
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2025-56
reference_id mfsa2025-56
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2025-56
2
reference_url https://www.mozilla.org/security/advisories/mfsa2025-56/
reference_id mfsa2025-56
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-08-20T14:03:29Z/
url https://www.mozilla.org/security/advisories/mfsa2025-56/
3
reference_url https://bugzilla.mozilla.org/show_bug.cgi?id=1791322
reference_id show_bug.cgi?id=1791322
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-08-20T14:03:29Z/
url https://bugzilla.mozilla.org/show_bug.cgi?id=1791322
fixed_packages
0
url pkg:deb/debian/firefox@150.0-1?distro=sid
purl pkg:deb/debian/firefox@150.0-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@150.0-1%3Fdistro=sid
1
url pkg:deb/debian/firefox@0?distro=sid
purl pkg:deb/debian/firefox@0?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@0%3Fdistro=sid
2
url pkg:deb/debian/firefox@149.0-1?distro=sid
purl pkg:deb/debian/firefox@149.0-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0-1%3Fdistro=sid
3
url pkg:deb/debian/firefox@149.0.2-1?distro=sid
purl pkg:deb/debian/firefox@149.0.2-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0.2-1%3Fdistro=sid
aliases CVE-2025-8042
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-c9pz-t1b3-ykf2
90
url VCID-cfqv-7r6b-g3e9
vulnerability_id VCID-cfqv-7r6b-g3e9
summary Multiple vulnerabilities have been discovered in Mozilla Thunderbird, the worst of which could lead to remote code execution.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-4576.json
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-4576.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2023-4576
reference_id
reference_type
scores
0
value 0.00325
scoring_system epss
scoring_elements 0.55549
published_at 2026-04-09T12:55:00Z
1
value 0.00325
scoring_system epss
scoring_elements 0.55561
published_at 2026-04-18T12:55:00Z
2
value 0.00325
scoring_system epss
scoring_elements 0.55558
published_at 2026-04-16T12:55:00Z
3
value 0.00325
scoring_system epss
scoring_elements 0.55538
published_at 2026-04-12T12:55:00Z
4
value 0.00325
scoring_system epss
scoring_elements 0.55559
published_at 2026-04-11T12:55:00Z
5
value 0.00325
scoring_system epss
scoring_elements 0.55521
published_at 2026-04-13T12:55:00Z
6
value 0.00325
scoring_system epss
scoring_elements 0.55497
published_at 2026-04-07T12:55:00Z
7
value 0.00325
scoring_system epss
scoring_elements 0.55539
published_at 2026-04-21T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2023-4576
2
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2236074
reference_id 2236074
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2236074
3
reference_url https://security.gentoo.org/glsa/202402-25
reference_id GLSA-202402-25
reference_type
scores
url https://security.gentoo.org/glsa/202402-25
4
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2023-34
reference_id mfsa2023-34
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2023-34
5
reference_url https://www.mozilla.org/security/advisories/mfsa2023-34/
reference_id mfsa2023-34
reference_type
scores
0
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-09-26T14:57:46Z/
url https://www.mozilla.org/security/advisories/mfsa2023-34/
6
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2023-35
reference_id mfsa2023-35
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2023-35
7
reference_url https://www.mozilla.org/security/advisories/mfsa2023-35/
reference_id mfsa2023-35
reference_type
scores
0
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-09-26T14:57:46Z/
url https://www.mozilla.org/security/advisories/mfsa2023-35/
8
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2023-36
reference_id mfsa2023-36
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2023-36
9
reference_url https://www.mozilla.org/security/advisories/mfsa2023-36/
reference_id mfsa2023-36
reference_type
scores
0
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-09-26T14:57:46Z/
url https://www.mozilla.org/security/advisories/mfsa2023-36/
10
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2023-37
reference_id mfsa2023-37
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2023-37
11
reference_url https://www.mozilla.org/security/advisories/mfsa2023-37/
reference_id mfsa2023-37
reference_type
scores
0
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-09-26T14:57:46Z/
url https://www.mozilla.org/security/advisories/mfsa2023-37/
12
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2023-38
reference_id mfsa2023-38
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2023-38
13
reference_url https://www.mozilla.org/security/advisories/mfsa2023-38/
reference_id mfsa2023-38
reference_type
scores
0
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-09-26T14:57:46Z/
url https://www.mozilla.org/security/advisories/mfsa2023-38/
14
reference_url https://bugzilla.mozilla.org/show_bug.cgi?id=1846694
reference_id show_bug.cgi?id=1846694
reference_type
scores
0
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-09-26T14:57:46Z/
url https://bugzilla.mozilla.org/show_bug.cgi?id=1846694
fixed_packages
0
url pkg:deb/debian/firefox@150.0-1?distro=sid
purl pkg:deb/debian/firefox@150.0-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@150.0-1%3Fdistro=sid
1
url pkg:deb/debian/firefox@0?distro=sid
purl pkg:deb/debian/firefox@0?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@0%3Fdistro=sid
2
url pkg:deb/debian/firefox@149.0-1?distro=sid
purl pkg:deb/debian/firefox@149.0-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0-1%3Fdistro=sid
3
url pkg:deb/debian/firefox@149.0.2-1?distro=sid
purl pkg:deb/debian/firefox@149.0.2-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0.2-1%3Fdistro=sid
aliases CVE-2023-4576
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-cfqv-7r6b-g3e9
91
url VCID-cfy8-73k1-jkdj
vulnerability_id VCID-cfy8-73k1-jkdj
summary The Mozilla Maintenance Service helper.exe application creates a temporary directory writable by non-privileged users. When this is combined with creation of a junction (a form of symbolic link), protected files in the target directory of the junction can be deleted by the Mozilla Maintenance Service, which has privileged access. *Note: This attack requires local system access and only affects Windows. Other operating systems are not affected.*
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2017-7761
reference_id
reference_type
scores
0
value 0.00086
scoring_system epss
scoring_elements 0.24758
published_at 2026-04-21T12:55:00Z
1
value 0.00086
scoring_system epss
scoring_elements 0.24834
published_at 2026-04-12T12:55:00Z
2
value 0.00086
scoring_system epss
scoring_elements 0.24778
published_at 2026-04-13T12:55:00Z
3
value 0.00086
scoring_system epss
scoring_elements 0.2479
published_at 2026-04-16T12:55:00Z
4
value 0.00086
scoring_system epss
scoring_elements 0.24781
published_at 2026-04-18T12:55:00Z
5
value 0.00086
scoring_system epss
scoring_elements 0.24855
published_at 2026-04-01T12:55:00Z
6
value 0.00086
scoring_system epss
scoring_elements 0.24933
published_at 2026-04-02T12:55:00Z
7
value 0.00086
scoring_system epss
scoring_elements 0.24973
published_at 2026-04-04T12:55:00Z
8
value 0.00086
scoring_system epss
scoring_elements 0.24747
published_at 2026-04-07T12:55:00Z
9
value 0.00086
scoring_system epss
scoring_elements 0.24814
published_at 2026-04-08T12:55:00Z
10
value 0.00086
scoring_system epss
scoring_elements 0.24859
published_at 2026-04-09T12:55:00Z
11
value 0.00086
scoring_system epss
scoring_elements 0.24872
published_at 2026-04-11T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2017-7761
1
reference_url https://bugzilla.mozilla.org/show_bug.cgi?id=1215648
reference_id
reference_type
scores
url https://bugzilla.mozilla.org/show_bug.cgi?id=1215648
2
reference_url https://sourceforge.net/p/nsis/bugs/1125/
reference_id
reference_type
scores
url https://sourceforge.net/p/nsis/bugs/1125/
3
reference_url https://www.mozilla.org/security/advisories/mfsa2017-15/
reference_id
reference_type
scores
url https://www.mozilla.org/security/advisories/mfsa2017-15/
4
reference_url https://www.mozilla.org/security/advisories/mfsa2017-16/
reference_id
reference_type
scores
url https://www.mozilla.org/security/advisories/mfsa2017-16/
5
reference_url http://www.securityfocus.com/bid/99057
reference_id
reference_type
scores
url http://www.securityfocus.com/bid/99057
6
reference_url http://www.securitytracker.com/id/1038689
reference_id
reference_type
scores
url http://www.securitytracker.com/id/1038689
7
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*
reference_id cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*
8
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*
reference_id cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*
9
reference_url https://nvd.nist.gov/vuln/detail/CVE-2017-7761
reference_id CVE-2017-7761
reference_type
scores
0
value 3.6
scoring_system cvssv2
scoring_elements AV:L/AC:L/Au:N/C:N/I:P/A:P
1
value 5.5
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N
url https://nvd.nist.gov/vuln/detail/CVE-2017-7761
10
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2017-15
reference_id mfsa2017-15
reference_type
scores
0
value critical
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2017-15
11
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2017-16
reference_id mfsa2017-16
reference_type
scores
0
value critical
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2017-16
fixed_packages
0
url pkg:deb/debian/firefox@150.0-1?distro=sid
purl pkg:deb/debian/firefox@150.0-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@150.0-1%3Fdistro=sid
1
url pkg:deb/debian/firefox@0?distro=sid
purl pkg:deb/debian/firefox@0?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@0%3Fdistro=sid
2
url pkg:deb/debian/firefox@149.0-1?distro=sid
purl pkg:deb/debian/firefox@149.0-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0-1%3Fdistro=sid
3
url pkg:deb/debian/firefox@149.0.2-1?distro=sid
purl pkg:deb/debian/firefox@149.0.2-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0.2-1%3Fdistro=sid
aliases CVE-2017-7761
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-cfy8-73k1-jkdj
92
url VCID-cmnc-fyxb-rfd4
vulnerability_id VCID-cmnc-fyxb-rfd4
summary An attacker could have caused an out of bounds memory access using WebGL APIs, leading to memory corruption and a potentially exploitable crash.*This bug only affects Firefox for macOS. Other operating systems are unaffected.*
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-29531.json
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-29531.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2023-29531
reference_id
reference_type
scores
0
value 0.00553
scoring_system epss
scoring_elements 0.68015
published_at 2026-04-04T12:55:00Z
1
value 0.00553
scoring_system epss
scoring_elements 0.68068
published_at 2026-04-12T12:55:00Z
2
value 0.00553
scoring_system epss
scoring_elements 0.68082
published_at 2026-04-11T12:55:00Z
3
value 0.00553
scoring_system epss
scoring_elements 0.68059
published_at 2026-04-09T12:55:00Z
4
value 0.00553
scoring_system epss
scoring_elements 0.68044
published_at 2026-04-08T12:55:00Z
5
value 0.00553
scoring_system epss
scoring_elements 0.67993
published_at 2026-04-07T12:55:00Z
6
value 0.00553
scoring_system epss
scoring_elements 0.67996
published_at 2026-04-02T12:55:00Z
7
value 0.00553
scoring_system epss
scoring_elements 0.68034
published_at 2026-04-13T12:55:00Z
8
value 0.00589
scoring_system epss
scoring_elements 0.69213
published_at 2026-04-18T12:55:00Z
9
value 0.00589
scoring_system epss
scoring_elements 0.69193
published_at 2026-04-21T12:55:00Z
10
value 0.00589
scoring_system epss
scoring_elements 0.69205
published_at 2026-04-16T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2023-29531
2
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2186099
reference_id 2186099
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2186099
3
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2023-13
reference_id mfsa2023-13
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2023-13
4
reference_url https://www.mozilla.org/security/advisories/mfsa2023-13/
reference_id mfsa2023-13
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-12-11T15:34:50Z/
url https://www.mozilla.org/security/advisories/mfsa2023-13/
5
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2023-14
reference_id mfsa2023-14
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2023-14
6
reference_url https://www.mozilla.org/security/advisories/mfsa2023-14/
reference_id mfsa2023-14
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-12-11T15:34:50Z/
url https://www.mozilla.org/security/advisories/mfsa2023-14/
7
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2023-15
reference_id mfsa2023-15
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2023-15
8
reference_url https://www.mozilla.org/security/advisories/mfsa2023-15/
reference_id mfsa2023-15
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-12-11T15:34:50Z/
url https://www.mozilla.org/security/advisories/mfsa2023-15/
9
reference_url https://bugzilla.mozilla.org/show_bug.cgi?id=1794292
reference_id show_bug.cgi?id=1794292
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-12-11T15:34:50Z/
url https://bugzilla.mozilla.org/show_bug.cgi?id=1794292
fixed_packages
0
url pkg:deb/debian/firefox@150.0-1?distro=sid
purl pkg:deb/debian/firefox@150.0-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@150.0-1%3Fdistro=sid
1
url pkg:deb/debian/firefox@0?distro=sid
purl pkg:deb/debian/firefox@0?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@0%3Fdistro=sid
2
url pkg:deb/debian/firefox@149.0-1?distro=sid
purl pkg:deb/debian/firefox@149.0-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0-1%3Fdistro=sid
3
url pkg:deb/debian/firefox@149.0.2-1?distro=sid
purl pkg:deb/debian/firefox@149.0.2-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0.2-1%3Fdistro=sid
aliases CVE-2023-29531
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-cmnc-fyxb-rfd4
93
url VCID-cpra-u2v5-3qg5
vulnerability_id VCID-cpra-u2v5-3qg5
summary An attack using manipulation of updater.ini contents, used by the Mozilla Windows Updater, and privilege escalation through the Mozilla Maintenance Service to allow for arbitrary file execution and deletion by the Maintenance Service, which has privileged access. *Note: This attack requires local system access and only affects Windows. Other operating systems are not affected.*
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2017-7766
reference_id
reference_type
scores
0
value 0.00174
scoring_system epss
scoring_elements 0.38755
published_at 2026-04-21T12:55:00Z
1
value 0.00174
scoring_system epss
scoring_elements 0.38839
published_at 2026-04-12T12:55:00Z
2
value 0.00174
scoring_system epss
scoring_elements 0.38812
published_at 2026-04-13T12:55:00Z
3
value 0.00174
scoring_system epss
scoring_elements 0.38857
published_at 2026-04-16T12:55:00Z
4
value 0.00174
scoring_system epss
scoring_elements 0.38835
published_at 2026-04-18T12:55:00Z
5
value 0.00174
scoring_system epss
scoring_elements 0.38713
published_at 2026-04-01T12:55:00Z
6
value 0.00174
scoring_system epss
scoring_elements 0.3885
published_at 2026-04-02T12:55:00Z
7
value 0.00174
scoring_system epss
scoring_elements 0.38871
published_at 2026-04-04T12:55:00Z
8
value 0.00174
scoring_system epss
scoring_elements 0.388
published_at 2026-04-07T12:55:00Z
9
value 0.00174
scoring_system epss
scoring_elements 0.38852
published_at 2026-04-08T12:55:00Z
10
value 0.00174
scoring_system epss
scoring_elements 0.38864
published_at 2026-04-09T12:55:00Z
11
value 0.00174
scoring_system epss
scoring_elements 0.38876
published_at 2026-04-11T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2017-7766
1
reference_url https://bugzilla.mozilla.org/show_bug.cgi?id=1342742
reference_id
reference_type
scores
url https://bugzilla.mozilla.org/show_bug.cgi?id=1342742
2
reference_url https://www.mozilla.org/security/advisories/mfsa2017-15/
reference_id
reference_type
scores
url https://www.mozilla.org/security/advisories/mfsa2017-15/
3
reference_url https://www.mozilla.org/security/advisories/mfsa2017-16/
reference_id
reference_type
scores
url https://www.mozilla.org/security/advisories/mfsa2017-16/
4
reference_url http://www.securityfocus.com/bid/99057
reference_id
reference_type
scores
url http://www.securityfocus.com/bid/99057
5
reference_url http://www.securitytracker.com/id/1038689
reference_id
reference_type
scores
url http://www.securitytracker.com/id/1038689
6
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*
reference_id cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*
7
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*
reference_id cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*
8
reference_url https://nvd.nist.gov/vuln/detail/CVE-2017-7766
reference_id CVE-2017-7766
reference_type
scores
0
value 4.6
scoring_system cvssv2
scoring_elements AV:L/AC:L/Au:N/C:P/I:P/A:P
1
value 7.8
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
url https://nvd.nist.gov/vuln/detail/CVE-2017-7766
9
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2017-15
reference_id mfsa2017-15
reference_type
scores
0
value critical
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2017-15
10
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2017-16
reference_id mfsa2017-16
reference_type
scores
0
value critical
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2017-16
fixed_packages
0
url pkg:deb/debian/firefox@150.0-1?distro=sid
purl pkg:deb/debian/firefox@150.0-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@150.0-1%3Fdistro=sid
1
url pkg:deb/debian/firefox@0?distro=sid
purl pkg:deb/debian/firefox@0?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@0%3Fdistro=sid
2
url pkg:deb/debian/firefox@149.0-1?distro=sid
purl pkg:deb/debian/firefox@149.0-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0-1%3Fdistro=sid
3
url pkg:deb/debian/firefox@149.0.2-1?distro=sid
purl pkg:deb/debian/firefox@149.0.2-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0.2-1%3Fdistro=sid
aliases CVE-2017-7766
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-cpra-u2v5-3qg5
94
url VCID-cver-m3d6-rkhp
vulnerability_id VCID-cver-m3d6-rkhp
summary If the Remote Debugging via USB feature was enabled in Firefox for Android on an Android version prior to Android 6.0, untrusted apps could have connected to the feature and operated with the privileges of the browser to read and interact with web content. The feature was implemented as a unix domain socket, protected by the Android SELinux policy; however, SELinux was not enforced for versions prior to 6.0. This was fixed by removing the Remote Debugging via USB feature from affected devices.*Note: This issue only affected Firefox for Android. Other operating systems are unaffected.*
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2020-26964
reference_id
reference_type
scores
0
value 0.00298
scoring_system epss
scoring_elements 0.53194
published_at 2026-04-21T12:55:00Z
1
value 0.00298
scoring_system epss
scoring_elements 0.5309
published_at 2026-04-01T12:55:00Z
2
value 0.00298
scoring_system epss
scoring_elements 0.5311
published_at 2026-04-02T12:55:00Z
3
value 0.00298
scoring_system epss
scoring_elements 0.53133
published_at 2026-04-04T12:55:00Z
4
value 0.00298
scoring_system epss
scoring_elements 0.53101
published_at 2026-04-07T12:55:00Z
5
value 0.00298
scoring_system epss
scoring_elements 0.53152
published_at 2026-04-08T12:55:00Z
6
value 0.00298
scoring_system epss
scoring_elements 0.53145
published_at 2026-04-09T12:55:00Z
7
value 0.00298
scoring_system epss
scoring_elements 0.53196
published_at 2026-04-11T12:55:00Z
8
value 0.00298
scoring_system epss
scoring_elements 0.53181
published_at 2026-04-12T12:55:00Z
9
value 0.00298
scoring_system epss
scoring_elements 0.53165
published_at 2026-04-13T12:55:00Z
10
value 0.00298
scoring_system epss
scoring_elements 0.53204
published_at 2026-04-16T12:55:00Z
11
value 0.00298
scoring_system epss
scoring_elements 0.53211
published_at 2026-04-18T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2020-26964
1
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2020-50
reference_id mfsa2020-50
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2020-50
fixed_packages
0
url pkg:deb/debian/firefox@150.0-1?distro=sid
purl pkg:deb/debian/firefox@150.0-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@150.0-1%3Fdistro=sid
1
url pkg:deb/debian/firefox@0?distro=sid
purl pkg:deb/debian/firefox@0?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@0%3Fdistro=sid
2
url pkg:deb/debian/firefox@149.0-1?distro=sid
purl pkg:deb/debian/firefox@149.0-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0-1%3Fdistro=sid
3
url pkg:deb/debian/firefox@149.0.2-1?distro=sid
purl pkg:deb/debian/firefox@149.0.2-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0.2-1%3Fdistro=sid
aliases CVE-2020-26964
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-cver-m3d6-rkhp
95
url VCID-d25k-36fw-67af
vulnerability_id VCID-d25k-36fw-67af
summary Focus was incorrectly allowing internal links to utilize the app scheme used for deeplinking, which could result in links potentially circumventing some URL safety checks
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2024-10474
reference_id
reference_type
scores
0
value 0.00297
scoring_system epss
scoring_elements 0.53073
published_at 2026-04-21T12:55:00Z
1
value 0.00297
scoring_system epss
scoring_elements 0.53079
published_at 2026-04-11T12:55:00Z
2
value 0.00297
scoring_system epss
scoring_elements 0.53063
published_at 2026-04-12T12:55:00Z
3
value 0.00297
scoring_system epss
scoring_elements 0.53046
published_at 2026-04-13T12:55:00Z
4
value 0.00297
scoring_system epss
scoring_elements 0.53083
published_at 2026-04-16T12:55:00Z
5
value 0.00297
scoring_system epss
scoring_elements 0.53091
published_at 2026-04-18T12:55:00Z
6
value 0.00297
scoring_system epss
scoring_elements 0.52993
published_at 2026-04-02T12:55:00Z
7
value 0.00297
scoring_system epss
scoring_elements 0.53018
published_at 2026-04-04T12:55:00Z
8
value 0.00297
scoring_system epss
scoring_elements 0.52985
published_at 2026-04-07T12:55:00Z
9
value 0.00297
scoring_system epss
scoring_elements 0.53036
published_at 2026-04-08T12:55:00Z
10
value 0.00297
scoring_system epss
scoring_elements 0.53029
published_at 2026-04-09T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2024-10474
1
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2024-60
reference_id mfsa2024-60
reference_type
scores
0
value none
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2024-60
2
reference_url https://www.mozilla.org/security/advisories/mfsa2024-60/
reference_id mfsa2024-60
reference_type
scores
0
value 9.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-10-29T13:58:46Z/
url https://www.mozilla.org/security/advisories/mfsa2024-60/
3
reference_url https://bugzilla.mozilla.org/show_bug.cgi?id=1863832
reference_id show_bug.cgi?id=1863832
reference_type
scores
0
value 9.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-10-29T13:58:46Z/
url https://bugzilla.mozilla.org/show_bug.cgi?id=1863832
fixed_packages
0
url pkg:deb/debian/firefox@150.0-1?distro=sid
purl pkg:deb/debian/firefox@150.0-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@150.0-1%3Fdistro=sid
1
url pkg:deb/debian/firefox@0?distro=sid
purl pkg:deb/debian/firefox@0?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@0%3Fdistro=sid
2
url pkg:deb/debian/firefox@149.0-1?distro=sid
purl pkg:deb/debian/firefox@149.0-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0-1%3Fdistro=sid
3
url pkg:deb/debian/firefox@149.0.2-1?distro=sid
purl pkg:deb/debian/firefox@149.0.2-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0.2-1%3Fdistro=sid
aliases CVE-2024-10474
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-d25k-36fw-67af
96
url VCID-d3n9-h8yh-r3ds
vulnerability_id VCID-d3n9-h8yh-r3ds
summary Mozilla Firefox 1.0.1 and possibly other versions, including Mozilla and Thunderbird, allows remote attackers to spoof the URL in the Status Bar via an A HREF tag that contains a TABLE tag that contains another A tag.
references
0
reference_url http://marc.info/?l=full-disclosure&m=111073068631287&w=2
reference_id
reference_type
scores
url http://marc.info/?l=full-disclosure&m=111073068631287&w=2
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2005-4809
reference_id
reference_type
scores
0
value 0.10377
scoring_system epss
scoring_elements 0.93235
published_at 2026-04-21T12:55:00Z
1
value 0.10377
scoring_system epss
scoring_elements 0.93179
published_at 2026-04-01T12:55:00Z
2
value 0.10377
scoring_system epss
scoring_elements 0.93189
published_at 2026-04-02T12:55:00Z
3
value 0.10377
scoring_system epss
scoring_elements 0.93193
published_at 2026-04-04T12:55:00Z
4
value 0.10377
scoring_system epss
scoring_elements 0.9319
published_at 2026-04-07T12:55:00Z
5
value 0.10377
scoring_system epss
scoring_elements 0.93199
published_at 2026-04-08T12:55:00Z
6
value 0.10377
scoring_system epss
scoring_elements 0.93203
published_at 2026-04-09T12:55:00Z
7
value 0.10377
scoring_system epss
scoring_elements 0.93208
published_at 2026-04-11T12:55:00Z
8
value 0.10377
scoring_system epss
scoring_elements 0.93206
published_at 2026-04-12T12:55:00Z
9
value 0.10377
scoring_system epss
scoring_elements 0.93207
published_at 2026-04-13T12:55:00Z
10
value 0.10377
scoring_system epss
scoring_elements 0.93223
published_at 2026-04-16T12:55:00Z
11
value 0.10377
scoring_system epss
scoring_elements 0.93227
published_at 2026-04-18T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2005-4809
2
reference_url http://secunia.com/advisories/14568
reference_id
reference_type
scores
url http://secunia.com/advisories/14568
3
reference_url http://securitytracker.com/id?1013423
reference_id
reference_type
scores
url http://securitytracker.com/id?1013423
4
reference_url https://exchange.xforce.ibmcloud.com/vulnerabilities/19540
reference_id
reference_type
scores
url https://exchange.xforce.ibmcloud.com/vulnerabilities/19540
5
reference_url http://www.osvdb.org/14885
reference_id
reference_type
scores
url http://www.osvdb.org/14885
6
reference_url http://www.securityfocus.com/bid/12798
reference_id
reference_type
scores
url http://www.securityfocus.com/bid/12798
7
reference_url http://www.vupen.com/english/advisories/2005/0260
reference_id
reference_type
scores
url http://www.vupen.com/english/advisories/2005/0260
8
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:0.10:*:*:*:*:*:*:*
reference_id cpe:2.3:a:mozilla:firefox:0.10:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:0.10:*:*:*:*:*:*:*
9
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:0.10.1:*:*:*:*:*:*:*
reference_id cpe:2.3:a:mozilla:firefox:0.10.1:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:0.10.1:*:*:*:*:*:*:*
10
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:0.8:*:*:*:*:*:*:*
reference_id cpe:2.3:a:mozilla:firefox:0.8:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:0.8:*:*:*:*:*:*:*
11
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:0.9:*:*:*:*:*:*:*
reference_id cpe:2.3:a:mozilla:firefox:0.9:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:0.9:*:*:*:*:*:*:*
12
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:0.9.1:*:*:*:*:*:*:*
reference_id cpe:2.3:a:mozilla:firefox:0.9.1:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:0.9.1:*:*:*:*:*:*:*
13
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:0.9.2:*:*:*:*:*:*:*
reference_id cpe:2.3:a:mozilla:firefox:0.9.2:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:0.9.2:*:*:*:*:*:*:*
14
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:0.9.3:*:*:*:*:*:*:*
reference_id cpe:2.3:a:mozilla:firefox:0.9.3:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:0.9.3:*:*:*:*:*:*:*
15
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:0.9:rc:*:*:*:*:*:*
reference_id cpe:2.3:a:mozilla:firefox:0.9:rc:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:0.9:rc:*:*:*:*:*:*
16
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:1.0:*:*:*:*:*:*:*
reference_id cpe:2.3:a:mozilla:firefox:1.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:1.0:*:*:*:*:*:*:*
17
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:1.0.1:*:*:*:*:*:*:*
reference_id cpe:2.3:a:mozilla:firefox:1.0.1:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:1.0.1:*:*:*:*:*:*:*
18
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:preview_release:*:*:*:*:*:*:*
reference_id cpe:2.3:a:mozilla:firefox:preview_release:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:preview_release:*:*:*:*:*:*:*
19
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:mozilla:1.7.3:*:*:*:*:*:*:*
reference_id cpe:2.3:a:mozilla:mozilla:1.7.3:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:mozilla:1.7.3:*:*:*:*:*:*:*
20
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:mozilla:1.7.4:*:*:*:*:*:*:*
reference_id cpe:2.3:a:mozilla:mozilla:1.7.4:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:mozilla:1.7.4:*:*:*:*:*:*:*
21
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:mozilla:1.7.5:*:*:*:*:*:*:*
reference_id cpe:2.3:a:mozilla:mozilla:1.7.5:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:mozilla:1.7.5:*:*:*:*:*:*:*
22
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:mozilla:1.7.6:*:*:*:*:*:*:*
reference_id cpe:2.3:a:mozilla:mozilla:1.7.6:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:mozilla:1.7.6:*:*:*:*:*:*:*
23
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird:0.6:*:*:*:*:*:*:*
reference_id cpe:2.3:a:mozilla:thunderbird:0.6:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird:0.6:*:*:*:*:*:*:*
24
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird:0.7:*:*:*:*:*:*:*
reference_id cpe:2.3:a:mozilla:thunderbird:0.7:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird:0.7:*:*:*:*:*:*:*
25
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird:0.7.1:*:*:*:*:*:*:*
reference_id cpe:2.3:a:mozilla:thunderbird:0.7.1:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird:0.7.1:*:*:*:*:*:*:*
26
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird:0.7.2:*:*:*:*:*:*:*
reference_id cpe:2.3:a:mozilla:thunderbird:0.7.2:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird:0.7.2:*:*:*:*:*:*:*
27
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird:0.7.3:*:*:*:*:*:*:*
reference_id cpe:2.3:a:mozilla:thunderbird:0.7.3:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird:0.7.3:*:*:*:*:*:*:*
28
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird:0.8:*:*:*:*:*:*:*
reference_id cpe:2.3:a:mozilla:thunderbird:0.8:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird:0.8:*:*:*:*:*:*:*
29
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird:0.9:*:*:*:*:*:*:*
reference_id cpe:2.3:a:mozilla:thunderbird:0.9:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird:0.9:*:*:*:*:*:*:*
30
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird:1.0:*:*:*:*:*:*:*
reference_id cpe:2.3:a:mozilla:thunderbird:1.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird:1.0:*:*:*:*:*:*:*
31
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird:1.0.1:*:*:*:*:*:*:*
reference_id cpe:2.3:a:mozilla:thunderbird:1.0.1:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird:1.0.1:*:*:*:*:*:*:*
32
reference_url https://nvd.nist.gov/vuln/detail/CVE-2005-4809
reference_id CVE-2005-4809
reference_type
scores
0
value 5.0
scoring_system cvssv2
scoring_elements AV:N/AC:L/Au:N/C:N/I:P/A:N
url https://nvd.nist.gov/vuln/detail/CVE-2005-4809
33
reference_url https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/remote/25221.txt
reference_id CVE-2005-4809;OSVDB-14885
reference_type exploit
scores
url https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/remote/25221.txt
34
reference_url https://www.securityfocus.com/bid/12798/info
reference_id CVE-2005-4809;OSVDB-14885
reference_type exploit
scores
url https://www.securityfocus.com/bid/12798/info
fixed_packages
0
url pkg:deb/debian/firefox@150.0-1?distro=sid
purl pkg:deb/debian/firefox@150.0-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@150.0-1%3Fdistro=sid
1
url pkg:deb/debian/firefox@0?distro=sid
purl pkg:deb/debian/firefox@0?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@0%3Fdistro=sid
2
url pkg:deb/debian/firefox@149.0-1?distro=sid
purl pkg:deb/debian/firefox@149.0-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0-1%3Fdistro=sid
3
url pkg:deb/debian/firefox@149.0.2-1?distro=sid
purl pkg:deb/debian/firefox@149.0.2-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0.2-1%3Fdistro=sid
aliases CVE-2005-4809
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-d3n9-h8yh-r3ds
97
url VCID-d5hs-m1zz-kybj
vulnerability_id VCID-d5hs-m1zz-kybj
summary The destructor function for the WindowsDllDetourPatcher class can be re-purposed by malicious code in concert with another vulnerability to write arbitrary data to an attacker controlled location in memory. This can be used to bypass existing memory protections in this situation. *Note: This attack only affects Windows operating systems. Other operating systems are not affected.*
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2017-7804
reference_id
reference_type
scores
0
value 0.00689
scoring_system epss
scoring_elements 0.71787
published_at 2026-04-21T12:55:00Z
1
value 0.00689
scoring_system epss
scoring_elements 0.71791
published_at 2026-04-11T12:55:00Z
2
value 0.00689
scoring_system epss
scoring_elements 0.71775
published_at 2026-04-12T12:55:00Z
3
value 0.00689
scoring_system epss
scoring_elements 0.71757
published_at 2026-04-13T12:55:00Z
4
value 0.00689
scoring_system epss
scoring_elements 0.71799
published_at 2026-04-16T12:55:00Z
5
value 0.00689
scoring_system epss
scoring_elements 0.71805
published_at 2026-04-18T12:55:00Z
6
value 0.00689
scoring_system epss
scoring_elements 0.71717
published_at 2026-04-07T12:55:00Z
7
value 0.00689
scoring_system epss
scoring_elements 0.71724
published_at 2026-04-02T12:55:00Z
8
value 0.00689
scoring_system epss
scoring_elements 0.71743
published_at 2026-04-04T12:55:00Z
9
value 0.00689
scoring_system epss
scoring_elements 0.71756
published_at 2026-04-08T12:55:00Z
10
value 0.00689
scoring_system epss
scoring_elements 0.71767
published_at 2026-04-09T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2017-7804
1
reference_url https://bugzilla.mozilla.org/show_bug.cgi?id=1372849
reference_id
reference_type
scores
url https://bugzilla.mozilla.org/show_bug.cgi?id=1372849
2
reference_url https://www.mozilla.org/security/advisories/mfsa2017-18/
reference_id
reference_type
scores
url https://www.mozilla.org/security/advisories/mfsa2017-18/
3
reference_url https://www.mozilla.org/security/advisories/mfsa2017-19/
reference_id
reference_type
scores
url https://www.mozilla.org/security/advisories/mfsa2017-19/
4
reference_url https://www.mozilla.org/security/advisories/mfsa2017-20/
reference_id
reference_type
scores
url https://www.mozilla.org/security/advisories/mfsa2017-20/
5
reference_url http://www.securityfocus.com/bid/100234
reference_id
reference_type
scores
url http://www.securityfocus.com/bid/100234
6
reference_url http://www.securitytracker.com/id/1039124
reference_id
reference_type
scores
url http://www.securitytracker.com/id/1039124
7
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*
reference_id cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*
8
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*
reference_id cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*
9
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*
reference_id cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*
10
reference_url https://nvd.nist.gov/vuln/detail/CVE-2017-7804
reference_id CVE-2017-7804
reference_type
scores
0
value 5.0
scoring_system cvssv2
scoring_elements AV:N/AC:L/Au:N/C:N/I:P/A:N
1
value 7.5
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
url https://nvd.nist.gov/vuln/detail/CVE-2017-7804
11
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2017-18
reference_id mfsa2017-18
reference_type
scores
0
value critical
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2017-18
12
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2017-19
reference_id mfsa2017-19
reference_type
scores
0
value critical
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2017-19
13
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2017-20
reference_id mfsa2017-20
reference_type
scores
0
value critical
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2017-20
fixed_packages
0
url pkg:deb/debian/firefox@150.0-1?distro=sid
purl pkg:deb/debian/firefox@150.0-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@150.0-1%3Fdistro=sid
1
url pkg:deb/debian/firefox@0?distro=sid
purl pkg:deb/debian/firefox@0?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@0%3Fdistro=sid
2
url pkg:deb/debian/firefox@149.0-1?distro=sid
purl pkg:deb/debian/firefox@149.0-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0-1%3Fdistro=sid
3
url pkg:deb/debian/firefox@149.0.2-1?distro=sid
purl pkg:deb/debian/firefox@149.0.2-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0.2-1%3Fdistro=sid
aliases CVE-2017-7804
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-d5hs-m1zz-kybj
98
url VCID-d9dm-aww1-pfbm
vulnerability_id VCID-d9dm-aww1-pfbm
summary 
Multiple vulnerabilities have been found in Mozilla Firefox and
    Thunderbird the worst of which could lead to the execution of arbitrary
    code.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2016-5253
reference_id
reference_type
scores
0
value 0.00058
scoring_system epss
scoring_elements 0.18208
published_at 2026-04-21T12:55:00Z
1
value 0.00058
scoring_system epss
scoring_elements 0.18272
published_at 2026-04-01T12:55:00Z
2
value 0.00058
scoring_system epss
scoring_elements 0.18226
published_at 2026-04-13T12:55:00Z
3
value 0.00058
scoring_system epss
scoring_elements 0.1817
published_at 2026-04-16T12:55:00Z
4
value 0.00058
scoring_system epss
scoring_elements 0.18181
published_at 2026-04-18T12:55:00Z
5
value 0.00058
scoring_system epss
scoring_elements 0.18423
published_at 2026-04-02T12:55:00Z
6
value 0.00058
scoring_system epss
scoring_elements 0.18477
published_at 2026-04-04T12:55:00Z
7
value 0.00058
scoring_system epss
scoring_elements 0.18186
published_at 2026-04-07T12:55:00Z
8
value 0.00058
scoring_system epss
scoring_elements 0.1827
published_at 2026-04-08T12:55:00Z
9
value 0.00058
scoring_system epss
scoring_elements 0.18324
published_at 2026-04-09T12:55:00Z
10
value 0.00058
scoring_system epss
scoring_elements 0.18325
published_at 2026-04-11T12:55:00Z
11
value 0.00058
scoring_system epss
scoring_elements 0.18278
published_at 2026-04-12T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2016-5253
1
reference_url https://bugzilla.mozilla.org/show_bug.cgi?id=1246944
reference_id
reference_type
scores
url https://bugzilla.mozilla.org/show_bug.cgi?id=1246944
2
reference_url http://www.mozilla.org/security/announce/2016/mfsa2016-69.html
reference_id
reference_type
scores
url http://www.mozilla.org/security/announce/2016/mfsa2016-69.html
3
reference_url http://www.securityfocus.com/bid/92260
reference_id
reference_type
scores
url http://www.securityfocus.com/bid/92260
4
reference_url http://www.securitytracker.com/id/1036508
reference_id
reference_type
scores
url http://www.securitytracker.com/id/1036508
5
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*
reference_id cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*
6
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5253
reference_id CVE-2016-5253
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5253
7
reference_url https://nvd.nist.gov/vuln/detail/CVE-2016-5253
reference_id CVE-2016-5253
reference_type
scores
0
value 4.7
scoring_system cvssv2
scoring_elements AV:L/AC:M/Au:N/C:N/I:C/A:N
1
value 4.7
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:N
url https://nvd.nist.gov/vuln/detail/CVE-2016-5253
8
reference_url https://security.gentoo.org/glsa/201701-15
reference_id GLSA-201701-15
reference_type
scores
url https://security.gentoo.org/glsa/201701-15
9
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2016-69
reference_id mfsa2016-69
reference_type
scores
0
value none
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2016-69
fixed_packages
0
url pkg:deb/debian/firefox@150.0-1?distro=sid
purl pkg:deb/debian/firefox@150.0-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@150.0-1%3Fdistro=sid
1
url pkg:deb/debian/firefox@0?distro=sid
purl pkg:deb/debian/firefox@0?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@0%3Fdistro=sid
2
url pkg:deb/debian/firefox@149.0-1?distro=sid
purl pkg:deb/debian/firefox@149.0-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0-1%3Fdistro=sid
3
url pkg:deb/debian/firefox@149.0.2-1?distro=sid
purl pkg:deb/debian/firefox@149.0.2-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0.2-1%3Fdistro=sid
aliases CVE-2016-5253
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-d9dm-aww1-pfbm
99
url VCID-daaa-zra4-w7hz
vulnerability_id VCID-daaa-zra4-w7hz
summary Multiple vulnerabilities have been discovered in Mozilla Firefox, the worst of which could result in arbitrary code execution.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2023-23600
reference_id
reference_type
scores
0
value 0.0025
scoring_system epss
scoring_elements 0.4824
published_at 2026-04-21T12:55:00Z
1
value 0.0025
scoring_system epss
scoring_elements 0.48209
published_at 2026-04-02T12:55:00Z
2
value 0.0025
scoring_system epss
scoring_elements 0.48239
published_at 2026-04-13T12:55:00Z
3
value 0.0025
scoring_system epss
scoring_elements 0.48291
published_at 2026-04-16T12:55:00Z
4
value 0.0025
scoring_system epss
scoring_elements 0.48285
published_at 2026-04-18T12:55:00Z
5
value 0.0025
scoring_system epss
scoring_elements 0.48229
published_at 2026-04-09T12:55:00Z
6
value 0.0025
scoring_system epss
scoring_elements 0.4818
published_at 2026-04-07T12:55:00Z
7
value 0.0025
scoring_system epss
scoring_elements 0.48235
published_at 2026-04-08T12:55:00Z
8
value 0.0025
scoring_system epss
scoring_elements 0.48254
published_at 2026-04-11T12:55:00Z
9
value 0.0025
scoring_system epss
scoring_elements 0.48228
published_at 2026-04-12T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2023-23600
1
reference_url https://security.gentoo.org/glsa/202305-06
reference_id GLSA-202305-06
reference_type
scores
url https://security.gentoo.org/glsa/202305-06
2
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2023-01
reference_id mfsa2023-01
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2023-01
3
reference_url https://www.mozilla.org/security/advisories/mfsa2023-01/
reference_id mfsa2023-01
reference_type
scores
0
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-09T16:19:41Z/
url https://www.mozilla.org/security/advisories/mfsa2023-01/
4
reference_url https://bugzilla.mozilla.org/show_bug.cgi?id=1787034
reference_id show_bug.cgi?id=1787034
reference_type
scores
0
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-09T16:19:41Z/
url https://bugzilla.mozilla.org/show_bug.cgi?id=1787034
fixed_packages
0
url pkg:deb/debian/firefox@150.0-1?distro=sid
purl pkg:deb/debian/firefox@150.0-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@150.0-1%3Fdistro=sid
1
url pkg:deb/debian/firefox@0?distro=sid
purl pkg:deb/debian/firefox@0?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@0%3Fdistro=sid
2
url pkg:deb/debian/firefox@149.0-1?distro=sid
purl pkg:deb/debian/firefox@149.0-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0-1%3Fdistro=sid
3
url pkg:deb/debian/firefox@149.0.2-1?distro=sid
purl pkg:deb/debian/firefox@149.0.2-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0.2-1%3Fdistro=sid
aliases CVE-2023-23600
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-daaa-zra4-w7hz
100
url VCID-ddhz-4wa1-zke9
vulnerability_id VCID-ddhz-4wa1-zke9
summary A Content Provider in Firefox for Android allowed local files accessible by the browser to be read by a remote webpage, leading to sensitive data disclosure, including cookies for other origins.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2020-15647
reference_id
reference_type
scores
0
value 0.00248
scoring_system epss
scoring_elements 0.48087
published_at 2026-04-21T12:55:00Z
1
value 0.00248
scoring_system epss
scoring_elements 0.48017
published_at 2026-04-01T12:55:00Z
2
value 0.00248
scoring_system epss
scoring_elements 0.48055
published_at 2026-04-02T12:55:00Z
3
value 0.00248
scoring_system epss
scoring_elements 0.48076
published_at 2026-04-04T12:55:00Z
4
value 0.00248
scoring_system epss
scoring_elements 0.48026
published_at 2026-04-07T12:55:00Z
5
value 0.00248
scoring_system epss
scoring_elements 0.48079
published_at 2026-04-08T12:55:00Z
6
value 0.00248
scoring_system epss
scoring_elements 0.48073
published_at 2026-04-12T12:55:00Z
7
value 0.00248
scoring_system epss
scoring_elements 0.48097
published_at 2026-04-11T12:55:00Z
8
value 0.00248
scoring_system epss
scoring_elements 0.48084
published_at 2026-04-13T12:55:00Z
9
value 0.00248
scoring_system epss
scoring_elements 0.48137
published_at 2026-04-16T12:55:00Z
10
value 0.00248
scoring_system epss
scoring_elements 0.48133
published_at 2026-04-18T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2020-15647
1
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2020-27
reference_id mfsa2020-27
reference_type
scores
0
value critical
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2020-27
fixed_packages
0
url pkg:deb/debian/firefox@150.0-1?distro=sid
purl pkg:deb/debian/firefox@150.0-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@150.0-1%3Fdistro=sid
1
url pkg:deb/debian/firefox@0?distro=sid
purl pkg:deb/debian/firefox@0?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@0%3Fdistro=sid
2
url pkg:deb/debian/firefox@149.0-1?distro=sid
purl pkg:deb/debian/firefox@149.0-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0-1%3Fdistro=sid
3
url pkg:deb/debian/firefox@149.0.2-1?distro=sid
purl pkg:deb/debian/firefox@149.0.2-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0.2-1%3Fdistro=sid
aliases CVE-2020-15647
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-ddhz-4wa1-zke9
101
url VCID-de9v-k2u9-tbhk
vulnerability_id VCID-de9v-k2u9-tbhk
summary The contextual menu for links could provide an opportunity for cross-site scripting attacks
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2024-43113
reference_id
reference_type
scores
0
value 0.01035
scoring_system epss
scoring_elements 0.77405
published_at 2026-04-21T12:55:00Z
1
value 0.01035
scoring_system epss
scoring_elements 0.7737
published_at 2026-04-09T12:55:00Z
2
value 0.01035
scoring_system epss
scoring_elements 0.77397
published_at 2026-04-11T12:55:00Z
3
value 0.01035
scoring_system epss
scoring_elements 0.77377
published_at 2026-04-12T12:55:00Z
4
value 0.01035
scoring_system epss
scoring_elements 0.77373
published_at 2026-04-13T12:55:00Z
5
value 0.01035
scoring_system epss
scoring_elements 0.77413
published_at 2026-04-18T12:55:00Z
6
value 0.01035
scoring_system epss
scoring_elements 0.77322
published_at 2026-04-02T12:55:00Z
7
value 0.01035
scoring_system epss
scoring_elements 0.7735
published_at 2026-04-04T12:55:00Z
8
value 0.01035
scoring_system epss
scoring_elements 0.77331
published_at 2026-04-07T12:55:00Z
9
value 0.01035
scoring_system epss
scoring_elements 0.77361
published_at 2026-04-08T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2024-43113
1
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2024-36
reference_id mfsa2024-36
reference_type
scores
0
value none
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2024-36
2
reference_url https://www.mozilla.org/security/advisories/mfsa2024-36/
reference_id mfsa2024-36
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-08-07T13:31:39Z/
url https://www.mozilla.org/security/advisories/mfsa2024-36/
3
reference_url https://bugzilla.mozilla.org/show_bug.cgi?id=1874964
reference_id show_bug.cgi?id=1874964
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-08-07T13:31:39Z/
url https://bugzilla.mozilla.org/show_bug.cgi?id=1874964
fixed_packages
0
url pkg:deb/debian/firefox@150.0-1?distro=sid
purl pkg:deb/debian/firefox@150.0-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@150.0-1%3Fdistro=sid
1
url pkg:deb/debian/firefox@0?distro=sid
purl pkg:deb/debian/firefox@0?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@0%3Fdistro=sid
2
url pkg:deb/debian/firefox@149.0-1?distro=sid
purl pkg:deb/debian/firefox@149.0-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0-1%3Fdistro=sid
3
url pkg:deb/debian/firefox@149.0.2-1?distro=sid
purl pkg:deb/debian/firefox@149.0.2-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0.2-1%3Fdistro=sid
aliases CVE-2024-43113
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-de9v-k2u9-tbhk
102
url VCID-dher-5g6m-yuev
vulnerability_id VCID-dher-5g6m-yuev
summary Navigations through the Android-specific `intent` URL scheme could have been misused to escape iframe sandbox.*Note: This issue only affected Firefox for Android. Other operating systems are unaffected.*
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2021-23957
reference_id
reference_type
scores
0
value 0.00284
scoring_system epss
scoring_elements 0.5184
published_at 2026-04-21T12:55:00Z
1
value 0.00284
scoring_system epss
scoring_elements 0.51707
published_at 2026-04-01T12:55:00Z
2
value 0.00284
scoring_system epss
scoring_elements 0.51852
published_at 2026-04-16T12:55:00Z
3
value 0.00284
scoring_system epss
scoring_elements 0.51859
published_at 2026-04-18T12:55:00Z
4
value 0.00284
scoring_system epss
scoring_elements 0.51756
published_at 2026-04-02T12:55:00Z
5
value 0.00284
scoring_system epss
scoring_elements 0.51782
published_at 2026-04-04T12:55:00Z
6
value 0.00284
scoring_system epss
scoring_elements 0.51742
published_at 2026-04-07T12:55:00Z
7
value 0.00284
scoring_system epss
scoring_elements 0.51797
published_at 2026-04-08T12:55:00Z
8
value 0.00284
scoring_system epss
scoring_elements 0.51794
published_at 2026-04-09T12:55:00Z
9
value 0.00284
scoring_system epss
scoring_elements 0.51845
published_at 2026-04-11T12:55:00Z
10
value 0.00284
scoring_system epss
scoring_elements 0.51824
published_at 2026-04-12T12:55:00Z
11
value 0.00284
scoring_system epss
scoring_elements 0.51809
published_at 2026-04-13T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2021-23957
1
reference_url https://security.archlinux.org/AVG-1493
reference_id AVG-1493
reference_type
scores
0
value Medium
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-1493
2
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2021-03
reference_id mfsa2021-03
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2021-03
fixed_packages
0
url pkg:deb/debian/firefox@150.0-1?distro=sid
purl pkg:deb/debian/firefox@150.0-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@150.0-1%3Fdistro=sid
1
url pkg:deb/debian/firefox@0?distro=sid
purl pkg:deb/debian/firefox@0?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@0%3Fdistro=sid
2
url pkg:deb/debian/firefox@149.0-1?distro=sid
purl pkg:deb/debian/firefox@149.0-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0-1%3Fdistro=sid
3
url pkg:deb/debian/firefox@149.0.2-1?distro=sid
purl pkg:deb/debian/firefox@149.0.2-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0.2-1%3Fdistro=sid
aliases CVE-2021-23957
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-dher-5g6m-yuev
103
url VCID-dhsg-zyny-5ybq
vulnerability_id VCID-dhsg-zyny-5ybq
summary The displayed addressbar URL can be spoofed on Firefox for Android using a javascript: URI in concert with JavaScript to insert text before the loaded domain name, scrolling the loaded domain out of view to the right. This can lead to user confusion. *This vulnerability only affects Firefox for Android.*
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-12382.json
reference_id
reference_type
scores
0
value 4.4
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:L
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-12382.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2018-12382
reference_id
reference_type
scores
0
value 0.00368
scoring_system epss
scoring_elements 0.58647
published_at 2026-04-01T12:55:00Z
1
value 0.00368
scoring_system epss
scoring_elements 0.58731
published_at 2026-04-02T12:55:00Z
2
value 0.00368
scoring_system epss
scoring_elements 0.58752
published_at 2026-04-04T12:55:00Z
3
value 0.00368
scoring_system epss
scoring_elements 0.5872
published_at 2026-04-07T12:55:00Z
4
value 0.00368
scoring_system epss
scoring_elements 0.58772
published_at 2026-04-08T12:55:00Z
5
value 0.00368
scoring_system epss
scoring_elements 0.58779
published_at 2026-04-12T12:55:00Z
6
value 0.00368
scoring_system epss
scoring_elements 0.58798
published_at 2026-04-11T12:55:00Z
7
value 0.00368
scoring_system epss
scoring_elements 0.58759
published_at 2026-04-13T12:55:00Z
8
value 0.00368
scoring_system epss
scoring_elements 0.58792
published_at 2026-04-16T12:55:00Z
9
value 0.00368
scoring_system epss
scoring_elements 0.58797
published_at 2026-04-18T12:55:00Z
10
value 0.00368
scoring_system epss
scoring_elements 0.58775
published_at 2026-04-21T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2018-12382
2
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1625530
reference_id 1625530
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1625530
3
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2018-20
reference_id mfsa2018-20
reference_type
scores
0
value critical
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2018-20
fixed_packages
0
url pkg:deb/debian/firefox@150.0-1?distro=sid
purl pkg:deb/debian/firefox@150.0-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@150.0-1%3Fdistro=sid
1
url pkg:deb/debian/firefox@0?distro=sid
purl pkg:deb/debian/firefox@0?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@0%3Fdistro=sid
2
url pkg:deb/debian/firefox@149.0-1?distro=sid
purl pkg:deb/debian/firefox@149.0-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0-1%3Fdistro=sid
3
url pkg:deb/debian/firefox@149.0.2-1?distro=sid
purl pkg:deb/debian/firefox@149.0.2-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0.2-1%3Fdistro=sid
aliases CVE-2018-12382
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-dhsg-zyny-5ybq
104
url VCID-dmnj-pt27-3bge
vulnerability_id VCID-dmnj-pt27-3bge
summary Multiple vulnerabilities have been discovered in Mozilla Thunderbird, the worst of which could lead to remote code execution.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-9391.json
reference_id
reference_type
scores
0
value 7.1
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:H/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-9391.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2024-9391
reference_id
reference_type
scores
0
value 0.00357
scoring_system epss
scoring_elements 0.57985
published_at 2026-04-21T12:55:00Z
1
value 0.00357
scoring_system epss
scoring_elements 0.58005
published_at 2026-04-09T12:55:00Z
2
value 0.00357
scoring_system epss
scoring_elements 0.58021
published_at 2026-04-11T12:55:00Z
3
value 0.00357
scoring_system epss
scoring_elements 0.57999
published_at 2026-04-12T12:55:00Z
4
value 0.00357
scoring_system epss
scoring_elements 0.57978
published_at 2026-04-13T12:55:00Z
5
value 0.00357
scoring_system epss
scoring_elements 0.58009
published_at 2026-04-16T12:55:00Z
6
value 0.00357
scoring_system epss
scoring_elements 0.58007
published_at 2026-04-18T12:55:00Z
7
value 0.00357
scoring_system epss
scoring_elements 0.57953
published_at 2026-04-02T12:55:00Z
8
value 0.00357
scoring_system epss
scoring_elements 0.57972
published_at 2026-04-04T12:55:00Z
9
value 0.00357
scoring_system epss
scoring_elements 0.57948
published_at 2026-04-07T12:55:00Z
10
value 0.00357
scoring_system epss
scoring_elements 0.58003
published_at 2026-04-08T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2024-9391
2
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 7.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:H/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
3
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2315948
reference_id 2315948
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2315948
4
reference_url https://security.gentoo.org/glsa/202412-04
reference_id GLSA-202412-04
reference_type
scores
url https://security.gentoo.org/glsa/202412-04
5
reference_url https://security.gentoo.org/glsa/202412-06
reference_id GLSA-202412-06
reference_type
scores
url https://security.gentoo.org/glsa/202412-06
6
reference_url https://security.gentoo.org/glsa/202505-08
reference_id GLSA-202505-08
reference_type
scores
url https://security.gentoo.org/glsa/202505-08
7
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2024-46
reference_id mfsa2024-46
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2024-46
8
reference_url https://www.mozilla.org/security/advisories/mfsa2024-46/
reference_id mfsa2024-46
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-01T18:56:22Z/
url https://www.mozilla.org/security/advisories/mfsa2024-46/
9
reference_url https://bugzilla.mozilla.org/show_bug.cgi?id=1892407
reference_id show_bug.cgi?id=1892407
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-01T18:56:22Z/
url https://bugzilla.mozilla.org/show_bug.cgi?id=1892407
fixed_packages
0
url pkg:deb/debian/firefox@150.0-1?distro=sid
purl pkg:deb/debian/firefox@150.0-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@150.0-1%3Fdistro=sid
1
url pkg:deb/debian/firefox@0?distro=sid
purl pkg:deb/debian/firefox@0?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@0%3Fdistro=sid
2
url pkg:deb/debian/firefox@149.0-1?distro=sid
purl pkg:deb/debian/firefox@149.0-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0-1%3Fdistro=sid
3
url pkg:deb/debian/firefox@149.0.2-1?distro=sid
purl pkg:deb/debian/firefox@149.0.2-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0.2-1%3Fdistro=sid
aliases CVE-2024-9391
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-dmnj-pt27-3bge
105
url VCID-dq19-byye-fuag
vulnerability_id VCID-dq19-byye-fuag
summary Multiple vulnerabilities have been found in Mozilla Firefox, the worst of which could result in the arbitrary execution of code.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2022-34469
reference_id
reference_type
scores
0
value 0.00062
scoring_system epss
scoring_elements 0.19251
published_at 2026-04-21T12:55:00Z
1
value 0.00062
scoring_system epss
scoring_elements 0.19477
published_at 2026-04-02T12:55:00Z
2
value 0.00062
scoring_system epss
scoring_elements 0.19371
published_at 2026-04-09T12:55:00Z
3
value 0.00062
scoring_system epss
scoring_elements 0.19375
published_at 2026-04-11T12:55:00Z
4
value 0.00062
scoring_system epss
scoring_elements 0.19326
published_at 2026-04-12T12:55:00Z
5
value 0.00062
scoring_system epss
scoring_elements 0.19268
published_at 2026-04-13T12:55:00Z
6
value 0.00062
scoring_system epss
scoring_elements 0.19231
published_at 2026-04-16T12:55:00Z
7
value 0.00062
scoring_system epss
scoring_elements 0.19524
published_at 2026-04-04T12:55:00Z
8
value 0.00062
scoring_system epss
scoring_elements 0.1924
published_at 2026-04-18T12:55:00Z
9
value 0.00062
scoring_system epss
scoring_elements 0.19319
published_at 2026-04-08T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2022-34469
1
reference_url https://security.gentoo.org/glsa/202208-08
reference_id GLSA-202208-08
reference_type
scores
url https://security.gentoo.org/glsa/202208-08
2
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2022-24
reference_id mfsa2022-24
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2022-24
3
reference_url https://www.mozilla.org/security/advisories/mfsa2022-24/
reference_id mfsa2022-24
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value Track*
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2025-04-15T18:18:21Z/
url https://www.mozilla.org/security/advisories/mfsa2022-24/
4
reference_url https://bugzilla.mozilla.org/show_bug.cgi?id=1721220
reference_id show_bug.cgi?id=1721220
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value Track*
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2025-04-15T18:18:21Z/
url https://bugzilla.mozilla.org/show_bug.cgi?id=1721220
fixed_packages
0
url pkg:deb/debian/firefox@150.0-1?distro=sid
purl pkg:deb/debian/firefox@150.0-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@150.0-1%3Fdistro=sid
1
url pkg:deb/debian/firefox@0?distro=sid
purl pkg:deb/debian/firefox@0?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@0%3Fdistro=sid
2
url pkg:deb/debian/firefox@149.0-1?distro=sid
purl pkg:deb/debian/firefox@149.0-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0-1%3Fdistro=sid
3
url pkg:deb/debian/firefox@149.0.2-1?distro=sid
purl pkg:deb/debian/firefox@149.0.2-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0.2-1%3Fdistro=sid
aliases CVE-2022-34469
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-dq19-byye-fuag
106
url VCID-dsqp-sd8u-97et
vulnerability_id VCID-dsqp-sd8u-97et
summary 
Multiple vulnerabilities have been reported in Mozilla Thunderbird, some of
    which may allow the remote execution of arbitrary code.
references
0
reference_url http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c00771742
reference_id
reference_type
scores
url http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c00771742
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2006-6500
reference_id
reference_type
scores
0
value 0.37533
scoring_system epss
scoring_elements 0.97202
published_at 2026-04-21T12:55:00Z
1
value 0.37533
scoring_system epss
scoring_elements 0.97196
published_at 2026-04-16T12:55:00Z
2
value 0.37533
scoring_system epss
scoring_elements 0.97198
published_at 2026-04-18T12:55:00Z
3
value 0.37533
scoring_system epss
scoring_elements 0.97159
published_at 2026-04-01T12:55:00Z
4
value 0.37533
scoring_system epss
scoring_elements 0.97165
published_at 2026-04-02T12:55:00Z
5
value 0.37533
scoring_system epss
scoring_elements 0.97171
published_at 2026-04-04T12:55:00Z
6
value 0.37533
scoring_system epss
scoring_elements 0.97172
published_at 2026-04-07T12:55:00Z
7
value 0.37533
scoring_system epss
scoring_elements 0.97182
published_at 2026-04-08T12:55:00Z
8
value 0.37533
scoring_system epss
scoring_elements 0.97183
published_at 2026-04-09T12:55:00Z
9
value 0.37533
scoring_system epss
scoring_elements 0.97187
published_at 2026-04-11T12:55:00Z
10
value 0.37533
scoring_system epss
scoring_elements 0.97188
published_at 2026-04-13T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2006-6500
2
reference_url http://secunia.com/advisories/23282
reference_id
reference_type
scores
url http://secunia.com/advisories/23282
3
reference_url http://secunia.com/advisories/23420
reference_id
reference_type
scores
url http://secunia.com/advisories/23420
4
reference_url http://secunia.com/advisories/23422
reference_id
reference_type
scores
url http://secunia.com/advisories/23422
5
reference_url http://secunia.com/advisories/23545
reference_id
reference_type
scores
url http://secunia.com/advisories/23545
6
reference_url http://secunia.com/advisories/23598
reference_id
reference_type
scores
url http://secunia.com/advisories/23598
7
reference_url http://secunia.com/advisories/23614
reference_id
reference_type
scores
url http://secunia.com/advisories/23614
8
reference_url http://secunia.com/advisories/23672
reference_id
reference_type
scores
url http://secunia.com/advisories/23672
9
reference_url http://secunia.com/advisories/23692
reference_id
reference_type
scores
url http://secunia.com/advisories/23692
10
reference_url http://security.gentoo.org/glsa/glsa-200701-02.xml
reference_id
reference_type
scores
url http://security.gentoo.org/glsa/glsa-200701-02.xml
11
reference_url http://securitytracker.com/id?1017399
reference_id
reference_type
scores
url http://securitytracker.com/id?1017399
12
reference_url http://securitytracker.com/id?1017400
reference_id
reference_type
scores
url http://securitytracker.com/id?1017400
13
reference_url http://securitytracker.com/id?1017401
reference_id
reference_type
scores
url http://securitytracker.com/id?1017401
14
reference_url http://www.gentoo.org/security/en/glsa/glsa-200701-03.xml
reference_id
reference_type
scores
url http://www.gentoo.org/security/en/glsa/glsa-200701-03.xml
15
reference_url http://www.gentoo.org/security/en/glsa/glsa-200701-04.xml
reference_id
reference_type
scores
url http://www.gentoo.org/security/en/glsa/glsa-200701-04.xml
16
reference_url http://www.kb.cert.org/vuls/id/722244
reference_id
reference_type
scores
url http://www.kb.cert.org/vuls/id/722244
17
reference_url http://www.mandriva.com/security/advisories?name=MDKSA-2007:010
reference_id
reference_type
scores
url http://www.mandriva.com/security/advisories?name=MDKSA-2007:010
18
reference_url http://www.mandriva.com/security/advisories?name=MDKSA-2007:011
reference_id
reference_type
scores
url http://www.mandriva.com/security/advisories?name=MDKSA-2007:011
19
reference_url http://www.mozilla.org/security/announce/2006/mfsa2006-69.html
reference_id
reference_type
scores
url http://www.mozilla.org/security/announce/2006/mfsa2006-69.html
20
reference_url http://www.novell.com/linux/security/advisories/2006_80_mozilla.html
reference_id
reference_type
scores
url http://www.novell.com/linux/security/advisories/2006_80_mozilla.html
21
reference_url http://www.novell.com/linux/security/advisories/2007_06_mozilla.html
reference_id
reference_type
scores
url http://www.novell.com/linux/security/advisories/2007_06_mozilla.html
22
reference_url http://www.securityfocus.com/bid/21668
reference_id
reference_type
scores
url http://www.securityfocus.com/bid/21668
23
reference_url http://www.us-cert.gov/cas/techalerts/TA06-354A.html
reference_id
reference_type
scores
url http://www.us-cert.gov/cas/techalerts/TA06-354A.html
24
reference_url http://www.vupen.com/english/advisories/2006/5068
reference_id
reference_type
scores
url http://www.vupen.com/english/advisories/2006/5068
25
reference_url http://www.vupen.com/english/advisories/2008/0083
reference_id
reference_type
scores
url http://www.vupen.com/english/advisories/2008/0083
26
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*
reference_id cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*
27
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:seamonkey:*:*:*:*:*:*:*:*
reference_id cpe:2.3:a:mozilla:seamonkey:*:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:seamonkey:*:*:*:*:*:*:*:*
28
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*
reference_id cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*
29
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:5.10:*:*:*:*:*:*:*
reference_id cpe:2.3:o:canonical:ubuntu_linux:5.10:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:5.10:*:*:*:*:*:*:*
30
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:6.06:*:*:*:lts:*:*:*
reference_id cpe:2.3:o:canonical:ubuntu_linux:6.06:*:*:*:lts:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:6.06:*:*:*:lts:*:*:*
31
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:6.10:*:*:*:*:*:*:*
reference_id cpe:2.3:o:canonical:ubuntu_linux:6.10:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:6.10:*:*:*:*:*:*:*
32
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:3.1:*:*:*:*:*:*:*
reference_id cpe:2.3:o:debian:debian_linux:3.1:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:3.1:*:*:*:*:*:*:*
33
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:4.0:*:*:*:*:*:*:*
reference_id cpe:2.3:o:debian:debian_linux:4.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:4.0:*:*:*:*:*:*:*
34
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-6500
reference_id CVE-2006-6500
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-6500
35
reference_url https://nvd.nist.gov/vuln/detail/CVE-2006-6500
reference_id CVE-2006-6500
reference_type
scores
0
value 6.8
scoring_system cvssv2
scoring_elements AV:N/AC:M/Au:N/C:P/I:P/A:P
url https://nvd.nist.gov/vuln/detail/CVE-2006-6500
36
reference_url https://security.gentoo.org/glsa/200701-02
reference_id GLSA-200701-02
reference_type
scores
url https://security.gentoo.org/glsa/200701-02
37
reference_url https://security.gentoo.org/glsa/200701-03
reference_id GLSA-200701-03
reference_type
scores
url https://security.gentoo.org/glsa/200701-03
38
reference_url https://security.gentoo.org/glsa/200701-04
reference_id GLSA-200701-04
reference_type
scores
url https://security.gentoo.org/glsa/200701-04
39
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2006-69
reference_id mfsa2006-69
reference_type
scores
0
value critical
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2006-69
fixed_packages
0
url pkg:deb/debian/firefox@150.0-1?distro=sid
purl pkg:deb/debian/firefox@150.0-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@150.0-1%3Fdistro=sid
1
url pkg:deb/debian/firefox@0?distro=sid
purl pkg:deb/debian/firefox@0?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@0%3Fdistro=sid
2
url pkg:deb/debian/firefox@149.0-1?distro=sid
purl pkg:deb/debian/firefox@149.0-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0-1%3Fdistro=sid
3
url pkg:deb/debian/firefox@149.0.2-1?distro=sid
purl pkg:deb/debian/firefox@149.0.2-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0.2-1%3Fdistro=sid
aliases CVE-2006-6500
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-dsqp-sd8u-97et
107
url VCID-dukt-jk3k-wqht
vulnerability_id VCID-dukt-jk3k-wqht
summary When using an invalid protocol scheme, an attacker could spoof the address bar. *Note: This issue only affected Android operating systems. Other operating systems are unaffected.**Note: This issue is a different issue from CVE-2025-0244.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-0246.json
reference_id
reference_type
scores
0
value 5.4
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-0246.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2025-0246
reference_id
reference_type
scores
0
value 0.00136
scoring_system epss
scoring_elements 0.33367
published_at 2026-04-18T12:55:00Z
1
value 0.00136
scoring_system epss
scoring_elements 0.33465
published_at 2026-04-02T12:55:00Z
2
value 0.00136
scoring_system epss
scoring_elements 0.33391
published_at 2026-04-16T12:55:00Z
3
value 0.00136
scoring_system epss
scoring_elements 0.33357
published_at 2026-04-13T12:55:00Z
4
value 0.00136
scoring_system epss
scoring_elements 0.3338
published_at 2026-04-12T12:55:00Z
5
value 0.00136
scoring_system epss
scoring_elements 0.33421
published_at 2026-04-11T12:55:00Z
6
value 0.00136
scoring_system epss
scoring_elements 0.33497
published_at 2026-04-04T12:55:00Z
7
value 0.00136
scoring_system epss
scoring_elements 0.33338
published_at 2026-04-07T12:55:00Z
8
value 0.00136
scoring_system epss
scoring_elements 0.33417
published_at 2026-04-09T12:55:00Z
9
value 0.00136
scoring_system epss
scoring_elements 0.33383
published_at 2026-04-08T12:55:00Z
10
value 0.0014
scoring_system epss
scoring_elements 0.34149
published_at 2026-04-21T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2025-0246
2
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
3
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2336183
reference_id 2336183
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2336183
4
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2025-01
reference_id mfsa2025-01
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2025-01
5
reference_url https://www.mozilla.org/security/advisories/mfsa2025-01/
reference_id mfsa2025-01
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-08T15:49:04Z/
url https://www.mozilla.org/security/advisories/mfsa2025-01/
6
reference_url https://bugzilla.mozilla.org/show_bug.cgi?id=1912709
reference_id show_bug.cgi?id=1912709
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-08T15:49:04Z/
url https://bugzilla.mozilla.org/show_bug.cgi?id=1912709
fixed_packages
0
url pkg:deb/debian/firefox@150.0-1?distro=sid
purl pkg:deb/debian/firefox@150.0-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@150.0-1%3Fdistro=sid
1
url pkg:deb/debian/firefox@0?distro=sid
purl pkg:deb/debian/firefox@0?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@0%3Fdistro=sid
2
url pkg:deb/debian/firefox@149.0-1?distro=sid
purl pkg:deb/debian/firefox@149.0-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0-1%3Fdistro=sid
3
url pkg:deb/debian/firefox@149.0.2-1?distro=sid
purl pkg:deb/debian/firefox@149.0.2-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0.2-1%3Fdistro=sid
aliases CVE-2025-0246
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-dukt-jk3k-wqht
108
url VCID-dveb-sthz-bkgu
vulnerability_id VCID-dveb-sthz-bkgu
summary Multiple vulnerabilities have been discovered in Mozilla Thunderbird, the worst of which could result in arbitrary code execution.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-25738.json
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-25738.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2023-25738
reference_id
reference_type
scores
0
value 0.00163
scoring_system epss
scoring_elements 0.37145
published_at 2026-04-21T12:55:00Z
1
value 0.00163
scoring_system epss
scoring_elements 0.37201
published_at 2026-04-18T12:55:00Z
2
value 0.00163
scoring_system epss
scoring_elements 0.37303
published_at 2026-04-02T12:55:00Z
3
value 0.00163
scoring_system epss
scoring_elements 0.37218
published_at 2026-04-16T12:55:00Z
4
value 0.00163
scoring_system epss
scoring_elements 0.37172
published_at 2026-04-13T12:55:00Z
5
value 0.00163
scoring_system epss
scoring_elements 0.37199
published_at 2026-04-12T12:55:00Z
6
value 0.00163
scoring_system epss
scoring_elements 0.37233
published_at 2026-04-11T12:55:00Z
7
value 0.00163
scoring_system epss
scoring_elements 0.37223
published_at 2026-04-09T12:55:00Z
8
value 0.00163
scoring_system epss
scoring_elements 0.37208
published_at 2026-04-08T12:55:00Z
9
value 0.00163
scoring_system epss
scoring_elements 0.37329
published_at 2026-04-04T12:55:00Z
10
value 0.00163
scoring_system epss
scoring_elements 0.37156
published_at 2026-04-07T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2023-25738
2
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2170380
reference_id 2170380
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2170380
3
reference_url https://security.gentoo.org/glsa/202305-35
reference_id GLSA-202305-35
reference_type
scores
url https://security.gentoo.org/glsa/202305-35
4
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2023-05
reference_id mfsa2023-05
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2023-05
5
reference_url https://www.mozilla.org/security/advisories/mfsa2023-05/
reference_id mfsa2023-05
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-09T20:08:20Z/
url https://www.mozilla.org/security/advisories/mfsa2023-05/
6
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2023-06
reference_id mfsa2023-06
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2023-06
7
reference_url https://www.mozilla.org/security/advisories/mfsa2023-06/
reference_id mfsa2023-06
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-09T20:08:20Z/
url https://www.mozilla.org/security/advisories/mfsa2023-06/
8
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2023-07
reference_id mfsa2023-07
reference_type
scores
0
value low
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2023-07
9
reference_url https://www.mozilla.org/security/advisories/mfsa2023-07/
reference_id mfsa2023-07
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-09T20:08:20Z/
url https://www.mozilla.org/security/advisories/mfsa2023-07/
10
reference_url https://bugzilla.mozilla.org/show_bug.cgi?id=1811852
reference_id show_bug.cgi?id=1811852
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-09T20:08:20Z/
url https://bugzilla.mozilla.org/show_bug.cgi?id=1811852
fixed_packages
0
url pkg:deb/debian/firefox@150.0-1?distro=sid
purl pkg:deb/debian/firefox@150.0-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@150.0-1%3Fdistro=sid
1
url pkg:deb/debian/firefox@0?distro=sid
purl pkg:deb/debian/firefox@0?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@0%3Fdistro=sid
2
url pkg:deb/debian/firefox@149.0-1?distro=sid
purl pkg:deb/debian/firefox@149.0-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0-1%3Fdistro=sid
3
url pkg:deb/debian/firefox@149.0.2-1?distro=sid
purl pkg:deb/debian/firefox@149.0.2-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0.2-1%3Fdistro=sid
aliases CVE-2023-25738
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-dveb-sthz-bkgu
109
url VCID-dxaw-2u95-nfbs
vulnerability_id VCID-dxaw-2u95-nfbs
summary Multiple vulnerabilities have been discovered in Mozilla Firefox, the worst of which could result in arbitrary code execution.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2022-38474
reference_id
reference_type
scores
0
value 0.00191
scoring_system epss
scoring_elements 0.41005
published_at 2026-04-21T12:55:00Z
1
value 0.00191
scoring_system epss
scoring_elements 0.41083
published_at 2026-04-02T12:55:00Z
2
value 0.00191
scoring_system epss
scoring_elements 0.41118
published_at 2026-04-11T12:55:00Z
3
value 0.00191
scoring_system epss
scoring_elements 0.41084
published_at 2026-04-12T12:55:00Z
4
value 0.00191
scoring_system epss
scoring_elements 0.41066
published_at 2026-04-13T12:55:00Z
5
value 0.00191
scoring_system epss
scoring_elements 0.41109
published_at 2026-04-16T12:55:00Z
6
value 0.00191
scoring_system epss
scoring_elements 0.41079
published_at 2026-04-18T12:55:00Z
7
value 0.00191
scoring_system epss
scoring_elements 0.41115
published_at 2026-04-04T12:55:00Z
8
value 0.00191
scoring_system epss
scoring_elements 0.41041
published_at 2026-04-07T12:55:00Z
9
value 0.00191
scoring_system epss
scoring_elements 0.4109
published_at 2026-04-08T12:55:00Z
10
value 0.00191
scoring_system epss
scoring_elements 0.41098
published_at 2026-04-09T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2022-38474
1
reference_url https://security.gentoo.org/glsa/202208-37
reference_id GLSA-202208-37
reference_type
scores
url https://security.gentoo.org/glsa/202208-37
2
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2022-33
reference_id mfsa2022-33
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2022-33
3
reference_url https://www.mozilla.org/security/advisories/mfsa2022-33/
reference_id mfsa2022-33
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-15T16:12:00Z/
url https://www.mozilla.org/security/advisories/mfsa2022-33/
4
reference_url https://bugzilla.mozilla.org/show_bug.cgi?id=1719511
reference_id show_bug.cgi?id=1719511
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-15T16:12:00Z/
url https://bugzilla.mozilla.org/show_bug.cgi?id=1719511
fixed_packages
0
url pkg:deb/debian/firefox@150.0-1?distro=sid
purl pkg:deb/debian/firefox@150.0-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@150.0-1%3Fdistro=sid
1
url pkg:deb/debian/firefox@0?distro=sid
purl pkg:deb/debian/firefox@0?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@0%3Fdistro=sid
2
url pkg:deb/debian/firefox@149.0-1?distro=sid
purl pkg:deb/debian/firefox@149.0-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0-1%3Fdistro=sid
3
url pkg:deb/debian/firefox@149.0.2-1?distro=sid
purl pkg:deb/debian/firefox@149.0.2-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0.2-1%3Fdistro=sid
aliases CVE-2022-38474
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-dxaw-2u95-nfbs
110
url VCID-dyn7-63ve-37at
vulnerability_id VCID-dyn7-63ve-37at
summary 
Multiple vulnerabilities have been found in Mozilla Firefox and
    Thunderbird the worst of which could lead to the execution of arbitrary
    code.
references
0
reference_url http://dl.acm.org/citation.cfm?id=2714650
reference_id
reference_type
scores
url http://dl.acm.org/citation.cfm?id=2714650
1
reference_url http://lists.opensuse.org/opensuse-updates/2016-05/msg00038.html
reference_id
reference_type
scores
url http://lists.opensuse.org/opensuse-updates/2016-05/msg00038.html
2
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-2813.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-2813.json
3
reference_url https://api.first.org/data/v1/epss?cve=CVE-2016-2813
reference_id
reference_type
scores
0
value 0.00472
scoring_system epss
scoring_elements 0.64692
published_at 2026-04-21T12:55:00Z
1
value 0.00472
scoring_system epss
scoring_elements 0.64578
published_at 2026-04-01T12:55:00Z
2
value 0.00472
scoring_system epss
scoring_elements 0.64687
published_at 2026-04-12T12:55:00Z
3
value 0.00472
scoring_system epss
scoring_elements 0.64658
published_at 2026-04-13T12:55:00Z
4
value 0.00472
scoring_system epss
scoring_elements 0.64694
published_at 2026-04-16T12:55:00Z
5
value 0.00472
scoring_system epss
scoring_elements 0.64706
published_at 2026-04-18T12:55:00Z
6
value 0.00472
scoring_system epss
scoring_elements 0.64631
published_at 2026-04-02T12:55:00Z
7
value 0.00472
scoring_system epss
scoring_elements 0.6466
published_at 2026-04-04T12:55:00Z
8
value 0.00472
scoring_system epss
scoring_elements 0.64617
published_at 2026-04-07T12:55:00Z
9
value 0.00472
scoring_system epss
scoring_elements 0.64666
published_at 2026-04-08T12:55:00Z
10
value 0.00472
scoring_system epss
scoring_elements 0.64682
published_at 2026-04-09T12:55:00Z
11
value 0.00472
scoring_system epss
scoring_elements 0.64698
published_at 2026-04-11T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2016-2813
4
reference_url https://bugzilla.mozilla.org/show_bug.cgi?id=1197901
reference_id
reference_type
scores
url https://bugzilla.mozilla.org/show_bug.cgi?id=1197901
5
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 2.6
scoring_system cvssv2
scoring_elements AV:N/AC:H/Au:N/C:P/I:N/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
6
reference_url http://www.mozilla.org/security/announce/2016/mfsa2016-43.html
reference_id
reference_type
scores
url http://www.mozilla.org/security/announce/2016/mfsa2016-43.html
7
reference_url http://www.securitytracker.com/id/1035692
reference_id
reference_type
scores
url http://www.securitytracker.com/id/1035692
8
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1330278
reference_id 1330278
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1330278
9
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*
reference_id cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*
10
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:google:android:*:*:*:*:*:*:*:*
reference_id cpe:2.3:o:google:android:*:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:google:android:*:*:*:*:*:*:*:*
11
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2813
reference_id CVE-2016-2813
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2813
12
reference_url https://nvd.nist.gov/vuln/detail/CVE-2016-2813
reference_id CVE-2016-2813
reference_type
scores
0
value 4.3
scoring_system cvssv2
scoring_elements AV:N/AC:M/Au:N/C:P/I:N/A:N
1
value 6.5
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N
url https://nvd.nist.gov/vuln/detail/CVE-2016-2813
13
reference_url https://security.gentoo.org/glsa/201701-15
reference_id GLSA-201701-15
reference_type
scores
url https://security.gentoo.org/glsa/201701-15
14
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2016-43
reference_id mfsa2016-43
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2016-43
fixed_packages
0
url pkg:deb/debian/firefox@150.0-1?distro=sid
purl pkg:deb/debian/firefox@150.0-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@150.0-1%3Fdistro=sid
1
url pkg:deb/debian/firefox@0?distro=sid
purl pkg:deb/debian/firefox@0?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@0%3Fdistro=sid
2
url pkg:deb/debian/firefox@149.0-1?distro=sid
purl pkg:deb/debian/firefox@149.0-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0-1%3Fdistro=sid
3
url pkg:deb/debian/firefox@149.0.2-1?distro=sid
purl pkg:deb/debian/firefox@149.0.2-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0.2-1%3Fdistro=sid
aliases CVE-2016-2813
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-dyn7-63ve-37at
111
url VCID-e7p8-zrwx-5ug6
vulnerability_id VCID-e7p8-zrwx-5ug6
summary A flaw in handling fullscreen transitions may have inadvertently caused the application to become stuck in fullscreen mode when a modal dialog was opened during the transition. This issue left users unable to exit fullscreen mode using standard actions like pressing "Esc" or accessing right-click menus, resulting in a disrupted browsing experience until the browser is restarted. *This bug only affects the application when running on macOS. Other operating systems are unaffected.*
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-11698.json
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-11698.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2024-11698
reference_id
reference_type
scores
0
value 0.00177
scoring_system epss
scoring_elements 0.39212
published_at 2026-04-02T12:55:00Z
1
value 0.00177
scoring_system epss
scoring_elements 0.3918
published_at 2026-04-13T12:55:00Z
2
value 0.00177
scoring_system epss
scoring_elements 0.39198
published_at 2026-04-12T12:55:00Z
3
value 0.00177
scoring_system epss
scoring_elements 0.39236
published_at 2026-04-11T12:55:00Z
4
value 0.00177
scoring_system epss
scoring_elements 0.39224
published_at 2026-04-09T12:55:00Z
5
value 0.00177
scoring_system epss
scoring_elements 0.39208
published_at 2026-04-08T12:55:00Z
6
value 0.00177
scoring_system epss
scoring_elements 0.39154
published_at 2026-04-07T12:55:00Z
7
value 0.00177
scoring_system epss
scoring_elements 0.39234
published_at 2026-04-16T12:55:00Z
8
value 0.0024
scoring_system epss
scoring_elements 0.47075
published_at 2026-04-21T12:55:00Z
9
value 0.0024
scoring_system epss
scoring_elements 0.47127
published_at 2026-04-18T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2024-11698
2
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
3
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2328953
reference_id 2328953
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2328953
4
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2024-63
reference_id mfsa2024-63
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2024-63
5
reference_url https://www.mozilla.org/security/advisories/mfsa2024-63/
reference_id mfsa2024-63
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-11-27T15:16:08Z/
url https://www.mozilla.org/security/advisories/mfsa2024-63/
6
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2024-64
reference_id mfsa2024-64
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2024-64
7
reference_url https://www.mozilla.org/security/advisories/mfsa2024-64/
reference_id mfsa2024-64
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-11-27T15:16:08Z/
url https://www.mozilla.org/security/advisories/mfsa2024-64/
8
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2024-67
reference_id mfsa2024-67
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2024-67
9
reference_url https://www.mozilla.org/security/advisories/mfsa2024-67/
reference_id mfsa2024-67
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-11-27T15:16:08Z/
url https://www.mozilla.org/security/advisories/mfsa2024-67/
10
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2024-68
reference_id mfsa2024-68
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2024-68
11
reference_url https://www.mozilla.org/security/advisories/mfsa2024-68/
reference_id mfsa2024-68
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-11-27T15:16:08Z/
url https://www.mozilla.org/security/advisories/mfsa2024-68/
12
reference_url https://bugzilla.mozilla.org/show_bug.cgi?id=1916152
reference_id show_bug.cgi?id=1916152
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-11-27T15:16:08Z/
url https://bugzilla.mozilla.org/show_bug.cgi?id=1916152
fixed_packages
0
url pkg:deb/debian/firefox@150.0-1?distro=sid
purl pkg:deb/debian/firefox@150.0-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@150.0-1%3Fdistro=sid
1
url pkg:deb/debian/firefox@0?distro=sid
purl pkg:deb/debian/firefox@0?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@0%3Fdistro=sid
2
url pkg:deb/debian/firefox@149.0-1?distro=sid
purl pkg:deb/debian/firefox@149.0-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0-1%3Fdistro=sid
3
url pkg:deb/debian/firefox@149.0.2-1?distro=sid
purl pkg:deb/debian/firefox@149.0.2-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0.2-1%3Fdistro=sid
aliases CVE-2024-11698
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-e7p8-zrwx-5ug6
112
url VCID-ebhp-kzkz-euhu
vulnerability_id VCID-ebhp-kzkz-euhu
summary Similar to CVE-2023-28163, this time when choosing 'Save Link As', suggested filenames containing environment variable names would have resolved those in the context of the current user. *This bug only affects Firefox on Windows. Other versions of Firefox are unaffected.*
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-29545.json
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-29545.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2023-29545
reference_id
reference_type
scores
0
value 0.00344
scoring_system epss
scoring_elements 0.57006
published_at 2026-04-07T12:55:00Z
1
value 0.00344
scoring_system epss
scoring_elements 0.57048
published_at 2026-04-12T12:55:00Z
2
value 0.00344
scoring_system epss
scoring_elements 0.57069
published_at 2026-04-11T12:55:00Z
3
value 0.00344
scoring_system epss
scoring_elements 0.57058
published_at 2026-04-09T12:55:00Z
4
value 0.00344
scoring_system epss
scoring_elements 0.57056
published_at 2026-04-08T12:55:00Z
5
value 0.00344
scoring_system epss
scoring_elements 0.57029
published_at 2026-04-04T12:55:00Z
6
value 0.00344
scoring_system epss
scoring_elements 0.57007
published_at 2026-04-02T12:55:00Z
7
value 0.00344
scoring_system epss
scoring_elements 0.57024
published_at 2026-04-13T12:55:00Z
8
value 0.00367
scoring_system epss
scoring_elements 0.58684
published_at 2026-04-18T12:55:00Z
9
value 0.00367
scoring_system epss
scoring_elements 0.5866
published_at 2026-04-21T12:55:00Z
10
value 0.00367
scoring_system epss
scoring_elements 0.58679
published_at 2026-04-16T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2023-29545
2
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2186108
reference_id 2186108
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2186108
3
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2023-13
reference_id mfsa2023-13
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2023-13
4
reference_url https://www.mozilla.org/security/advisories/mfsa2023-13/
reference_id mfsa2023-13
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-12-11T15:48:18Z/
url https://www.mozilla.org/security/advisories/mfsa2023-13/
5
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2023-14
reference_id mfsa2023-14
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2023-14
6
reference_url https://www.mozilla.org/security/advisories/mfsa2023-14/
reference_id mfsa2023-14
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-12-11T15:48:18Z/
url https://www.mozilla.org/security/advisories/mfsa2023-14/
7
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2023-15
reference_id mfsa2023-15
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2023-15
8
reference_url https://www.mozilla.org/security/advisories/mfsa2023-15/
reference_id mfsa2023-15
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-12-11T15:48:18Z/
url https://www.mozilla.org/security/advisories/mfsa2023-15/
9
reference_url https://bugzilla.mozilla.org/show_bug.cgi?id=1823077
reference_id show_bug.cgi?id=1823077
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-12-11T15:48:18Z/
url https://bugzilla.mozilla.org/show_bug.cgi?id=1823077
fixed_packages
0
url pkg:deb/debian/firefox@150.0-1?distro=sid
purl pkg:deb/debian/firefox@150.0-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@150.0-1%3Fdistro=sid
1
url pkg:deb/debian/firefox@0?distro=sid
purl pkg:deb/debian/firefox@0?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@0%3Fdistro=sid
2
url pkg:deb/debian/firefox@149.0-1?distro=sid
purl pkg:deb/debian/firefox@149.0-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0-1%3Fdistro=sid
3
url pkg:deb/debian/firefox@149.0.2-1?distro=sid
purl pkg:deb/debian/firefox@149.0.2-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0.2-1%3Fdistro=sid
aliases CVE-2023-29545
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-ebhp-kzkz-euhu
113
url VCID-eccp-16z6-9ug3
vulnerability_id VCID-eccp-16z6-9ug3
summary Long pressing on a download link could potentially provide a means for cross-site scripting
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2024-43112
reference_id
reference_type
scores
0
value 0.01035
scoring_system epss
scoring_elements 0.77405
published_at 2026-04-21T12:55:00Z
1
value 0.01035
scoring_system epss
scoring_elements 0.7737
published_at 2026-04-09T12:55:00Z
2
value 0.01035
scoring_system epss
scoring_elements 0.77397
published_at 2026-04-11T12:55:00Z
3
value 0.01035
scoring_system epss
scoring_elements 0.77377
published_at 2026-04-12T12:55:00Z
4
value 0.01035
scoring_system epss
scoring_elements 0.77373
published_at 2026-04-13T12:55:00Z
5
value 0.01035
scoring_system epss
scoring_elements 0.77413
published_at 2026-04-18T12:55:00Z
6
value 0.01035
scoring_system epss
scoring_elements 0.77322
published_at 2026-04-02T12:55:00Z
7
value 0.01035
scoring_system epss
scoring_elements 0.7735
published_at 2026-04-04T12:55:00Z
8
value 0.01035
scoring_system epss
scoring_elements 0.77331
published_at 2026-04-07T12:55:00Z
9
value 0.01035
scoring_system epss
scoring_elements 0.77361
published_at 2026-04-08T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2024-43112
1
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2024-36
reference_id mfsa2024-36
reference_type
scores
0
value none
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2024-36
2
reference_url https://www.mozilla.org/security/advisories/mfsa2024-36/
reference_id mfsa2024-36
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-08-07T15:26:03Z/
url https://www.mozilla.org/security/advisories/mfsa2024-36/
3
reference_url https://bugzilla.mozilla.org/show_bug.cgi?id=1874910
reference_id show_bug.cgi?id=1874910
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-08-07T15:26:03Z/
url https://bugzilla.mozilla.org/show_bug.cgi?id=1874910
fixed_packages
0
url pkg:deb/debian/firefox@150.0-1?distro=sid
purl pkg:deb/debian/firefox@150.0-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@150.0-1%3Fdistro=sid
1
url pkg:deb/debian/firefox@0?distro=sid
purl pkg:deb/debian/firefox@0?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@0%3Fdistro=sid
2
url pkg:deb/debian/firefox@149.0-1?distro=sid
purl pkg:deb/debian/firefox@149.0-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0-1%3Fdistro=sid
3
url pkg:deb/debian/firefox@149.0.2-1?distro=sid
purl pkg:deb/debian/firefox@149.0.2-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0.2-1%3Fdistro=sid
aliases CVE-2024-43112
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-eccp-16z6-9ug3
114
url VCID-efvs-1tuf-guf4
vulnerability_id VCID-efvs-1tuf-guf4
summary Information disclosure in the Widget: Cocoa component. This vulnerability affects Firefox < 149, Firefox ESR < 140.9, Thunderbird < 149, and Thunderbird < 140.9.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-4712.json
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-4712.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-4712
reference_id
reference_type
scores
0
value 0.00016
scoring_system epss
scoring_elements 0.03584
published_at 2026-04-21T12:55:00Z
1
value 0.00016
scoring_system epss
scoring_elements 0.03461
published_at 2026-04-18T12:55:00Z
2
value 0.00016
scoring_system epss
scoring_elements 0.03538
published_at 2026-04-04T12:55:00Z
3
value 0.00016
scoring_system epss
scoring_elements 0.03528
published_at 2026-04-11T12:55:00Z
4
value 0.00016
scoring_system epss
scoring_elements 0.03572
published_at 2026-04-09T12:55:00Z
5
value 0.00016
scoring_system epss
scoring_elements 0.0355
published_at 2026-04-08T12:55:00Z
6
value 0.00016
scoring_system epss
scoring_elements 0.03549
published_at 2026-04-07T12:55:00Z
7
value 0.00016
scoring_system epss
scoring_elements 0.03524
published_at 2026-04-02T12:55:00Z
8
value 0.00016
scoring_system epss
scoring_elements 0.03449
published_at 2026-04-16T12:55:00Z
9
value 0.00016
scoring_system epss
scoring_elements 0.03475
published_at 2026-04-13T12:55:00Z
10
value 0.00016
scoring_system epss
scoring_elements 0.03499
published_at 2026-04-12T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-4712
2
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
3
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2450728
reference_id 2450728
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2450728
4
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-20
reference_id mfsa2026-20
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-20
5
reference_url https://www.mozilla.org/security/advisories/mfsa2026-20/
reference_id mfsa2026-20
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-25T17:49:31Z/
url https://www.mozilla.org/security/advisories/mfsa2026-20/
6
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-22
reference_id mfsa2026-22
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-22
7
reference_url https://www.mozilla.org/security/advisories/mfsa2026-22/
reference_id mfsa2026-22
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-25T17:49:31Z/
url https://www.mozilla.org/security/advisories/mfsa2026-22/
8
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-23
reference_id mfsa2026-23
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-23
9
reference_url https://www.mozilla.org/security/advisories/mfsa2026-23/
reference_id mfsa2026-23
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-25T17:49:31Z/
url https://www.mozilla.org/security/advisories/mfsa2026-23/
10
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-24
reference_id mfsa2026-24
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-24
11
reference_url https://www.mozilla.org/security/advisories/mfsa2026-24/
reference_id mfsa2026-24
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-25T17:49:31Z/
url https://www.mozilla.org/security/advisories/mfsa2026-24/
12
reference_url https://access.redhat.com/errata/RHSA-2026:5930
reference_id RHSA-2026:5930
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:5930
13
reference_url https://access.redhat.com/errata/RHSA-2026:5931
reference_id RHSA-2026:5931
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:5931
14
reference_url https://access.redhat.com/errata/RHSA-2026:5932
reference_id RHSA-2026:5932
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:5932
15
reference_url https://access.redhat.com/errata/RHSA-2026:6188
reference_id RHSA-2026:6188
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:6188
16
reference_url https://access.redhat.com/errata/RHSA-2026:6342
reference_id RHSA-2026:6342
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:6342
17
reference_url https://access.redhat.com/errata/RHSA-2026:6917
reference_id RHSA-2026:6917
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:6917
18
reference_url https://access.redhat.com/errata/RHSA-2026:7837
reference_id RHSA-2026:7837
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7837
19
reference_url https://access.redhat.com/errata/RHSA-2026:7838
reference_id RHSA-2026:7838
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7838
20
reference_url https://access.redhat.com/errata/RHSA-2026:7839
reference_id RHSA-2026:7839
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7839
21
reference_url https://access.redhat.com/errata/RHSA-2026:7840
reference_id RHSA-2026:7840
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7840
22
reference_url https://access.redhat.com/errata/RHSA-2026:7841
reference_id RHSA-2026:7841
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7841
23
reference_url https://access.redhat.com/errata/RHSA-2026:7842
reference_id RHSA-2026:7842
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7842
24
reference_url https://access.redhat.com/errata/RHSA-2026:7843
reference_id RHSA-2026:7843
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7843
25
reference_url https://access.redhat.com/errata/RHSA-2026:7845
reference_id RHSA-2026:7845
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7845
26
reference_url https://access.redhat.com/errata/RHSA-2026:7858
reference_id RHSA-2026:7858
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7858
27
reference_url https://access.redhat.com/errata/RHSA-2026:8284
reference_id RHSA-2026:8284
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8284
28
reference_url https://access.redhat.com/errata/RHSA-2026:8285
reference_id RHSA-2026:8285
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8285
29
reference_url https://access.redhat.com/errata/RHSA-2026:8286
reference_id RHSA-2026:8286
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8286
30
reference_url https://access.redhat.com/errata/RHSA-2026:8287
reference_id RHSA-2026:8287
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8287
31
reference_url https://access.redhat.com/errata/RHSA-2026:8288
reference_id RHSA-2026:8288
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8288
32
reference_url https://access.redhat.com/errata/RHSA-2026:8289
reference_id RHSA-2026:8289
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8289
33
reference_url https://access.redhat.com/errata/RHSA-2026:8290
reference_id RHSA-2026:8290
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8290
34
reference_url https://access.redhat.com/errata/RHSA-2026:8315
reference_id RHSA-2026:8315
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8315
35
reference_url https://access.redhat.com/errata/RHSA-2026:8427
reference_id RHSA-2026:8427
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8427
36
reference_url https://access.redhat.com/errata/RHSA-2026:8850
reference_id RHSA-2026:8850
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8850
37
reference_url https://bugzilla.mozilla.org/show_bug.cgi?id=2017666
reference_id show_bug.cgi?id=2017666
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-25T17:49:31Z/
url https://bugzilla.mozilla.org/show_bug.cgi?id=2017666
fixed_packages
0
url pkg:deb/debian/firefox@150.0-1?distro=sid
purl pkg:deb/debian/firefox@150.0-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@150.0-1%3Fdistro=sid
1
url pkg:deb/debian/firefox@0?distro=sid
purl pkg:deb/debian/firefox@0?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@0%3Fdistro=sid
2
url pkg:deb/debian/firefox@149.0-1?distro=sid
purl pkg:deb/debian/firefox@149.0-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0-1%3Fdistro=sid
3
url pkg:deb/debian/firefox@149.0.2-1?distro=sid
purl pkg:deb/debian/firefox@149.0.2-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0.2-1%3Fdistro=sid
aliases CVE-2026-4712
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-efvs-1tuf-guf4
115
url VCID-er9k-vh29-tyed
vulnerability_id VCID-er9k-vh29-tyed
summary Private browsing mode leaves metadata information, such as URLs, for sites visited in browser.db and browser.db-wal files within the Firefox profile after the mode is exited. *Note: This issue only affects Firefox for Android. Other versions and operating systems are unaffected.*
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2016-9062
reference_id
reference_type
scores
0
value 0.0008
scoring_system epss
scoring_elements 0.23529
published_at 2026-04-21T12:55:00Z
1
value 0.0008
scoring_system epss
scoring_elements 0.23527
published_at 2026-04-01T12:55:00Z
2
value 0.0008
scoring_system epss
scoring_elements 0.23544
published_at 2026-04-13T12:55:00Z
3
value 0.0008
scoring_system epss
scoring_elements 0.23556
published_at 2026-04-16T12:55:00Z
4
value 0.0008
scoring_system epss
scoring_elements 0.23549
published_at 2026-04-18T12:55:00Z
5
value 0.0008
scoring_system epss
scoring_elements 0.23687
published_at 2026-04-02T12:55:00Z
6
value 0.0008
scoring_system epss
scoring_elements 0.23729
published_at 2026-04-04T12:55:00Z
7
value 0.0008
scoring_system epss
scoring_elements 0.2351
published_at 2026-04-07T12:55:00Z
8
value 0.0008
scoring_system epss
scoring_elements 0.23581
published_at 2026-04-08T12:55:00Z
9
value 0.0008
scoring_system epss
scoring_elements 0.23626
published_at 2026-04-09T12:55:00Z
10
value 0.0008
scoring_system epss
scoring_elements 0.23643
published_at 2026-04-11T12:55:00Z
11
value 0.0008
scoring_system epss
scoring_elements 0.23601
published_at 2026-04-12T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2016-9062
1
reference_url https://bugzilla.mozilla.org/show_bug.cgi?id=1294438
reference_id
reference_type
scores
url https://bugzilla.mozilla.org/show_bug.cgi?id=1294438
2
reference_url https://www.mozilla.org/security/advisories/mfsa2016-89/
reference_id
reference_type
scores
url https://www.mozilla.org/security/advisories/mfsa2016-89/
3
reference_url http://www.securityfocus.com/bid/94337
reference_id
reference_type
scores
url http://www.securityfocus.com/bid/94337
4
reference_url http://www.securitytracker.com/id/1037298
reference_id
reference_type
scores
url http://www.securitytracker.com/id/1037298
5
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*
reference_id cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*
6
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:google:android:-:*:*:*:*:*:*:*
reference_id cpe:2.3:o:google:android:-:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:google:android:-:*:*:*:*:*:*:*
7
reference_url https://nvd.nist.gov/vuln/detail/CVE-2016-9062
reference_id CVE-2016-9062
reference_type
scores
0
value 2.1
scoring_system cvssv2
scoring_elements AV:L/AC:L/Au:N/C:P/I:N/A:N
1
value 3.3
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
url https://nvd.nist.gov/vuln/detail/CVE-2016-9062
8
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2016-89
reference_id mfsa2016-89
reference_type
scores
0
value critical
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2016-89
fixed_packages
0
url pkg:deb/debian/firefox@150.0-1?distro=sid
purl pkg:deb/debian/firefox@150.0-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@150.0-1%3Fdistro=sid
1
url pkg:deb/debian/firefox@0?distro=sid
purl pkg:deb/debian/firefox@0?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@0%3Fdistro=sid
2
url pkg:deb/debian/firefox@149.0-1?distro=sid
purl pkg:deb/debian/firefox@149.0-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0-1%3Fdistro=sid
3
url pkg:deb/debian/firefox@149.0.2-1?distro=sid
purl pkg:deb/debian/firefox@149.0.2-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0.2-1%3Fdistro=sid
aliases CVE-2016-9062
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-er9k-vh29-tyed
116
url VCID-ewet-6xtr-sqdn
vulnerability_id VCID-ewet-6xtr-sqdn
summary Mozilla Firefox prior to 3.6 has a DoS vulnerability due to an issue in the validation of certificates.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2011-2669
reference_id
reference_type
scores
0
value 0.00206
scoring_system epss
scoring_elements 0.42925
published_at 2026-04-01T12:55:00Z
1
value 0.00206
scoring_system epss
scoring_elements 0.42989
published_at 2026-04-02T12:55:00Z
2
value 0.00206
scoring_system epss
scoring_elements 0.43016
published_at 2026-04-09T12:55:00Z
3
value 0.00206
scoring_system epss
scoring_elements 0.42953
published_at 2026-04-07T12:55:00Z
4
value 0.00206
scoring_system epss
scoring_elements 0.43003
published_at 2026-04-08T12:55:00Z
5
value 0.00206
scoring_system epss
scoring_elements 0.43038
published_at 2026-04-11T12:55:00Z
6
value 0.00206
scoring_system epss
scoring_elements 0.43004
published_at 2026-04-12T12:55:00Z
7
value 0.00206
scoring_system epss
scoring_elements 0.42987
published_at 2026-04-13T12:55:00Z
8
value 0.00206
scoring_system epss
scoring_elements 0.43047
published_at 2026-04-16T12:55:00Z
9
value 0.00206
scoring_system epss
scoring_elements 0.43035
published_at 2026-04-18T12:55:00Z
10
value 0.00206
scoring_system epss
scoring_elements 0.42971
published_at 2026-04-21T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2011-2669
fixed_packages
0
url pkg:deb/debian/firefox@150.0-1?distro=sid
purl pkg:deb/debian/firefox@150.0-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@150.0-1%3Fdistro=sid
1
url pkg:deb/debian/firefox@0?distro=sid
purl pkg:deb/debian/firefox@0?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@0%3Fdistro=sid
2
url pkg:deb/debian/firefox@149.0-1?distro=sid
purl pkg:deb/debian/firefox@149.0-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0-1%3Fdistro=sid
3
url pkg:deb/debian/firefox@149.0.2-1?distro=sid
purl pkg:deb/debian/firefox@149.0.2-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0.2-1%3Fdistro=sid
aliases CVE-2011-2669
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-ewet-6xtr-sqdn
117
url VCID-f4ja-2ydw-cufu
vulnerability_id VCID-f4ja-2ydw-cufu
summary The executable file warning was not presented when downloading .library-ms files. *Note: This issue only affected Windows operating systems. Other operating systems are unaffected.*
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-11693.json
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-11693.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2024-11693
reference_id
reference_type
scores
0
value 0.0029
scoring_system epss
scoring_elements 0.52339
published_at 2026-04-02T12:55:00Z
1
value 0.0029
scoring_system epss
scoring_elements 0.52402
published_at 2026-04-13T12:55:00Z
2
value 0.0029
scoring_system epss
scoring_elements 0.52415
published_at 2026-04-12T12:55:00Z
3
value 0.0029
scoring_system epss
scoring_elements 0.52431
published_at 2026-04-11T12:55:00Z
4
value 0.0029
scoring_system epss
scoring_elements 0.52381
published_at 2026-04-09T12:55:00Z
5
value 0.0029
scoring_system epss
scoring_elements 0.52386
published_at 2026-04-08T12:55:00Z
6
value 0.0029
scoring_system epss
scoring_elements 0.52333
published_at 2026-04-07T12:55:00Z
7
value 0.0029
scoring_system epss
scoring_elements 0.52367
published_at 2026-04-04T12:55:00Z
8
value 0.0029
scoring_system epss
scoring_elements 0.52441
published_at 2026-04-16T12:55:00Z
9
value 0.00393
scoring_system epss
scoring_elements 0.60327
published_at 2026-04-18T12:55:00Z
10
value 0.00393
scoring_system epss
scoring_elements 0.60312
published_at 2026-04-21T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2024-11693
2
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
3
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2328949
reference_id 2328949
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2328949
4
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2024-63
reference_id mfsa2024-63
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2024-63
5
reference_url https://www.mozilla.org/security/advisories/mfsa2024-63/
reference_id mfsa2024-63
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-11-27T15:32:54Z/
url https://www.mozilla.org/security/advisories/mfsa2024-63/
6
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2024-64
reference_id mfsa2024-64
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2024-64
7
reference_url https://www.mozilla.org/security/advisories/mfsa2024-64/
reference_id mfsa2024-64
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-11-27T15:32:54Z/
url https://www.mozilla.org/security/advisories/mfsa2024-64/
8
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2024-67
reference_id mfsa2024-67
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2024-67
9
reference_url https://www.mozilla.org/security/advisories/mfsa2024-67/
reference_id mfsa2024-67
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-11-27T15:32:54Z/
url https://www.mozilla.org/security/advisories/mfsa2024-67/
10
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2024-68
reference_id mfsa2024-68
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2024-68
11
reference_url https://www.mozilla.org/security/advisories/mfsa2024-68/
reference_id mfsa2024-68
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-11-27T15:32:54Z/
url https://www.mozilla.org/security/advisories/mfsa2024-68/
12
reference_url https://bugzilla.mozilla.org/show_bug.cgi?id=1921458
reference_id show_bug.cgi?id=1921458
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-11-27T15:32:54Z/
url https://bugzilla.mozilla.org/show_bug.cgi?id=1921458
fixed_packages
0
url pkg:deb/debian/firefox@150.0-1?distro=sid
purl pkg:deb/debian/firefox@150.0-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@150.0-1%3Fdistro=sid
1
url pkg:deb/debian/firefox@0?distro=sid
purl pkg:deb/debian/firefox@0?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@0%3Fdistro=sid
2
url pkg:deb/debian/firefox@149.0-1?distro=sid
purl pkg:deb/debian/firefox@149.0-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0-1%3Fdistro=sid
3
url pkg:deb/debian/firefox@149.0.2-1?distro=sid
purl pkg:deb/debian/firefox@149.0.2-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0.2-1%3Fdistro=sid
aliases CVE-2024-11693
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-f4ja-2ydw-cufu
118
url VCID-f8c7-p8nz-bbap
vulnerability_id VCID-f8c7-p8nz-bbap
summary A local attacker can trick the Mozilla Maintenance Service into applying an unsigned update file by pointing the service at an update file on a malicious SMB server. The update file can be replaced after the signature check, before the use, because the write-lock requested by the service does not work on a SMB server.*Note: This attack requires local system access and only affects Windows. Other operating systems are not affected.*
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-29532.json
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-29532.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2023-29532
reference_id
reference_type
scores
0
value 0.00075
scoring_system epss
scoring_elements 0.22475
published_at 2026-04-07T12:55:00Z
1
value 0.00075
scoring_system epss
scoring_elements 0.22642
published_at 2026-04-02T12:55:00Z
2
value 0.00075
scoring_system epss
scoring_elements 0.22627
published_at 2026-04-11T12:55:00Z
3
value 0.00075
scoring_system epss
scoring_elements 0.22611
published_at 2026-04-09T12:55:00Z
4
value 0.00075
scoring_system epss
scoring_elements 0.22557
published_at 2026-04-08T12:55:00Z
5
value 0.00075
scoring_system epss
scoring_elements 0.22685
published_at 2026-04-04T12:55:00Z
6
value 0.00079
scoring_system epss
scoring_elements 0.23453
published_at 2026-04-13T12:55:00Z
7
value 0.00079
scoring_system epss
scoring_elements 0.23508
published_at 2026-04-12T12:55:00Z
8
value 0.00085
scoring_system epss
scoring_elements 0.24561
published_at 2026-04-16T12:55:00Z
9
value 0.00085
scoring_system epss
scoring_elements 0.24527
published_at 2026-04-21T12:55:00Z
10
value 0.00085
scoring_system epss
scoring_elements 0.24552
published_at 2026-04-18T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2023-29532
2
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2186100
reference_id 2186100
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2186100
3
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2023-13
reference_id mfsa2023-13
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2023-13
4
reference_url https://www.mozilla.org/security/advisories/mfsa2023-13/
reference_id mfsa2023-13
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-12-11T15:43:12Z/
url https://www.mozilla.org/security/advisories/mfsa2023-13/
5
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2023-14
reference_id mfsa2023-14
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2023-14
6
reference_url https://www.mozilla.org/security/advisories/mfsa2023-14/
reference_id mfsa2023-14
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-12-11T15:43:12Z/
url https://www.mozilla.org/security/advisories/mfsa2023-14/
7
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2023-15
reference_id mfsa2023-15
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2023-15
8
reference_url https://www.mozilla.org/security/advisories/mfsa2023-15/
reference_id mfsa2023-15
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-12-11T15:43:12Z/
url https://www.mozilla.org/security/advisories/mfsa2023-15/
9
reference_url https://bugzilla.mozilla.org/show_bug.cgi?id=1806394
reference_id show_bug.cgi?id=1806394
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-12-11T15:43:12Z/
url https://bugzilla.mozilla.org/show_bug.cgi?id=1806394
fixed_packages
0
url pkg:deb/debian/firefox@150.0-1?distro=sid
purl pkg:deb/debian/firefox@150.0-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@150.0-1%3Fdistro=sid
1
url pkg:deb/debian/firefox@0?distro=sid
purl pkg:deb/debian/firefox@0?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@0%3Fdistro=sid
2
url pkg:deb/debian/firefox@149.0-1?distro=sid
purl pkg:deb/debian/firefox@149.0-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0-1%3Fdistro=sid
3
url pkg:deb/debian/firefox@149.0.2-1?distro=sid
purl pkg:deb/debian/firefox@149.0.2-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0.2-1%3Fdistro=sid
aliases CVE-2023-29532
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-f8c7-p8nz-bbap
119
url VCID-f9yy-d81z-1fgz
vulnerability_id VCID-f9yy-d81z-1fgz
summary Starting in Firefox 143, the use of the native messaging API by web extensions on Windows could lead to crashes caused by use-after-free memory corruption.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-11719.json
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-11719.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2025-11719
reference_id
reference_type
scores
0
value 0.00061
scoring_system epss
scoring_elements 0.19009
published_at 2026-04-21T12:55:00Z
1
value 0.00061
scoring_system epss
scoring_elements 0.18992
published_at 2026-04-07T12:55:00Z
2
value 0.00061
scoring_system epss
scoring_elements 0.19071
published_at 2026-04-08T12:55:00Z
3
value 0.00061
scoring_system epss
scoring_elements 0.19124
published_at 2026-04-09T12:55:00Z
4
value 0.00061
scoring_system epss
scoring_elements 0.19131
published_at 2026-04-11T12:55:00Z
5
value 0.00061
scoring_system epss
scoring_elements 0.19084
published_at 2026-04-12T12:55:00Z
6
value 0.00061
scoring_system epss
scoring_elements 0.19031
published_at 2026-04-13T12:55:00Z
7
value 0.00061
scoring_system epss
scoring_elements 0.18987
published_at 2026-04-16T12:55:00Z
8
value 0.00061
scoring_system epss
scoring_elements 0.19
published_at 2026-04-18T12:55:00Z
9
value 0.00061
scoring_system epss
scoring_elements 0.19224
published_at 2026-04-02T12:55:00Z
10
value 0.00061
scoring_system epss
scoring_elements 0.19275
published_at 2026-04-04T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2025-11719
2
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2403764
reference_id 2403764
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2403764
3
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2025-81
reference_id mfsa2025-81
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2025-81
4
reference_url https://www.mozilla.org/security/advisories/mfsa2025-81/
reference_id mfsa2025-81
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-10-15T13:20:54Z/
url https://www.mozilla.org/security/advisories/mfsa2025-81/
5
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2025-84
reference_id mfsa2025-84
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2025-84
6
reference_url https://www.mozilla.org/security/advisories/mfsa2025-84/
reference_id mfsa2025-84
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-10-15T13:20:54Z/
url https://www.mozilla.org/security/advisories/mfsa2025-84/
7
reference_url https://bugzilla.mozilla.org/show_bug.cgi?id=1991950
reference_id show_bug.cgi?id=1991950
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-10-15T13:20:54Z/
url https://bugzilla.mozilla.org/show_bug.cgi?id=1991950
fixed_packages
0
url pkg:deb/debian/firefox@150.0-1?distro=sid
purl pkg:deb/debian/firefox@150.0-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@150.0-1%3Fdistro=sid
1
url pkg:deb/debian/firefox@0?distro=sid
purl pkg:deb/debian/firefox@0?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@0%3Fdistro=sid
2
url pkg:deb/debian/firefox@149.0-1?distro=sid
purl pkg:deb/debian/firefox@149.0-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0-1%3Fdistro=sid
3
url pkg:deb/debian/firefox@149.0.2-1?distro=sid
purl pkg:deb/debian/firefox@149.0.2-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0.2-1%3Fdistro=sid
aliases CVE-2025-11719
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-f9yy-d81z-1fgz
120
url VCID-fgk1-cfpw-pfdn
vulnerability_id VCID-fgk1-cfpw-pfdn
summary When typing in a password under certain conditions, a race may have occurred where the InputContext was not being correctly set for the input field, resulting in the typed passwod being saved to the keyboard dictionary.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2020-15671
reference_id
reference_type
scores
0
value 0.00141
scoring_system epss
scoring_elements 0.34307
published_at 2026-04-21T12:55:00Z
1
value 0.00141
scoring_system epss
scoring_elements 0.34083
published_at 2026-04-01T12:55:00Z
2
value 0.00141
scoring_system epss
scoring_elements 0.34419
published_at 2026-04-02T12:55:00Z
3
value 0.00141
scoring_system epss
scoring_elements 0.34447
published_at 2026-04-04T12:55:00Z
4
value 0.00141
scoring_system epss
scoring_elements 0.34314
published_at 2026-04-07T12:55:00Z
5
value 0.00141
scoring_system epss
scoring_elements 0.34356
published_at 2026-04-08T12:55:00Z
6
value 0.00141
scoring_system epss
scoring_elements 0.34385
published_at 2026-04-09T12:55:00Z
7
value 0.00141
scoring_system epss
scoring_elements 0.34388
published_at 2026-04-11T12:55:00Z
8
value 0.00141
scoring_system epss
scoring_elements 0.34348
published_at 2026-04-12T12:55:00Z
9
value 0.00141
scoring_system epss
scoring_elements 0.34325
published_at 2026-04-13T12:55:00Z
10
value 0.00141
scoring_system epss
scoring_elements 0.3436
published_at 2026-04-16T12:55:00Z
11
value 0.00141
scoring_system epss
scoring_elements 0.34347
published_at 2026-04-18T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2020-15671
1
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2020-39
reference_id mfsa2020-39
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2020-39
fixed_packages
0
url pkg:deb/debian/firefox@150.0-1?distro=sid
purl pkg:deb/debian/firefox@150.0-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@150.0-1%3Fdistro=sid
1
url pkg:deb/debian/firefox@0?distro=sid
purl pkg:deb/debian/firefox@0?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@0%3Fdistro=sid
2
url pkg:deb/debian/firefox@149.0-1?distro=sid
purl pkg:deb/debian/firefox@149.0-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0-1%3Fdistro=sid
3
url pkg:deb/debian/firefox@149.0.2-1?distro=sid
purl pkg:deb/debian/firefox@149.0.2-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0.2-1%3Fdistro=sid
aliases CVE-2020-15671
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-fgk1-cfpw-pfdn
121
url VCID-frbm-3qry-eygz
vulnerability_id VCID-frbm-3qry-eygz
summary IndexedDB should be cleared when leaving private browsing mode and it is not, the API for WKWebViewConfiguration was being used incorrectly and requires the private instance of this object be deleted when leaving private mode.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2020-12414
reference_id
reference_type
scores
0
value 0.00186
scoring_system epss
scoring_elements 0.40276
published_at 2026-04-21T12:55:00Z
1
value 0.00186
scoring_system epss
scoring_elements 0.4032
published_at 2026-04-01T12:55:00Z
2
value 0.00186
scoring_system epss
scoring_elements 0.40385
published_at 2026-04-02T12:55:00Z
3
value 0.00186
scoring_system epss
scoring_elements 0.40411
published_at 2026-04-04T12:55:00Z
4
value 0.00186
scoring_system epss
scoring_elements 0.40336
published_at 2026-04-13T12:55:00Z
5
value 0.00186
scoring_system epss
scoring_elements 0.40386
published_at 2026-04-08T12:55:00Z
6
value 0.00186
scoring_system epss
scoring_elements 0.40398
published_at 2026-04-09T12:55:00Z
7
value 0.00186
scoring_system epss
scoring_elements 0.40393
published_at 2026-04-11T12:55:00Z
8
value 0.00186
scoring_system epss
scoring_elements 0.40356
published_at 2026-04-12T12:55:00Z
9
value 0.00186
scoring_system epss
scoring_elements 0.40382
published_at 2026-04-16T12:55:00Z
10
value 0.00186
scoring_system epss
scoring_elements 0.40352
published_at 2026-04-18T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2020-12414
1
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2020-23
reference_id mfsa2020-23
reference_type
scores
0
value none
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2020-23
fixed_packages
0
url pkg:deb/debian/firefox@150.0-1?distro=sid
purl pkg:deb/debian/firefox@150.0-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@150.0-1%3Fdistro=sid
1
url pkg:deb/debian/firefox@0?distro=sid
purl pkg:deb/debian/firefox@0?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@0%3Fdistro=sid
2
url pkg:deb/debian/firefox@149.0-1?distro=sid
purl pkg:deb/debian/firefox@149.0-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0-1%3Fdistro=sid
3
url pkg:deb/debian/firefox@149.0.2-1?distro=sid
purl pkg:deb/debian/firefox@149.0.2-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0.2-1%3Fdistro=sid
aliases CVE-2020-12414
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-frbm-3qry-eygz
122
url VCID-ftv9-7sum-17hm
vulnerability_id VCID-ftv9-7sum-17hm
summary For native-to-JS bridging the app requires a unique token to be passed that ensures non-app code can't call the bridging functions. That token could leak when used for downloading files.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2020-12404
reference_id
reference_type
scores
0
value 0.00264
scoring_system epss
scoring_elements 0.49894
published_at 2026-04-21T12:55:00Z
1
value 0.00264
scoring_system epss
scoring_elements 0.49819
published_at 2026-04-01T12:55:00Z
2
value 0.00264
scoring_system epss
scoring_elements 0.49857
published_at 2026-04-02T12:55:00Z
3
value 0.00264
scoring_system epss
scoring_elements 0.49885
published_at 2026-04-04T12:55:00Z
4
value 0.00264
scoring_system epss
scoring_elements 0.49836
published_at 2026-04-07T12:55:00Z
5
value 0.00264
scoring_system epss
scoring_elements 0.4989
published_at 2026-04-08T12:55:00Z
6
value 0.00264
scoring_system epss
scoring_elements 0.49884
published_at 2026-04-09T12:55:00Z
7
value 0.00264
scoring_system epss
scoring_elements 0.49902
published_at 2026-04-11T12:55:00Z
8
value 0.00264
scoring_system epss
scoring_elements 0.49874
published_at 2026-04-12T12:55:00Z
9
value 0.00264
scoring_system epss
scoring_elements 0.49875
published_at 2026-04-13T12:55:00Z
10
value 0.00264
scoring_system epss
scoring_elements 0.49921
published_at 2026-04-18T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2020-12404
1
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2020-19
reference_id mfsa2020-19
reference_type
scores
0
value none
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2020-19
fixed_packages
0
url pkg:deb/debian/firefox@150.0-1?distro=sid
purl pkg:deb/debian/firefox@150.0-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@150.0-1%3Fdistro=sid
1
url pkg:deb/debian/firefox@0?distro=sid
purl pkg:deb/debian/firefox@0?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@0%3Fdistro=sid
2
url pkg:deb/debian/firefox@149.0-1?distro=sid
purl pkg:deb/debian/firefox@149.0-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0-1%3Fdistro=sid
3
url pkg:deb/debian/firefox@149.0.2-1?distro=sid
purl pkg:deb/debian/firefox@149.0.2-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0.2-1%3Fdistro=sid
aliases CVE-2020-12404
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-ftv9-7sum-17hm
123
url VCID-g2et-bnvt-9fem
vulnerability_id VCID-g2et-bnvt-9fem
summary During the initialization of a new content process, a race condition occurs that can allow a content process to disclose heap addresses from the parent process. *Note: this issue only occurs on Windows. Other operating systems are unaffected.*
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-17021.json
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-17021.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2019-17021
reference_id
reference_type
scores
0
value 0.00472
scoring_system epss
scoring_elements 0.64667
published_at 2026-04-21T12:55:00Z
1
value 0.00472
scoring_system epss
scoring_elements 0.64634
published_at 2026-04-13T12:55:00Z
2
value 0.00472
scoring_system epss
scoring_elements 0.6467
published_at 2026-04-16T12:55:00Z
3
value 0.00472
scoring_system epss
scoring_elements 0.64681
published_at 2026-04-18T12:55:00Z
4
value 0.00472
scoring_system epss
scoring_elements 0.64553
published_at 2026-04-01T12:55:00Z
5
value 0.00472
scoring_system epss
scoring_elements 0.64607
published_at 2026-04-02T12:55:00Z
6
value 0.00472
scoring_system epss
scoring_elements 0.64635
published_at 2026-04-04T12:55:00Z
7
value 0.00472
scoring_system epss
scoring_elements 0.64593
published_at 2026-04-07T12:55:00Z
8
value 0.00472
scoring_system epss
scoring_elements 0.64641
published_at 2026-04-08T12:55:00Z
9
value 0.00472
scoring_system epss
scoring_elements 0.64657
published_at 2026-04-09T12:55:00Z
10
value 0.00472
scoring_system epss
scoring_elements 0.64674
published_at 2026-04-11T12:55:00Z
11
value 0.00472
scoring_system epss
scoring_elements 0.64662
published_at 2026-04-12T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2019-17021
2
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1788725
reference_id 1788725
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1788725
3
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2020-01
reference_id mfsa2020-01
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2020-01
4
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2020-02
reference_id mfsa2020-02
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2020-02
5
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2020-04
reference_id mfsa2020-04
reference_type
scores
0
value critical
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2020-04
fixed_packages
0
url pkg:deb/debian/firefox@150.0-1?distro=sid
purl pkg:deb/debian/firefox@150.0-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@150.0-1%3Fdistro=sid
1
url pkg:deb/debian/firefox@0?distro=sid
purl pkg:deb/debian/firefox@0?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@0%3Fdistro=sid
2
url pkg:deb/debian/firefox@149.0-1?distro=sid
purl pkg:deb/debian/firefox@149.0-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0-1%3Fdistro=sid
3
url pkg:deb/debian/firefox@149.0.2-1?distro=sid
purl pkg:deb/debian/firefox@149.0.2-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0.2-1%3Fdistro=sid
aliases CVE-2019-17021
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-g2et-bnvt-9fem
124
url VCID-g4m8-vzbp-cqgq
vulnerability_id VCID-g4m8-vzbp-cqgq
summary A previously installed malicious Android application which defines a specific signature-level permissions used by Firefox can access API keys meant for Firefox only. *Note: This issue only affects Firefox for Android. Other versions and operating systems are unaffected.*
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2016-9061
reference_id
reference_type
scores
0
value 0.00822
scoring_system epss
scoring_elements 0.74455
published_at 2026-04-21T12:55:00Z
1
value 0.00822
scoring_system epss
scoring_elements 0.74371
published_at 2026-04-01T12:55:00Z
2
value 0.00822
scoring_system epss
scoring_elements 0.74419
published_at 2026-04-13T12:55:00Z
3
value 0.00822
scoring_system epss
scoring_elements 0.74456
published_at 2026-04-16T12:55:00Z
4
value 0.00822
scoring_system epss
scoring_elements 0.74464
published_at 2026-04-18T12:55:00Z
5
value 0.00822
scoring_system epss
scoring_elements 0.74375
published_at 2026-04-02T12:55:00Z
6
value 0.00822
scoring_system epss
scoring_elements 0.74402
published_at 2026-04-04T12:55:00Z
7
value 0.00822
scoring_system epss
scoring_elements 0.74377
published_at 2026-04-07T12:55:00Z
8
value 0.00822
scoring_system epss
scoring_elements 0.74409
published_at 2026-04-08T12:55:00Z
9
value 0.00822
scoring_system epss
scoring_elements 0.74426
published_at 2026-04-09T12:55:00Z
10
value 0.00822
scoring_system epss
scoring_elements 0.74447
published_at 2026-04-11T12:55:00Z
11
value 0.00822
scoring_system epss
scoring_elements 0.74427
published_at 2026-04-12T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2016-9061
1
reference_url https://bugzilla.mozilla.org/show_bug.cgi?id=1245795
reference_id
reference_type
scores
url https://bugzilla.mozilla.org/show_bug.cgi?id=1245795
2
reference_url https://www.mozilla.org/security/advisories/mfsa2016-89/
reference_id
reference_type
scores
url https://www.mozilla.org/security/advisories/mfsa2016-89/
3
reference_url http://www.securityfocus.com/bid/94337
reference_id
reference_type
scores
url http://www.securityfocus.com/bid/94337
4
reference_url http://www.securitytracker.com/id/1037298
reference_id
reference_type
scores
url http://www.securitytracker.com/id/1037298
5
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*
reference_id cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*
6
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:google:android:-:*:*:*:*:*:*:*
reference_id cpe:2.3:o:google:android:-:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:google:android:-:*:*:*:*:*:*:*
7
reference_url https://nvd.nist.gov/vuln/detail/CVE-2016-9061
reference_id CVE-2016-9061
reference_type
scores
0
value 5.0
scoring_system cvssv2
scoring_elements AV:N/AC:L/Au:N/C:P/I:N/A:N
1
value 7.5
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
url https://nvd.nist.gov/vuln/detail/CVE-2016-9061
8
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2016-89
reference_id mfsa2016-89
reference_type
scores
0
value critical
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2016-89
fixed_packages
0
url pkg:deb/debian/firefox@150.0-1?distro=sid
purl pkg:deb/debian/firefox@150.0-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@150.0-1%3Fdistro=sid
1
url pkg:deb/debian/firefox@0?distro=sid
purl pkg:deb/debian/firefox@0?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@0%3Fdistro=sid
2
url pkg:deb/debian/firefox@149.0-1?distro=sid
purl pkg:deb/debian/firefox@149.0-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0-1%3Fdistro=sid
3
url pkg:deb/debian/firefox@149.0.2-1?distro=sid
purl pkg:deb/debian/firefox@149.0.2-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0.2-1%3Fdistro=sid
aliases CVE-2016-9061
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-g4m8-vzbp-cqgq
125
url VCID-g6zv-3s2h-67ee
vulnerability_id VCID-g6zv-3s2h-67ee
summary When switching between Android apps using the card carousel Firefox shows a black screen as its card image when a password-related screen was the last one being used. Prior to Firefox 144 the password edit screen was visible.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2025-11717
reference_id
reference_type
scores
0
value 0.00044
scoring_system epss
scoring_elements 0.13418
published_at 2026-04-21T12:55:00Z
1
value 0.00044
scoring_system epss
scoring_elements 0.13552
published_at 2026-04-02T12:55:00Z
2
value 0.00044
scoring_system epss
scoring_elements 0.13516
published_at 2026-04-11T12:55:00Z
3
value 0.00044
scoring_system epss
scoring_elements 0.13478
published_at 2026-04-12T12:55:00Z
4
value 0.00044
scoring_system epss
scoring_elements 0.13432
published_at 2026-04-13T12:55:00Z
5
value 0.00044
scoring_system epss
scoring_elements 0.13344
published_at 2026-04-16T12:55:00Z
6
value 0.00044
scoring_system epss
scoring_elements 0.13342
published_at 2026-04-18T12:55:00Z
7
value 0.00044
scoring_system epss
scoring_elements 0.13614
published_at 2026-04-04T12:55:00Z
8
value 0.00044
scoring_system epss
scoring_elements 0.13411
published_at 2026-04-07T12:55:00Z
9
value 0.00044
scoring_system epss
scoring_elements 0.13492
published_at 2026-04-08T12:55:00Z
10
value 0.00044
scoring_system epss
scoring_elements 0.13542
published_at 2026-04-09T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2025-11717
1
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2025-81
reference_id mfsa2025-81
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2025-81
2
reference_url https://www.mozilla.org/security/advisories/mfsa2025-81/
reference_id mfsa2025-81
reference_type
scores
0
value 9.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-10-15T13:20:29Z/
url https://www.mozilla.org/security/advisories/mfsa2025-81/
3
reference_url https://bugzilla.mozilla.org/show_bug.cgi?id=1872601
reference_id show_bug.cgi?id=1872601
reference_type
scores
0
value 9.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-10-15T13:20:29Z/
url https://bugzilla.mozilla.org/show_bug.cgi?id=1872601
fixed_packages
0
url pkg:deb/debian/firefox@150.0-1?distro=sid
purl pkg:deb/debian/firefox@150.0-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@150.0-1%3Fdistro=sid
1
url pkg:deb/debian/firefox@0?distro=sid
purl pkg:deb/debian/firefox@0?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@0%3Fdistro=sid
2
url pkg:deb/debian/firefox@149.0-1?distro=sid
purl pkg:deb/debian/firefox@149.0-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0-1%3Fdistro=sid
3
url pkg:deb/debian/firefox@149.0.2-1?distro=sid
purl pkg:deb/debian/firefox@149.0.2-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0.2-1%3Fdistro=sid
aliases CVE-2025-11717
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-g6zv-3s2h-67ee
126
url VCID-g99d-51ht-kbhn
vulnerability_id VCID-g99d-51ht-kbhn
summary The Firefox and Firefox Focus UI for the Android custom tab feature only showed the "site" that was loaded, not the full hostname. User supplied content hosted on a subdomain of a site could have been used to fool a user into thinking it was content from a different subdomain of that site.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2025-11720
reference_id
reference_type
scores
0
value 0.00043
scoring_system epss
scoring_elements 0.13252
published_at 2026-04-21T12:55:00Z
1
value 0.00043
scoring_system epss
scoring_elements 0.13385
published_at 2026-04-02T12:55:00Z
2
value 0.00043
scoring_system epss
scoring_elements 0.13328
published_at 2026-04-08T12:55:00Z
3
value 0.00043
scoring_system epss
scoring_elements 0.13378
published_at 2026-04-09T12:55:00Z
4
value 0.00043
scoring_system epss
scoring_elements 0.13347
published_at 2026-04-11T12:55:00Z
5
value 0.00043
scoring_system epss
scoring_elements 0.1331
published_at 2026-04-12T12:55:00Z
6
value 0.00043
scoring_system epss
scoring_elements 0.13261
published_at 2026-04-13T12:55:00Z
7
value 0.00043
scoring_system epss
scoring_elements 0.13167
published_at 2026-04-16T12:55:00Z
8
value 0.00043
scoring_system epss
scoring_elements 0.13166
published_at 2026-04-18T12:55:00Z
9
value 0.00043
scoring_system epss
scoring_elements 0.1345
published_at 2026-04-04T12:55:00Z
10
value 0.00043
scoring_system epss
scoring_elements 0.13246
published_at 2026-04-07T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2025-11720
1
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2025-81
reference_id mfsa2025-81
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2025-81
2
reference_url https://www.mozilla.org/security/advisories/mfsa2025-81/
reference_id mfsa2025-81
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-10-15T13:18:34Z/
url https://www.mozilla.org/security/advisories/mfsa2025-81/
3
reference_url https://bugzilla.mozilla.org/show_bug.cgi?id=1979534
reference_id show_bug.cgi?id=1979534
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-10-15T13:18:34Z/
url https://bugzilla.mozilla.org/show_bug.cgi?id=1979534
4
reference_url https://bugzilla.mozilla.org/show_bug.cgi?id=1984370
reference_id show_bug.cgi?id=1984370
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-10-15T13:18:34Z/
url https://bugzilla.mozilla.org/show_bug.cgi?id=1984370
fixed_packages
0
url pkg:deb/debian/firefox@150.0-1?distro=sid
purl pkg:deb/debian/firefox@150.0-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@150.0-1%3Fdistro=sid
1
url pkg:deb/debian/firefox@0?distro=sid
purl pkg:deb/debian/firefox@0?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@0%3Fdistro=sid
2
url pkg:deb/debian/firefox@149.0-1?distro=sid
purl pkg:deb/debian/firefox@149.0-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0-1%3Fdistro=sid
3
url pkg:deb/debian/firefox@149.0.2-1?distro=sid
purl pkg:deb/debian/firefox@149.0.2-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0.2-1%3Fdistro=sid
aliases CVE-2025-11720
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-g99d-51ht-kbhn
127
url VCID-gdkx-hymn-qfbh
vulnerability_id VCID-gdkx-hymn-qfbh
summary When Python was installed on Windows, a python file being served with the MIME type of text/plain could be executed by Python instead of being opened as a text file when the Open option was selected upon download. *Note: this issue only occurs on Windows. Other operating systems are unaffected.*
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2019-17019
reference_id
reference_type
scores
0
value 0.00479
scoring_system epss
scoring_elements 0.65072
published_at 2026-04-21T12:55:00Z
1
value 0.00479
scoring_system epss
scoring_elements 0.64958
published_at 2026-04-01T12:55:00Z
2
value 0.00479
scoring_system epss
scoring_elements 0.65009
published_at 2026-04-02T12:55:00Z
3
value 0.00479
scoring_system epss
scoring_elements 0.65036
published_at 2026-04-04T12:55:00Z
4
value 0.00479
scoring_system epss
scoring_elements 0.64998
published_at 2026-04-07T12:55:00Z
5
value 0.00479
scoring_system epss
scoring_elements 0.65047
published_at 2026-04-08T12:55:00Z
6
value 0.00479
scoring_system epss
scoring_elements 0.65061
published_at 2026-04-09T12:55:00Z
7
value 0.00479
scoring_system epss
scoring_elements 0.65079
published_at 2026-04-11T12:55:00Z
8
value 0.00479
scoring_system epss
scoring_elements 0.65069
published_at 2026-04-12T12:55:00Z
9
value 0.00479
scoring_system epss
scoring_elements 0.65041
published_at 2026-04-13T12:55:00Z
10
value 0.00479
scoring_system epss
scoring_elements 0.65078
published_at 2026-04-16T12:55:00Z
11
value 0.00479
scoring_system epss
scoring_elements 0.65088
published_at 2026-04-18T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2019-17019
1
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2020-01
reference_id mfsa2020-01
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2020-01
fixed_packages
0
url pkg:deb/debian/firefox@150.0-1?distro=sid
purl pkg:deb/debian/firefox@150.0-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@150.0-1%3Fdistro=sid
1
url pkg:deb/debian/firefox@0?distro=sid
purl pkg:deb/debian/firefox@0?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@0%3Fdistro=sid
2
url pkg:deb/debian/firefox@149.0-1?distro=sid
purl pkg:deb/debian/firefox@149.0-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0-1%3Fdistro=sid
3
url pkg:deb/debian/firefox@149.0.2-1?distro=sid
purl pkg:deb/debian/firefox@149.0.2-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0.2-1%3Fdistro=sid
aliases CVE-2019-17019
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-gdkx-hymn-qfbh
128
url VCID-gu5n-35b2-a3am
vulnerability_id VCID-gu5n-35b2-a3am
summary 
Multiple vulnerabilities have been found in Mozilla Firefox and
    Thunderbird the worst of which could lead to the execution of arbitrary
    code.
references
0
reference_url http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00004.html
reference_id
reference_type
scores
url http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00004.html
1
reference_url http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00029.html
reference_id
reference_type
scores
url http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00029.html
2
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-2839.json
reference_id
reference_type
scores
0
value 5.6
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-2839.json
3
reference_url https://api.first.org/data/v1/epss?cve=CVE-2016-2839
reference_id
reference_type
scores
0
value 0.00748
scoring_system epss
scoring_elements 0.73044
published_at 2026-04-01T12:55:00Z
1
value 0.00748
scoring_system epss
scoring_elements 0.7314
published_at 2026-04-21T12:55:00Z
2
value 0.00748
scoring_system epss
scoring_elements 0.73102
published_at 2026-04-12T12:55:00Z
3
value 0.00748
scoring_system epss
scoring_elements 0.73096
published_at 2026-04-13T12:55:00Z
4
value 0.00748
scoring_system epss
scoring_elements 0.73139
published_at 2026-04-16T12:55:00Z
5
value 0.00748
scoring_system epss
scoring_elements 0.73148
published_at 2026-04-18T12:55:00Z
6
value 0.00748
scoring_system epss
scoring_elements 0.73053
published_at 2026-04-02T12:55:00Z
7
value 0.00748
scoring_system epss
scoring_elements 0.73074
published_at 2026-04-04T12:55:00Z
8
value 0.00748
scoring_system epss
scoring_elements 0.73048
published_at 2026-04-07T12:55:00Z
9
value 0.00748
scoring_system epss
scoring_elements 0.73085
published_at 2026-04-08T12:55:00Z
10
value 0.00748
scoring_system epss
scoring_elements 0.73098
published_at 2026-04-09T12:55:00Z
11
value 0.00748
scoring_system epss
scoring_elements 0.73122
published_at 2026-04-11T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2016-2839
4
reference_url https://bugzilla.mozilla.org/show_bug.cgi?id=1275339
reference_id
reference_type
scores
url https://bugzilla.mozilla.org/show_bug.cgi?id=1275339
5
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 6.8
scoring_system cvssv2
scoring_elements AV:N/AC:M/Au:N/C:P/I:P/A:P
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
6
reference_url http://www.mozilla.org/security/announce/2016/mfsa2016-65.html
reference_id
reference_type
scores
url http://www.mozilla.org/security/announce/2016/mfsa2016-65.html
7
reference_url http://www.securityfocus.com/bid/92261
reference_id
reference_type
scores
url http://www.securityfocus.com/bid/92261
8
reference_url http://www.securitytracker.com/id/1036508
reference_id
reference_type
scores
url http://www.securitytracker.com/id/1036508
9
reference_url http://www.ubuntu.com/usn/USN-3044-1
reference_id
reference_type
scores
url http://www.ubuntu.com/usn/USN-3044-1
10
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1361977
reference_id 1361977
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1361977
11
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ffmpeg:ffmpeg:0.10:*:*:*:*:*:*:*
reference_id cpe:2.3:a:ffmpeg:ffmpeg:0.10:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ffmpeg:ffmpeg:0.10:*:*:*:*:*:*:*
12
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*
reference_id cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*
13
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:45.1.0:*:*:*:*:*:*:*
reference_id cpe:2.3:a:mozilla:firefox:45.1.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:45.1.0:*:*:*:*:*:*:*
14
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:45.1.1:*:*:*:*:*:*:*
reference_id cpe:2.3:a:mozilla:firefox:45.1.1:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:45.1.1:*:*:*:*:*:*:*
15
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:45.2.0:*:*:*:*:*:*:*
reference_id cpe:2.3:a:mozilla:firefox:45.2.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:45.2.0:*:*:*:*:*:*:*
16
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:45.3.0:*:*:*:*:*:*:*
reference_id cpe:2.3:a:mozilla:firefox:45.3.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:45.3.0:*:*:*:*:*:*:*
17
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
reference_id cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
18
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2839
reference_id CVE-2016-2839
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2839
19
reference_url https://nvd.nist.gov/vuln/detail/CVE-2016-2839
reference_id CVE-2016-2839
reference_type
scores
0
value 4.3
scoring_system cvssv2
scoring_elements AV:N/AC:M/Au:N/C:N/I:N/A:P
1
value 6.5
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
url https://nvd.nist.gov/vuln/detail/CVE-2016-2839
20
reference_url https://security.gentoo.org/glsa/201701-15
reference_id GLSA-201701-15
reference_type
scores
url https://security.gentoo.org/glsa/201701-15
21
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2016-65
reference_id mfsa2016-65
reference_type
scores
0
value none
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2016-65
22
reference_url https://usn.ubuntu.com/3044-1/
reference_id USN-3044-1
reference_type
scores
url https://usn.ubuntu.com/3044-1/
fixed_packages
0
url pkg:deb/debian/firefox@150.0-1?distro=sid
purl pkg:deb/debian/firefox@150.0-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@150.0-1%3Fdistro=sid
1
url pkg:deb/debian/firefox@0?distro=sid
purl pkg:deb/debian/firefox@0?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@0%3Fdistro=sid
2
url pkg:deb/debian/firefox@149.0-1?distro=sid
purl pkg:deb/debian/firefox@149.0-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0-1%3Fdistro=sid
3
url pkg:deb/debian/firefox@149.0.2-1?distro=sid
purl pkg:deb/debian/firefox@149.0.2-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0.2-1%3Fdistro=sid
aliases CVE-2016-2839
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-gu5n-35b2-a3am
129
url VCID-gxza-vbmf-tke7
vulnerability_id VCID-gxza-vbmf-tke7
summary Multiple vulnerabilities have been discovered in Mozilla Firefox, the worst of which could result in arbitrary code execution.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2023-25749
reference_id
reference_type
scores
0
value 0.00168
scoring_system epss
scoring_elements 0.37913
published_at 2026-04-21T12:55:00Z
1
value 0.00168
scoring_system epss
scoring_elements 0.38028
published_at 2026-04-02T12:55:00Z
2
value 0.00168
scoring_system epss
scoring_elements 0.38011
published_at 2026-04-11T12:55:00Z
3
value 0.00168
scoring_system epss
scoring_elements 0.37974
published_at 2026-04-12T12:55:00Z
4
value 0.00168
scoring_system epss
scoring_elements 0.3795
published_at 2026-04-13T12:55:00Z
5
value 0.00168
scoring_system epss
scoring_elements 0.37995
published_at 2026-04-16T12:55:00Z
6
value 0.00168
scoring_system epss
scoring_elements 0.37975
published_at 2026-04-18T12:55:00Z
7
value 0.00168
scoring_system epss
scoring_elements 0.38054
published_at 2026-04-04T12:55:00Z
8
value 0.00168
scoring_system epss
scoring_elements 0.37933
published_at 2026-04-07T12:55:00Z
9
value 0.00168
scoring_system epss
scoring_elements 0.37983
published_at 2026-04-08T12:55:00Z
10
value 0.00168
scoring_system epss
scoring_elements 0.37994
published_at 2026-04-09T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2023-25749
1
reference_url https://security.gentoo.org/glsa/202305-35
reference_id GLSA-202305-35
reference_type
scores
url https://security.gentoo.org/glsa/202305-35
2
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2023-09
reference_id mfsa2023-09
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2023-09
3
reference_url https://www.mozilla.org/security/advisories/mfsa2023-09/
reference_id mfsa2023-09
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-09T18:54:51Z/
url https://www.mozilla.org/security/advisories/mfsa2023-09/
4
reference_url https://bugzilla.mozilla.org/show_bug.cgi?id=1810705
reference_id show_bug.cgi?id=1810705
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-09T18:54:51Z/
url https://bugzilla.mozilla.org/show_bug.cgi?id=1810705
fixed_packages
0
url pkg:deb/debian/firefox@150.0-1?distro=sid
purl pkg:deb/debian/firefox@150.0-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@150.0-1%3Fdistro=sid
1
url pkg:deb/debian/firefox@0?distro=sid
purl pkg:deb/debian/firefox@0?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@0%3Fdistro=sid
2
url pkg:deb/debian/firefox@149.0-1?distro=sid
purl pkg:deb/debian/firefox@149.0-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0-1%3Fdistro=sid
3
url pkg:deb/debian/firefox@149.0.2-1?distro=sid
purl pkg:deb/debian/firefox@149.0.2-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0.2-1%3Fdistro=sid
aliases CVE-2023-25749
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-gxza-vbmf-tke7
130
url VCID-h1bz-r5pa-9fbw
vulnerability_id VCID-h1bz-r5pa-9fbw
summary Under certain circumstances, a user opt-in setting that Focus should require authentication before use could have been be bypassed.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-0245.json
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:L/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-0245.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2025-0245
reference_id
reference_type
scores
0
value 9e-05
scoring_system epss
scoring_elements 0.00965
published_at 2026-04-21T12:55:00Z
1
value 9e-05
scoring_system epss
scoring_elements 0.00925
published_at 2026-04-09T12:55:00Z
2
value 9e-05
scoring_system epss
scoring_elements 0.00914
published_at 2026-04-11T12:55:00Z
3
value 9e-05
scoring_system epss
scoring_elements 0.00909
published_at 2026-04-12T12:55:00Z
4
value 9e-05
scoring_system epss
scoring_elements 0.0091
published_at 2026-04-13T12:55:00Z
5
value 9e-05
scoring_system epss
scoring_elements 0.00907
published_at 2026-04-16T12:55:00Z
6
value 9e-05
scoring_system epss
scoring_elements 0.00915
published_at 2026-04-18T12:55:00Z
7
value 9e-05
scoring_system epss
scoring_elements 0.00921
published_at 2026-04-02T12:55:00Z
8
value 9e-05
scoring_system epss
scoring_elements 0.00922
published_at 2026-04-04T12:55:00Z
9
value 9e-05
scoring_system epss
scoring_elements 0.00926
published_at 2026-04-07T12:55:00Z
10
value 9e-05
scoring_system epss
scoring_elements 0.00929
published_at 2026-04-08T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2025-0245
2
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 3.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
3
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2336172
reference_id 2336172
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2336172
4
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2025-01
reference_id mfsa2025-01
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2025-01
5
reference_url https://www.mozilla.org/security/advisories/mfsa2025-01/
reference_id mfsa2025-01
reference_type
scores
0
value 3.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-08T15:32:24Z/
url https://www.mozilla.org/security/advisories/mfsa2025-01/
6
reference_url https://bugzilla.mozilla.org/show_bug.cgi?id=1895342
reference_id show_bug.cgi?id=1895342
reference_type
scores
0
value 3.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-08T15:32:24Z/
url https://bugzilla.mozilla.org/show_bug.cgi?id=1895342
fixed_packages
0
url pkg:deb/debian/firefox@150.0-1?distro=sid
purl pkg:deb/debian/firefox@150.0-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@150.0-1%3Fdistro=sid
1
url pkg:deb/debian/firefox@0?distro=sid
purl pkg:deb/debian/firefox@0?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@0%3Fdistro=sid
2
url pkg:deb/debian/firefox@149.0-1?distro=sid
purl pkg:deb/debian/firefox@149.0-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0-1%3Fdistro=sid
3
url pkg:deb/debian/firefox@149.0.2-1?distro=sid
purl pkg:deb/debian/firefox@149.0.2-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0.2-1%3Fdistro=sid
aliases CVE-2025-0245
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-h1bz-r5pa-9fbw
131
url VCID-hgx7-ubwk-wkdj
vulnerability_id VCID-hgx7-ubwk-wkdj
summary Mozilla Firefox 1.5.0.1, and possibly other versions, preserves some records of user activity even after uninstalling, which allows local users who share a Windows profile to view the records after a new installation of Firefox, as reported for the list of Passwords Never Saved web sites. NOTE: The vendor has disputed this issue, stating that "The uninstaller is primarily there to uninstall the application. It is not there to uninstall user data. For the moment I will stick by my module-owner decision.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2004-2657
reference_id
reference_type
scores
0
value 0.00146
scoring_system epss
scoring_elements 0.3484
published_at 2026-04-01T12:55:00Z
1
value 0.00146
scoring_system epss
scoring_elements 0.35038
published_at 2026-04-02T12:55:00Z
2
value 0.00146
scoring_system epss
scoring_elements 0.35065
published_at 2026-04-04T12:55:00Z
3
value 0.00146
scoring_system epss
scoring_elements 0.34944
published_at 2026-04-07T12:55:00Z
4
value 0.00146
scoring_system epss
scoring_elements 0.3499
published_at 2026-04-08T12:55:00Z
5
value 0.00146
scoring_system epss
scoring_elements 0.35018
published_at 2026-04-09T12:55:00Z
6
value 0.00146
scoring_system epss
scoring_elements 0.35022
published_at 2026-04-11T12:55:00Z
7
value 0.00146
scoring_system epss
scoring_elements 0.34986
published_at 2026-04-12T12:55:00Z
8
value 0.00146
scoring_system epss
scoring_elements 0.34963
published_at 2026-04-13T12:55:00Z
9
value 0.00146
scoring_system epss
scoring_elements 0.35002
published_at 2026-04-16T12:55:00Z
10
value 0.00146
scoring_system epss
scoring_elements 0.34985
published_at 2026-04-18T12:55:00Z
11
value 0.00146
scoring_system epss
scoring_elements 0.34942
published_at 2026-04-21T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2004-2657
fixed_packages
0
url pkg:deb/debian/firefox@150.0-1?distro=sid
purl pkg:deb/debian/firefox@150.0-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@150.0-1%3Fdistro=sid
1
url pkg:deb/debian/firefox@0?distro=sid
purl pkg:deb/debian/firefox@0?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@0%3Fdistro=sid
2
url pkg:deb/debian/firefox@149.0-1?distro=sid
purl pkg:deb/debian/firefox@149.0-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0-1%3Fdistro=sid
3
url pkg:deb/debian/firefox@149.0.2-1?distro=sid
purl pkg:deb/debian/firefox@149.0.2-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0.2-1%3Fdistro=sid
aliases CVE-2004-2657
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-hgx7-ubwk-wkdj
132
url VCID-hhad-uy4u-xkak
vulnerability_id VCID-hhad-uy4u-xkak
summary When the RSS Feed preview about:feeds page is framed within another page, it can be used in concert with scripted content for a clickjacking attack that confuses users into downloading and executing an executable file from a temporary directory. *Note: This issue only affects Windows operating systems. Other operating systems are not affected.*
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2018-18496
reference_id
reference_type
scores
0
value 0.00417
scoring_system epss
scoring_elements 0.61768
published_at 2026-04-21T12:55:00Z
1
value 0.00417
scoring_system epss
scoring_elements 0.6161
published_at 2026-04-01T12:55:00Z
2
value 0.00417
scoring_system epss
scoring_elements 0.61739
published_at 2026-04-13T12:55:00Z
3
value 0.00417
scoring_system epss
scoring_elements 0.6178
published_at 2026-04-16T12:55:00Z
4
value 0.00417
scoring_system epss
scoring_elements 0.61786
published_at 2026-04-18T12:55:00Z
5
value 0.00417
scoring_system epss
scoring_elements 0.61684
published_at 2026-04-02T12:55:00Z
6
value 0.00417
scoring_system epss
scoring_elements 0.61714
published_at 2026-04-04T12:55:00Z
7
value 0.00417
scoring_system epss
scoring_elements 0.61685
published_at 2026-04-07T12:55:00Z
8
value 0.00417
scoring_system epss
scoring_elements 0.61734
published_at 2026-04-08T12:55:00Z
9
value 0.00417
scoring_system epss
scoring_elements 0.61749
published_at 2026-04-09T12:55:00Z
10
value 0.00417
scoring_system epss
scoring_elements 0.61771
published_at 2026-04-11T12:55:00Z
11
value 0.00417
scoring_system epss
scoring_elements 0.61758
published_at 2026-04-12T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2018-18496
1
reference_url https://bugzilla.mozilla.org/show_bug.cgi?id=1422231
reference_id
reference_type
scores
url https://bugzilla.mozilla.org/show_bug.cgi?id=1422231
2
reference_url https://www.mozilla.org/security/advisories/mfsa2018-29/
reference_id
reference_type
scores
url https://www.mozilla.org/security/advisories/mfsa2018-29/
3
reference_url http://www.securityfocus.com/bid/106167
reference_id
reference_type
scores
url http://www.securityfocus.com/bid/106167
4
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*
reference_id cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*
5
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*
reference_id cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*
6
reference_url https://nvd.nist.gov/vuln/detail/CVE-2018-18496
reference_id CVE-2018-18496
reference_type
scores
0
value 6.8
scoring_system cvssv2
scoring_elements AV:N/AC:M/Au:N/C:P/I:P/A:P
1
value 8.8
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
url https://nvd.nist.gov/vuln/detail/CVE-2018-18496
7
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2018-29
reference_id mfsa2018-29
reference_type
scores
0
value critical
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2018-29
fixed_packages
0
url pkg:deb/debian/firefox@150.0-1?distro=sid
purl pkg:deb/debian/firefox@150.0-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@150.0-1%3Fdistro=sid
1
url pkg:deb/debian/firefox@0?distro=sid
purl pkg:deb/debian/firefox@0?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@0%3Fdistro=sid
2
url pkg:deb/debian/firefox@149.0-1?distro=sid
purl pkg:deb/debian/firefox@149.0-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0-1%3Fdistro=sid
3
url pkg:deb/debian/firefox@149.0.2-1?distro=sid
purl pkg:deb/debian/firefox@149.0.2-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0.2-1%3Fdistro=sid
aliases CVE-2018-18496
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-hhad-uy4u-xkak
133
url VCID-hmtb-36h7-3uaj
vulnerability_id VCID-hmtb-36h7-3uaj
summary A select option could partially obscure the confirmation prompt shown before launching external apps. This could be used to trick a user in to launching an external app unexpectedly. *This issue only affects Android versions of Firefox.*
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-1940.json
reference_id
reference_type
scores
0
value 5.4
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-1940.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2025-1940
reference_id
reference_type
scores
0
value 0.00097
scoring_system epss
scoring_elements 0.26882
published_at 2026-04-02T12:55:00Z
1
value 0.00097
scoring_system epss
scoring_elements 0.26823
published_at 2026-04-11T12:55:00Z
2
value 0.00097
scoring_system epss
scoring_elements 0.26917
published_at 2026-04-04T12:55:00Z
3
value 0.00097
scoring_system epss
scoring_elements 0.26703
published_at 2026-04-07T12:55:00Z
4
value 0.00097
scoring_system epss
scoring_elements 0.26771
published_at 2026-04-08T12:55:00Z
5
value 0.00097
scoring_system epss
scoring_elements 0.26819
published_at 2026-04-09T12:55:00Z
6
value 0.00276
scoring_system epss
scoring_elements 0.51074
published_at 2026-04-18T12:55:00Z
7
value 0.00276
scoring_system epss
scoring_elements 0.51068
published_at 2026-04-16T12:55:00Z
8
value 0.00276
scoring_system epss
scoring_elements 0.5103
published_at 2026-04-13T12:55:00Z
9
value 0.00276
scoring_system epss
scoring_elements 0.51046
published_at 2026-04-12T12:55:00Z
10
value 0.00283
scoring_system epss
scoring_elements 0.51772
published_at 2026-04-21T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2025-1940
2
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2349788
reference_id 2349788
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2349788
3
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2025-14
reference_id mfsa2025-14
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2025-14
4
reference_url https://www.mozilla.org/security/advisories/mfsa2025-14/
reference_id mfsa2025-14
reference_type
scores
0
value 7.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:L/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-03-04T15:55:08Z/
url https://www.mozilla.org/security/advisories/mfsa2025-14/
5
reference_url https://bugzilla.mozilla.org/show_bug.cgi?id=1908488
reference_id show_bug.cgi?id=1908488
reference_type
scores
0
value 7.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:L/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-03-04T15:55:08Z/
url https://bugzilla.mozilla.org/show_bug.cgi?id=1908488
fixed_packages
0
url pkg:deb/debian/firefox@150.0-1?distro=sid
purl pkg:deb/debian/firefox@150.0-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@150.0-1%3Fdistro=sid
1
url pkg:deb/debian/firefox@0?distro=sid
purl pkg:deb/debian/firefox@0?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@0%3Fdistro=sid
2
url pkg:deb/debian/firefox@149.0-1?distro=sid
purl pkg:deb/debian/firefox@149.0-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0-1%3Fdistro=sid
3
url pkg:deb/debian/firefox@149.0.2-1?distro=sid
purl pkg:deb/debian/firefox@149.0.2-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0.2-1%3Fdistro=sid
aliases CVE-2025-1940
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-hmtb-36h7-3uaj
134
url VCID-hr2p-k95n-pbg3
vulnerability_id VCID-hr2p-k95n-pbg3
summary The session restore helper crashed whenever there was no parameter sent to the message handler.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2023-37456
reference_id
reference_type
scores
0
value 0.00413
scoring_system epss
scoring_elements 0.61551
published_at 2026-04-21T12:55:00Z
1
value 0.00413
scoring_system epss
scoring_elements 0.61562
published_at 2026-04-16T12:55:00Z
2
value 0.00413
scoring_system epss
scoring_elements 0.61567
published_at 2026-04-18T12:55:00Z
3
value 0.00586
scoring_system epss
scoring_elements 0.6905
published_at 2026-04-04T12:55:00Z
4
value 0.00586
scoring_system epss
scoring_elements 0.69029
published_at 2026-04-02T12:55:00Z
5
value 0.00732
scoring_system epss
scoring_elements 0.72707
published_at 2026-04-13T12:55:00Z
6
value 0.00732
scoring_system epss
scoring_elements 0.7271
published_at 2026-04-09T12:55:00Z
7
value 0.00732
scoring_system epss
scoring_elements 0.72658
published_at 2026-04-07T12:55:00Z
8
value 0.00732
scoring_system epss
scoring_elements 0.72697
published_at 2026-04-08T12:55:00Z
9
value 0.00732
scoring_system epss
scoring_elements 0.72734
published_at 2026-04-11T12:55:00Z
10
value 0.00732
scoring_system epss
scoring_elements 0.72717
published_at 2026-04-12T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2023-37456
1
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2023-25
reference_id mfsa2023-25
reference_type
scores
0
value none
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2023-25
2
reference_url https://www.mozilla.org/security/advisories/mfsa2023-25/
reference_id mfsa2023-25
reference_type
scores
0
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-11-07T16:45:49Z/
url https://www.mozilla.org/security/advisories/mfsa2023-25/
3
reference_url https://bugzilla.mozilla.org/show_bug.cgi?id=1795496
reference_id show_bug.cgi?id=1795496
reference_type
scores
0
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-11-07T16:45:49Z/
url https://bugzilla.mozilla.org/show_bug.cgi?id=1795496
fixed_packages
0
url pkg:deb/debian/firefox@150.0-1?distro=sid
purl pkg:deb/debian/firefox@150.0-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@150.0-1%3Fdistro=sid
1
url pkg:deb/debian/firefox@0?distro=sid
purl pkg:deb/debian/firefox@0?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@0%3Fdistro=sid
2
url pkg:deb/debian/firefox@149.0-1?distro=sid
purl pkg:deb/debian/firefox@149.0-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0-1%3Fdistro=sid
3
url pkg:deb/debian/firefox@149.0.2-1?distro=sid
purl pkg:deb/debian/firefox@149.0.2-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0.2-1%3Fdistro=sid
aliases CVE-2023-37456
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-hr2p-k95n-pbg3
135
url VCID-hs7f-4tav-dfcv
vulnerability_id VCID-hs7f-4tav-dfcv
summary When a malicious application installed on the user's device broadcast an Intent to Firefox for Android, arbitrary headers could have been specified, leading to attacks such as abusing ambient authority or session fixation. This was resolved by only allowing certain safe-listed headers.*Note: This issue only affected Firefox for Android. Other operating systems are unaffected.*
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2020-26975
reference_id
reference_type
scores
0
value 0.00379
scoring_system epss
scoring_elements 0.59463
published_at 2026-04-21T12:55:00Z
1
value 0.00379
scoring_system epss
scoring_elements 0.5933
published_at 2026-04-01T12:55:00Z
2
value 0.00379
scoring_system epss
scoring_elements 0.59473
published_at 2026-04-16T12:55:00Z
3
value 0.00379
scoring_system epss
scoring_elements 0.5948
published_at 2026-04-18T12:55:00Z
4
value 0.00379
scoring_system epss
scoring_elements 0.59403
published_at 2026-04-02T12:55:00Z
5
value 0.00379
scoring_system epss
scoring_elements 0.59427
published_at 2026-04-04T12:55:00Z
6
value 0.00379
scoring_system epss
scoring_elements 0.59393
published_at 2026-04-07T12:55:00Z
7
value 0.00379
scoring_system epss
scoring_elements 0.59443
published_at 2026-04-08T12:55:00Z
8
value 0.00379
scoring_system epss
scoring_elements 0.59457
published_at 2026-04-09T12:55:00Z
9
value 0.00379
scoring_system epss
scoring_elements 0.59476
published_at 2026-04-11T12:55:00Z
10
value 0.00379
scoring_system epss
scoring_elements 0.59459
published_at 2026-04-12T12:55:00Z
11
value 0.00379
scoring_system epss
scoring_elements 0.59441
published_at 2026-04-13T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2020-26975
1
reference_url https://security.archlinux.org/AVG-1363
reference_id AVG-1363
reference_type
scores
0
value Medium
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-1363
2
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2020-54
reference_id mfsa2020-54
reference_type
scores
0
value critical
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2020-54
fixed_packages
0
url pkg:deb/debian/firefox@150.0-1?distro=sid
purl pkg:deb/debian/firefox@150.0-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@150.0-1%3Fdistro=sid
1
url pkg:deb/debian/firefox@0?distro=sid
purl pkg:deb/debian/firefox@0?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@0%3Fdistro=sid
2
url pkg:deb/debian/firefox@149.0-1?distro=sid
purl pkg:deb/debian/firefox@149.0-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0-1%3Fdistro=sid
3
url pkg:deb/debian/firefox@149.0.2-1?distro=sid
purl pkg:deb/debian/firefox@149.0.2-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0.2-1%3Fdistro=sid
aliases CVE-2020-26975
risk_score 4.5
exploitability 0.5
weighted_severity 9.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-hs7f-4tav-dfcv
136
url VCID-hu6v-g43k-9uep
vulnerability_id VCID-hu6v-g43k-9uep
summary Multiple vulnerabilities have been discovered in Mozilla Thunderbird, the worst of which could lead to remote code execution.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-9395.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-9395.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2024-9395
reference_id
reference_type
scores
0
value 0.00286
scoring_system epss
scoring_elements 0.521
published_at 2026-04-21T12:55:00Z
1
value 0.00286
scoring_system epss
scoring_elements 0.52056
published_at 2026-04-09T12:55:00Z
2
value 0.00286
scoring_system epss
scoring_elements 0.52108
published_at 2026-04-11T12:55:00Z
3
value 0.00286
scoring_system epss
scoring_elements 0.52091
published_at 2026-04-12T12:55:00Z
4
value 0.00286
scoring_system epss
scoring_elements 0.52074
published_at 2026-04-13T12:55:00Z
5
value 0.00286
scoring_system epss
scoring_elements 0.52114
published_at 2026-04-16T12:55:00Z
6
value 0.00286
scoring_system epss
scoring_elements 0.52118
published_at 2026-04-18T12:55:00Z
7
value 0.00286
scoring_system epss
scoring_elements 0.52013
published_at 2026-04-02T12:55:00Z
8
value 0.00286
scoring_system epss
scoring_elements 0.52039
published_at 2026-04-04T12:55:00Z
9
value 0.00286
scoring_system epss
scoring_elements 0.52005
published_at 2026-04-07T12:55:00Z
10
value 0.00286
scoring_system epss
scoring_elements 0.52059
published_at 2026-04-08T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2024-9395
2
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
3
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2315958
reference_id 2315958
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2315958
4
reference_url https://security.gentoo.org/glsa/202412-04
reference_id GLSA-202412-04
reference_type
scores
url https://security.gentoo.org/glsa/202412-04
5
reference_url https://security.gentoo.org/glsa/202412-06
reference_id GLSA-202412-06
reference_type
scores
url https://security.gentoo.org/glsa/202412-06
6
reference_url https://security.gentoo.org/glsa/202505-08
reference_id GLSA-202505-08
reference_type
scores
url https://security.gentoo.org/glsa/202505-08
7
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2024-46
reference_id mfsa2024-46
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2024-46
8
reference_url https://www.mozilla.org/security/advisories/mfsa2024-46/
reference_id mfsa2024-46
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-01T18:40:46Z/
url https://www.mozilla.org/security/advisories/mfsa2024-46/
9
reference_url https://bugzilla.mozilla.org/show_bug.cgi?id=1906024
reference_id show_bug.cgi?id=1906024
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-01T18:40:46Z/
url https://bugzilla.mozilla.org/show_bug.cgi?id=1906024
fixed_packages
0
url pkg:deb/debian/firefox@150.0-1?distro=sid
purl pkg:deb/debian/firefox@150.0-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@150.0-1%3Fdistro=sid
1
url pkg:deb/debian/firefox@0?distro=sid
purl pkg:deb/debian/firefox@0?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@0%3Fdistro=sid
2
url pkg:deb/debian/firefox@149.0-1?distro=sid
purl pkg:deb/debian/firefox@149.0-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0-1%3Fdistro=sid
3
url pkg:deb/debian/firefox@149.0.2-1?distro=sid
purl pkg:deb/debian/firefox@149.0.2-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0.2-1%3Fdistro=sid
aliases CVE-2024-9395
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-hu6v-g43k-9uep
137
url VCID-hwdb-ww2n-fqdq
vulnerability_id VCID-hwdb-ww2n-fqdq
summary A spoofing vulnerability can occur when a page switches to fullscreen mode without user notification, allowing a fake address bar to be displayed. This allows an attacker to spoof which page is actually loaded and in use. *Note: This attack only affects Firefox for Android. Other operating systems are not affected.*
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2017-7817
reference_id
reference_type
scores
0
value 0.00882
scoring_system epss
scoring_elements 0.75421
published_at 2026-04-21T12:55:00Z
1
value 0.00882
scoring_system epss
scoring_elements 0.75329
published_at 2026-04-01T12:55:00Z
2
value 0.00882
scoring_system epss
scoring_elements 0.75384
published_at 2026-04-13T12:55:00Z
3
value 0.00882
scoring_system epss
scoring_elements 0.75425
published_at 2026-04-16T12:55:00Z
4
value 0.00882
scoring_system epss
scoring_elements 0.75432
published_at 2026-04-18T12:55:00Z
5
value 0.00882
scoring_system epss
scoring_elements 0.75332
published_at 2026-04-02T12:55:00Z
6
value 0.00882
scoring_system epss
scoring_elements 0.75364
published_at 2026-04-04T12:55:00Z
7
value 0.00882
scoring_system epss
scoring_elements 0.75344
published_at 2026-04-07T12:55:00Z
8
value 0.00882
scoring_system epss
scoring_elements 0.75387
published_at 2026-04-08T12:55:00Z
9
value 0.00882
scoring_system epss
scoring_elements 0.75397
published_at 2026-04-09T12:55:00Z
10
value 0.00882
scoring_system epss
scoring_elements 0.75417
published_at 2026-04-11T12:55:00Z
11
value 0.00882
scoring_system epss
scoring_elements 0.75395
published_at 2026-04-12T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2017-7817
1
reference_url https://bugzilla.mozilla.org/show_bug.cgi?id=1356596
reference_id
reference_type
scores
url https://bugzilla.mozilla.org/show_bug.cgi?id=1356596
2
reference_url https://www.mozilla.org/security/advisories/mfsa2017-21/
reference_id
reference_type
scores
url https://www.mozilla.org/security/advisories/mfsa2017-21/
3
reference_url http://www.securityfocus.com/bid/101057
reference_id
reference_type
scores
url http://www.securityfocus.com/bid/101057
4
reference_url http://www.securitytracker.com/id/1039465
reference_id
reference_type
scores
url http://www.securitytracker.com/id/1039465
5
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*
reference_id cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*
6
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:google:android:*:*:*:*:*:*:*:*
reference_id cpe:2.3:o:google:android:*:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:google:android:*:*:*:*:*:*:*:*
7
reference_url https://nvd.nist.gov/vuln/detail/CVE-2017-7817
reference_id CVE-2017-7817
reference_type
scores
0
value 5.0
scoring_system cvssv2
scoring_elements AV:N/AC:L/Au:N/C:N/I:P/A:N
1
value 5.3
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
url https://nvd.nist.gov/vuln/detail/CVE-2017-7817
8
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2017-21
reference_id mfsa2017-21
reference_type
scores
0
value critical
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2017-21
fixed_packages
0
url pkg:deb/debian/firefox@150.0-1?distro=sid
purl pkg:deb/debian/firefox@150.0-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@150.0-1%3Fdistro=sid
1
url pkg:deb/debian/firefox@0?distro=sid
purl pkg:deb/debian/firefox@0?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@0%3Fdistro=sid
2
url pkg:deb/debian/firefox@149.0-1?distro=sid
purl pkg:deb/debian/firefox@149.0-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0-1%3Fdistro=sid
3
url pkg:deb/debian/firefox@149.0.2-1?distro=sid
purl pkg:deb/debian/firefox@149.0.2-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0.2-1%3Fdistro=sid
aliases CVE-2017-7817
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-hwdb-ww2n-fqdq
138
url VCID-hzj6-1jkf-h3ef
vulnerability_id VCID-hzj6-1jkf-h3ef
summary
references
0
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-30
reference_id mfsa2026-30
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-30
1
reference_url https://www.mozilla.org/security/advisories/mfsa2026-30/
reference_id mfsa2026-30
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-22T14:29:47Z/
url https://www.mozilla.org/security/advisories/mfsa2026-30/
2
reference_url https://bugzilla.mozilla.org/show_bug.cgi?id=1992585
reference_id show_bug.cgi?id=1992585
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-22T14:29:47Z/
url https://bugzilla.mozilla.org/show_bug.cgi?id=1992585
fixed_packages
0
url pkg:deb/debian/firefox@150.0-1?distro=sid
purl pkg:deb/debian/firefox@150.0-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@150.0-1%3Fdistro=sid
1
url pkg:deb/debian/firefox@0?distro=sid
purl pkg:deb/debian/firefox@0?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@0%3Fdistro=sid
aliases CVE-2026-6756
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-hzj6-1jkf-h3ef
139
url VCID-j2ax-jb2h-byeu
vulnerability_id VCID-j2ax-jb2h-byeu
summary Multiple vulnerabilities have been discovered in Mozilla Thunderbird, the worst of which could lead to remote code execution.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-4052.json
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-4052.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2023-4052
reference_id
reference_type
scores
0
value 0.00179
scoring_system epss
scoring_elements 0.39393
published_at 2026-04-21T12:55:00Z
1
value 0.00179
scoring_system epss
scoring_elements 0.39484
published_at 2026-04-08T12:55:00Z
2
value 0.00179
scoring_system epss
scoring_elements 0.395
published_at 2026-04-09T12:55:00Z
3
value 0.00179
scoring_system epss
scoring_elements 0.3951
published_at 2026-04-11T12:55:00Z
4
value 0.00179
scoring_system epss
scoring_elements 0.39472
published_at 2026-04-12T12:55:00Z
5
value 0.00179
scoring_system epss
scoring_elements 0.39455
published_at 2026-04-13T12:55:00Z
6
value 0.00179
scoring_system epss
scoring_elements 0.39506
published_at 2026-04-16T12:55:00Z
7
value 0.00179
scoring_system epss
scoring_elements 0.39478
published_at 2026-04-18T12:55:00Z
8
value 0.00179
scoring_system epss
scoring_elements 0.39491
published_at 2026-04-02T12:55:00Z
9
value 0.00179
scoring_system epss
scoring_elements 0.39515
published_at 2026-04-04T12:55:00Z
10
value 0.00179
scoring_system epss
scoring_elements 0.39429
published_at 2026-04-07T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2023-4052
2
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2228369
reference_id 2228369
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2228369
3
reference_url https://security.gentoo.org/glsa/202402-25
reference_id GLSA-202402-25
reference_type
scores
url https://security.gentoo.org/glsa/202402-25
4
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2023-29
reference_id mfsa2023-29
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2023-29
5
reference_url https://www.mozilla.org/security/advisories/mfsa2023-29/
reference_id mfsa2023-29
reference_type
scores
0
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-22T14:38:55Z/
url https://www.mozilla.org/security/advisories/mfsa2023-29/
6
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2023-31
reference_id mfsa2023-31
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2023-31
7
reference_url https://www.mozilla.org/security/advisories/mfsa2023-31/
reference_id mfsa2023-31
reference_type
scores
0
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-22T14:38:55Z/
url https://www.mozilla.org/security/advisories/mfsa2023-31/
8
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2023-33
reference_id mfsa2023-33
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2023-33
9
reference_url https://www.mozilla.org/security/advisories/mfsa2023-33/
reference_id mfsa2023-33
reference_type
scores
0
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-22T14:38:55Z/
url https://www.mozilla.org/security/advisories/mfsa2023-33/
10
reference_url https://bugzilla.mozilla.org/show_bug.cgi?id=1824420
reference_id show_bug.cgi?id=1824420
reference_type
scores
0
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-22T14:38:55Z/
url https://bugzilla.mozilla.org/show_bug.cgi?id=1824420
fixed_packages
0
url pkg:deb/debian/firefox@150.0-1?distro=sid
purl pkg:deb/debian/firefox@150.0-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@150.0-1%3Fdistro=sid
1
url pkg:deb/debian/firefox@0?distro=sid
purl pkg:deb/debian/firefox@0?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@0%3Fdistro=sid
2
url pkg:deb/debian/firefox@149.0-1?distro=sid
purl pkg:deb/debian/firefox@149.0-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0-1%3Fdistro=sid
3
url pkg:deb/debian/firefox@149.0.2-1?distro=sid
purl pkg:deb/debian/firefox@149.0.2-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0.2-1%3Fdistro=sid
aliases CVE-2023-4052
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-j2ax-jb2h-byeu
140
url VCID-j2ga-ggcd-fkg1
vulnerability_id VCID-j2ga-ggcd-fkg1
summary 
Multiple vulnerabilities have been found in Mozilla Firefox and
    Thunderbird the worst of which could lead to the execution of arbitrary
    code.
references
0
reference_url http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00023.html
reference_id
reference_type
scores
url http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00023.html
1
reference_url http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00054.html
reference_id
reference_type
scores
url http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00054.html
2
reference_url http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00057.html
reference_id
reference_type
scores
url http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00057.html
3
reference_url http://rhn.redhat.com/errata/RHSA-2016-0695.html
reference_id
reference_type
scores
url http://rhn.redhat.com/errata/RHSA-2016-0695.html
4
reference_url http://rhn.redhat.com/errata/RHSA-2016-1041.html
reference_id
reference_type
scores
url http://rhn.redhat.com/errata/RHSA-2016-1041.html
5
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-2805.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-2805.json
6
reference_url https://api.first.org/data/v1/epss?cve=CVE-2016-2805
reference_id
reference_type
scores
0
value 0.00922
scoring_system epss
scoring_elements 0.76008
published_at 2026-04-21T12:55:00Z
1
value 0.00922
scoring_system epss
scoring_elements 0.75924
published_at 2026-04-01T12:55:00Z
2
value 0.00922
scoring_system epss
scoring_elements 0.75988
published_at 2026-04-12T12:55:00Z
3
value 0.00922
scoring_system epss
scoring_elements 0.75981
published_at 2026-04-13T12:55:00Z
4
value 0.00922
scoring_system epss
scoring_elements 0.76021
published_at 2026-04-16T12:55:00Z
5
value 0.00922
scoring_system epss
scoring_elements 0.76024
published_at 2026-04-18T12:55:00Z
6
value 0.00922
scoring_system epss
scoring_elements 0.75928
published_at 2026-04-02T12:55:00Z
7
value 0.00922
scoring_system epss
scoring_elements 0.7596
published_at 2026-04-04T12:55:00Z
8
value 0.00922
scoring_system epss
scoring_elements 0.75939
published_at 2026-04-07T12:55:00Z
9
value 0.00922
scoring_system epss
scoring_elements 0.75972
published_at 2026-04-08T12:55:00Z
10
value 0.00922
scoring_system epss
scoring_elements 0.75986
published_at 2026-04-09T12:55:00Z
11
value 0.00922
scoring_system epss
scoring_elements 0.76011
published_at 2026-04-11T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2016-2805
7
reference_url https://bugzilla.mozilla.org/show_bug.cgi?id=1241731
reference_id
reference_type
scores
url https://bugzilla.mozilla.org/show_bug.cgi?id=1241731
8
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2805
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2805
9
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2807
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2807
10
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2808
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2808
11
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2814
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2814
12
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 6.8
scoring_system cvssv2
scoring_elements AV:N/AC:M/Au:N/C:P/I:P/A:P
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
13
reference_url http://www.debian.org/security/2016/dsa-3559
reference_id
reference_type
scores
url http://www.debian.org/security/2016/dsa-3559
14
reference_url http://www.debian.org/security/2016/dsa-3576
reference_id
reference_type
scores
url http://www.debian.org/security/2016/dsa-3576
15
reference_url http://www.mozilla.org/security/announce/2016/mfsa2016-39.html
reference_id
reference_type
scores
url http://www.mozilla.org/security/announce/2016/mfsa2016-39.html
16
reference_url http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html
reference_id
reference_type
scores
url http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html
17
reference_url http://www.securitytracker.com/id/1035692
reference_id
reference_type
scores
url http://www.securitytracker.com/id/1035692
18
reference_url http://www.ubuntu.com/usn/USN-2973-1
reference_id
reference_type
scores
url http://www.ubuntu.com/usn/USN-2973-1
19
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1330266
reference_id 1330266
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1330266
20
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0:*:*:*:*:*:*:*
reference_id cpe:2.3:a:mozilla:firefox:38.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0:*:*:*:*:*:*:*
21
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0.1:*:*:*:*:*:*:*
reference_id cpe:2.3:a:mozilla:firefox:38.0.1:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0.1:*:*:*:*:*:*:*
22
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0.5:*:*:*:*:*:*:*
reference_id cpe:2.3:a:mozilla:firefox:38.0.5:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.0.5:*:*:*:*:*:*:*
23
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.1.0:*:*:*:*:*:*:*
reference_id cpe:2.3:a:mozilla:firefox:38.1.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.1.0:*:*:*:*:*:*:*
24
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.1.1:*:*:*:*:*:*:*
reference_id cpe:2.3:a:mozilla:firefox:38.1.1:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.1.1:*:*:*:*:*:*:*
25
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.2.0:*:*:*:*:*:*:*
reference_id cpe:2.3:a:mozilla:firefox:38.2.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.2.0:*:*:*:*:*:*:*
26
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.2.1:*:*:*:*:*:*:*
reference_id cpe:2.3:a:mozilla:firefox:38.2.1:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.2.1:*:*:*:*:*:*:*
27
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.3.0:*:*:*:*:*:*:*
reference_id cpe:2.3:a:mozilla:firefox:38.3.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.3.0:*:*:*:*:*:*:*
28
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.4.0:*:*:*:*:*:*:*
reference_id cpe:2.3:a:mozilla:firefox:38.4.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.4.0:*:*:*:*:*:*:*
29
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.5.0:*:*:*:*:*:*:*
reference_id cpe:2.3:a:mozilla:firefox:38.5.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.5.0:*:*:*:*:*:*:*
30
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.5.1:*:*:*:*:*:*:*
reference_id cpe:2.3:a:mozilla:firefox:38.5.1:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.5.1:*:*:*:*:*:*:*
31
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.6.0:*:*:*:*:*:*:*
reference_id cpe:2.3:a:mozilla:firefox:38.6.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.6.0:*:*:*:*:*:*:*
32
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.6.1:*:*:*:*:*:*:*
reference_id cpe:2.3:a:mozilla:firefox:38.6.1:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.6.1:*:*:*:*:*:*:*
33
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.7.0:*:*:*:*:*:*:*
reference_id cpe:2.3:a:mozilla:firefox:38.7.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.7.0:*:*:*:*:*:*:*
34
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.7.1:*:*:*:*:*:*:*
reference_id cpe:2.3:a:mozilla:firefox:38.7.1:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:38.7.1:*:*:*:*:*:*:*
35
reference_url https://nvd.nist.gov/vuln/detail/CVE-2016-2805
reference_id CVE-2016-2805
reference_type
scores
0
value 10.0
scoring_system cvssv2
scoring_elements AV:N/AC:L/Au:N/C:C/I:C/A:C
1
value 8.8
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
url https://nvd.nist.gov/vuln/detail/CVE-2016-2805
36
reference_url https://security.gentoo.org/glsa/201701-15
reference_id GLSA-201701-15
reference_type
scores
url https://security.gentoo.org/glsa/201701-15
37
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2016-39
reference_id mfsa2016-39
reference_type
scores
0
value critical
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2016-39
38
reference_url https://access.redhat.com/errata/RHSA-2016:0695
reference_id RHSA-2016:0695
reference_type
scores
url https://access.redhat.com/errata/RHSA-2016:0695
39
reference_url https://access.redhat.com/errata/RHSA-2016:1041
reference_id RHSA-2016:1041
reference_type
scores
url https://access.redhat.com/errata/RHSA-2016:1041
40
reference_url https://usn.ubuntu.com/2973-1/
reference_id USN-2973-1
reference_type
scores
url https://usn.ubuntu.com/2973-1/
fixed_packages
0
url pkg:deb/debian/firefox@150.0-1?distro=sid
purl pkg:deb/debian/firefox@150.0-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@150.0-1%3Fdistro=sid
1
url pkg:deb/debian/firefox@0?distro=sid
purl pkg:deb/debian/firefox@0?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@0%3Fdistro=sid
2
url pkg:deb/debian/firefox@149.0-1?distro=sid
purl pkg:deb/debian/firefox@149.0-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0-1%3Fdistro=sid
3
url pkg:deb/debian/firefox@149.0.2-1?distro=sid
purl pkg:deb/debian/firefox@149.0.2-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0.2-1%3Fdistro=sid
aliases CVE-2016-2805
risk_score 4.5
exploitability 0.5
weighted_severity 9.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-j2ga-ggcd-fkg1
141
url VCID-j921-2uvd-kked
vulnerability_id VCID-j921-2uvd-kked
summary Dragging Javascript URLs to the address bar could cause them to be loaded, bypassing restrictions and security protections
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2024-31393
reference_id
reference_type
scores
0
value 0.00136
scoring_system epss
scoring_elements 0.33293
published_at 2026-04-21T12:55:00Z
1
value 0.00136
scoring_system epss
scoring_elements 0.33378
published_at 2026-04-11T12:55:00Z
2
value 0.00136
scoring_system epss
scoring_elements 0.33336
published_at 2026-04-12T12:55:00Z
3
value 0.00136
scoring_system epss
scoring_elements 0.33313
published_at 2026-04-13T12:55:00Z
4
value 0.00136
scoring_system epss
scoring_elements 0.33353
published_at 2026-04-16T12:55:00Z
5
value 0.00136
scoring_system epss
scoring_elements 0.33329
published_at 2026-04-18T12:55:00Z
6
value 0.00136
scoring_system epss
scoring_elements 0.33428
published_at 2026-04-02T12:55:00Z
7
value 0.00136
scoring_system epss
scoring_elements 0.33459
published_at 2026-04-04T12:55:00Z
8
value 0.00136
scoring_system epss
scoring_elements 0.33297
published_at 2026-04-07T12:55:00Z
9
value 0.00136
scoring_system epss
scoring_elements 0.33341
published_at 2026-04-08T12:55:00Z
10
value 0.00136
scoring_system epss
scoring_elements 0.33375
published_at 2026-04-09T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2024-31393
1
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2024-17
reference_id mfsa2024-17
reference_type
scores
0
value none
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2024-17
2
reference_url https://www.mozilla.org/security/advisories/mfsa2024-17/
reference_id mfsa2024-17
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-03T18:14:32Z/
url https://www.mozilla.org/security/advisories/mfsa2024-17/
3
reference_url https://bugzilla.mozilla.org/show_bug.cgi?id=1879739
reference_id show_bug.cgi?id=1879739
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-03T18:14:32Z/
url https://bugzilla.mozilla.org/show_bug.cgi?id=1879739
fixed_packages
0
url pkg:deb/debian/firefox@150.0-1?distro=sid
purl pkg:deb/debian/firefox@150.0-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@150.0-1%3Fdistro=sid
1
url pkg:deb/debian/firefox@0?distro=sid
purl pkg:deb/debian/firefox@0?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@0%3Fdistro=sid
2
url pkg:deb/debian/firefox@149.0-1?distro=sid
purl pkg:deb/debian/firefox@149.0-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0-1%3Fdistro=sid
3
url pkg:deb/debian/firefox@149.0.2-1?distro=sid
purl pkg:deb/debian/firefox@149.0.2-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0.2-1%3Fdistro=sid
aliases CVE-2024-31393
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-j921-2uvd-kked
142
url VCID-jeja-pgsz-2uaq
vulnerability_id VCID-jeja-pgsz-2uaq
summary 
Multiple vulnerabilities have been found in Mozilla Firefox, the
    worst of which could result in the arbitrary execution of code.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2021-23976
reference_id
reference_type
scores
0
value 0.00332
scoring_system epss
scoring_elements 0.56095
published_at 2026-04-21T12:55:00Z
1
value 0.00332
scoring_system epss
scoring_elements 0.55948
published_at 2026-04-01T12:55:00Z
2
value 0.00332
scoring_system epss
scoring_elements 0.56087
published_at 2026-04-13T12:55:00Z
3
value 0.00332
scoring_system epss
scoring_elements 0.56122
published_at 2026-04-16T12:55:00Z
4
value 0.00332
scoring_system epss
scoring_elements 0.56124
published_at 2026-04-18T12:55:00Z
5
value 0.00332
scoring_system epss
scoring_elements 0.5606
published_at 2026-04-02T12:55:00Z
6
value 0.00332
scoring_system epss
scoring_elements 0.56081
published_at 2026-04-04T12:55:00Z
7
value 0.00332
scoring_system epss
scoring_elements 0.56059
published_at 2026-04-07T12:55:00Z
8
value 0.00332
scoring_system epss
scoring_elements 0.5611
published_at 2026-04-08T12:55:00Z
9
value 0.00332
scoring_system epss
scoring_elements 0.56116
published_at 2026-04-09T12:55:00Z
10
value 0.00332
scoring_system epss
scoring_elements 0.56127
published_at 2026-04-11T12:55:00Z
11
value 0.00332
scoring_system epss
scoring_elements 0.56104
published_at 2026-04-12T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2021-23976
1
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 6.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:C/C:L/I:H/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
2
reference_url https://security.archlinux.org/AVG-1600
reference_id AVG-1600
reference_type
scores
0
value Medium
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-1600
3
reference_url https://security.gentoo.org/glsa/202104-10
reference_id GLSA-202104-10
reference_type
scores
url https://security.gentoo.org/glsa/202104-10
4
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2021-07
reference_id mfsa2021-07
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2021-07
fixed_packages
0
url pkg:deb/debian/firefox@150.0-1?distro=sid
purl pkg:deb/debian/firefox@150.0-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@150.0-1%3Fdistro=sid
1
url pkg:deb/debian/firefox@0?distro=sid
purl pkg:deb/debian/firefox@0?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@0%3Fdistro=sid
2
url pkg:deb/debian/firefox@149.0-1?distro=sid
purl pkg:deb/debian/firefox@149.0-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0-1%3Fdistro=sid
3
url pkg:deb/debian/firefox@149.0.2-1?distro=sid
purl pkg:deb/debian/firefox@149.0.2-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0.2-1%3Fdistro=sid
aliases CVE-2021-23976
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-jeja-pgsz-2uaq
143
url VCID-jf6r-vdhm-tyfr
vulnerability_id VCID-jf6r-vdhm-tyfr
summary An XSS bug in internal error pages could have led to various spoofing attacks, including other error pages and the address bar.*Note: This issue only affected Firefox for Android. Other operating systems are unaffected.*
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2021-23959
reference_id
reference_type
scores
0
value 0.003
scoring_system epss
scoring_elements 0.53408
published_at 2026-04-21T12:55:00Z
1
value 0.003
scoring_system epss
scoring_elements 0.533
published_at 2026-04-01T12:55:00Z
2
value 0.003
scoring_system epss
scoring_elements 0.53422
published_at 2026-04-16T12:55:00Z
3
value 0.003
scoring_system epss
scoring_elements 0.53428
published_at 2026-04-18T12:55:00Z
4
value 0.003
scoring_system epss
scoring_elements 0.53322
published_at 2026-04-02T12:55:00Z
5
value 0.003
scoring_system epss
scoring_elements 0.53349
published_at 2026-04-04T12:55:00Z
6
value 0.003
scoring_system epss
scoring_elements 0.53319
published_at 2026-04-07T12:55:00Z
7
value 0.003
scoring_system epss
scoring_elements 0.53371
published_at 2026-04-08T12:55:00Z
8
value 0.003
scoring_system epss
scoring_elements 0.53366
published_at 2026-04-09T12:55:00Z
9
value 0.003
scoring_system epss
scoring_elements 0.53417
published_at 2026-04-11T12:55:00Z
10
value 0.003
scoring_system epss
scoring_elements 0.53401
published_at 2026-04-12T12:55:00Z
11
value 0.003
scoring_system epss
scoring_elements 0.53385
published_at 2026-04-13T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2021-23959
1
reference_url https://security.archlinux.org/AVG-1493
reference_id AVG-1493
reference_type
scores
0
value Medium
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-1493
2
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2021-03
reference_id mfsa2021-03
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2021-03
fixed_packages
0
url pkg:deb/debian/firefox@150.0-1?distro=sid
purl pkg:deb/debian/firefox@150.0-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@150.0-1%3Fdistro=sid
1
url pkg:deb/debian/firefox@0?distro=sid
purl pkg:deb/debian/firefox@0?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@0%3Fdistro=sid
2
url pkg:deb/debian/firefox@149.0-1?distro=sid
purl pkg:deb/debian/firefox@149.0-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0-1%3Fdistro=sid
3
url pkg:deb/debian/firefox@149.0.2-1?distro=sid
purl pkg:deb/debian/firefox@149.0.2-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0.2-1%3Fdistro=sid
aliases CVE-2021-23959
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-jf6r-vdhm-tyfr
144
url VCID-jjqk-qjcz-sudp
vulnerability_id VCID-jjqk-qjcz-sudp
summary A use-after-free can occur during buffer storage operations within the ANGLE graphics library, used for WebGL content. The buffer storage can be freed while still in use in some circumstances, leading to a potentially exploitable crash. *Note: This issue is in libGLES, which is only in use on Windows. Other operating systems are not affected.*
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2017-5411
reference_id
reference_type
scores
0
value 0.00736
scoring_system epss
scoring_elements 0.7285
published_at 2026-04-21T12:55:00Z
1
value 0.00736
scoring_system epss
scoring_elements 0.72832
published_at 2026-04-11T12:55:00Z
2
value 0.00736
scoring_system epss
scoring_elements 0.72815
published_at 2026-04-12T12:55:00Z
3
value 0.00736
scoring_system epss
scoring_elements 0.72806
published_at 2026-04-13T12:55:00Z
4
value 0.00736
scoring_system epss
scoring_elements 0.72848
published_at 2026-04-16T12:55:00Z
5
value 0.00736
scoring_system epss
scoring_elements 0.72858
published_at 2026-04-18T12:55:00Z
6
value 0.00736
scoring_system epss
scoring_elements 0.72752
published_at 2026-04-01T12:55:00Z
7
value 0.00736
scoring_system epss
scoring_elements 0.72759
published_at 2026-04-02T12:55:00Z
8
value 0.00736
scoring_system epss
scoring_elements 0.72779
published_at 2026-04-04T12:55:00Z
9
value 0.00736
scoring_system epss
scoring_elements 0.72755
published_at 2026-04-07T12:55:00Z
10
value 0.00736
scoring_system epss
scoring_elements 0.72794
published_at 2026-04-08T12:55:00Z
11
value 0.00736
scoring_system epss
scoring_elements 0.72807
published_at 2026-04-09T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2017-5411
1
reference_url https://bugzilla.mozilla.org/show_bug.cgi?id=1325511
reference_id
reference_type
scores
url https://bugzilla.mozilla.org/show_bug.cgi?id=1325511
2
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 6.8
scoring_system cvssv2
scoring_elements AV:N/AC:M/Au:N/C:P/I:P/A:P
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
3
reference_url https://www.mozilla.org/security/advisories/mfsa2017-05/
reference_id
reference_type
scores
url https://www.mozilla.org/security/advisories/mfsa2017-05/
4
reference_url https://www.mozilla.org/security/advisories/mfsa2017-09/
reference_id
reference_type
scores
url https://www.mozilla.org/security/advisories/mfsa2017-09/
5
reference_url http://www.securityfocus.com/bid/96692
reference_id
reference_type
scores
url http://www.securityfocus.com/bid/96692
6
reference_url http://www.securitytracker.com/id/1037966
reference_id
reference_type
scores
url http://www.securitytracker.com/id/1037966
7
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*
reference_id cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*
8
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*
reference_id cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*
9
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*
reference_id cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*
10
reference_url https://nvd.nist.gov/vuln/detail/CVE-2017-5411
reference_id CVE-2017-5411
reference_type
scores
0
value 5.0
scoring_system cvssv2
scoring_elements AV:N/AC:L/Au:N/C:N/I:N/A:P
1
value 7.5
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
url https://nvd.nist.gov/vuln/detail/CVE-2017-5411
11
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2017-05
reference_id mfsa2017-05
reference_type
scores
0
value critical
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2017-05
12
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2017-09
reference_id mfsa2017-09
reference_type
scores
0
value critical
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2017-09
fixed_packages
0
url pkg:deb/debian/firefox@150.0-1?distro=sid
purl pkg:deb/debian/firefox@150.0-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@150.0-1%3Fdistro=sid
1
url pkg:deb/debian/firefox@0?distro=sid
purl pkg:deb/debian/firefox@0?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@0%3Fdistro=sid
2
url pkg:deb/debian/firefox@149.0-1?distro=sid
purl pkg:deb/debian/firefox@149.0-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0-1%3Fdistro=sid
3
url pkg:deb/debian/firefox@149.0.2-1?distro=sid
purl pkg:deb/debian/firefox@149.0.2-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0.2-1%3Fdistro=sid
aliases CVE-2017-5411
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-jjqk-qjcz-sudp
145
url VCID-jxq3-3gzd-yycp
vulnerability_id VCID-jxq3-3gzd-yycp
summary 
Multiple vulnerabilities have been found in Mozilla Firefox and
    Thunderbird the worst of which could lead to the execution of arbitrary
    code.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2016-5294
reference_id
reference_type
scores
0
value 0.00071
scoring_system epss
scoring_elements 0.21786
published_at 2026-04-21T12:55:00Z
1
value 0.00071
scoring_system epss
scoring_elements 0.21911
published_at 2026-04-11T12:55:00Z
2
value 0.00071
scoring_system epss
scoring_elements 0.2187
published_at 2026-04-12T12:55:00Z
3
value 0.00071
scoring_system epss
scoring_elements 0.21813
published_at 2026-04-13T12:55:00Z
4
value 0.00071
scoring_system epss
scoring_elements 0.21816
published_at 2026-04-16T12:55:00Z
5
value 0.00071
scoring_system epss
scoring_elements 0.21822
published_at 2026-04-18T12:55:00Z
6
value 0.00071
scoring_system epss
scoring_elements 0.21782
published_at 2026-04-01T12:55:00Z
7
value 0.00071
scoring_system epss
scoring_elements 0.21947
published_at 2026-04-02T12:55:00Z
8
value 0.00071
scoring_system epss
scoring_elements 0.22001
published_at 2026-04-04T12:55:00Z
9
value 0.00071
scoring_system epss
scoring_elements 0.21766
published_at 2026-04-07T12:55:00Z
10
value 0.00071
scoring_system epss
scoring_elements 0.21843
published_at 2026-04-08T12:55:00Z
11
value 0.00071
scoring_system epss
scoring_elements 0.21899
published_at 2026-04-09T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2016-5294
1
reference_url https://bugzilla.mozilla.org/show_bug.cgi?id=1246972
reference_id
reference_type
scores
url https://bugzilla.mozilla.org/show_bug.cgi?id=1246972
2
reference_url https://www.mozilla.org/security/advisories/mfsa2016-89/
reference_id
reference_type
scores
url https://www.mozilla.org/security/advisories/mfsa2016-89/
3
reference_url https://www.mozilla.org/security/advisories/mfsa2016-90/
reference_id
reference_type
scores
url https://www.mozilla.org/security/advisories/mfsa2016-90/
4
reference_url https://www.mozilla.org/security/advisories/mfsa2016-93/
reference_id
reference_type
scores
url https://www.mozilla.org/security/advisories/mfsa2016-93/
5
reference_url http://www.securityfocus.com/bid/94336
reference_id
reference_type
scores
url http://www.securityfocus.com/bid/94336
6
reference_url http://www.securitytracker.com/id/1037298
reference_id
reference_type
scores
url http://www.securitytracker.com/id/1037298
7
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*
reference_id cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*
8
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*
reference_id cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*
9
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*
reference_id cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*
10
reference_url https://nvd.nist.gov/vuln/detail/CVE-2016-5294
reference_id CVE-2016-5294
reference_type
scores
0
value 2.1
scoring_system cvssv2
scoring_elements AV:L/AC:L/Au:N/C:N/I:P/A:N
1
value 5.5
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N
url https://nvd.nist.gov/vuln/detail/CVE-2016-5294
11
reference_url https://security.gentoo.org/glsa/201701-15
reference_id GLSA-201701-15
reference_type
scores
url https://security.gentoo.org/glsa/201701-15
12
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2016-89
reference_id mfsa2016-89
reference_type
scores
0
value critical
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2016-89
13
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2016-90
reference_id mfsa2016-90
reference_type
scores
0
value critical
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2016-90
14
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2016-93
reference_id mfsa2016-93
reference_type
scores
0
value critical
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2016-93
fixed_packages
0
url pkg:deb/debian/firefox@150.0-1?distro=sid
purl pkg:deb/debian/firefox@150.0-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@150.0-1%3Fdistro=sid
1
url pkg:deb/debian/firefox@0?distro=sid
purl pkg:deb/debian/firefox@0?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@0%3Fdistro=sid
2
url pkg:deb/debian/firefox@149.0-1?distro=sid
purl pkg:deb/debian/firefox@149.0-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0-1%3Fdistro=sid
3
url pkg:deb/debian/firefox@149.0.2-1?distro=sid
purl pkg:deb/debian/firefox@149.0.2-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0.2-1%3Fdistro=sid
aliases CVE-2016-5294
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-jxq3-3gzd-yycp
146
url VCID-jxwt-d17p-1fgk
vulnerability_id VCID-jxwt-d17p-1fgk
summary When visiting a website with an overly long URL, the user interface would start to hang. Due to session restore, this could lead to a permanent Denial of Service.*This bug only affects Firefox for Android. Other operating systems are unaffected.*
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2022-36317
reference_id
reference_type
scores
0
value 0.00268
scoring_system epss
scoring_elements 0.5029
published_at 2026-04-21T12:55:00Z
1
value 0.00268
scoring_system epss
scoring_elements 0.50257
published_at 2026-04-02T12:55:00Z
2
value 0.00268
scoring_system epss
scoring_elements 0.50309
published_at 2026-04-11T12:55:00Z
3
value 0.00268
scoring_system epss
scoring_elements 0.50283
published_at 2026-04-12T12:55:00Z
4
value 0.00268
scoring_system epss
scoring_elements 0.50271
published_at 2026-04-13T12:55:00Z
5
value 0.00268
scoring_system epss
scoring_elements 0.50315
published_at 2026-04-16T12:55:00Z
6
value 0.00268
scoring_system epss
scoring_elements 0.50316
published_at 2026-04-18T12:55:00Z
7
value 0.00268
scoring_system epss
scoring_elements 0.50287
published_at 2026-04-04T12:55:00Z
8
value 0.00268
scoring_system epss
scoring_elements 0.50236
published_at 2026-04-07T12:55:00Z
9
value 0.00268
scoring_system epss
scoring_elements 0.50289
published_at 2026-04-08T12:55:00Z
10
value 0.00268
scoring_system epss
scoring_elements 0.50282
published_at 2026-04-09T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2022-36317
1
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2022-28
reference_id mfsa2022-28
reference_type
scores
0
value none
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2022-28
2
reference_url https://www.mozilla.org/security/advisories/mfsa2022-28/
reference_id mfsa2022-28
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-15T17:09:04Z/
url https://www.mozilla.org/security/advisories/mfsa2022-28/
3
reference_url https://bugzilla.mozilla.org/show_bug.cgi?id=1759951
reference_id show_bug.cgi?id=1759951
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-15T17:09:04Z/
url https://bugzilla.mozilla.org/show_bug.cgi?id=1759951
fixed_packages
0
url pkg:deb/debian/firefox@150.0-1?distro=sid
purl pkg:deb/debian/firefox@150.0-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@150.0-1%3Fdistro=sid
1
url pkg:deb/debian/firefox@0?distro=sid
purl pkg:deb/debian/firefox@0?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@0%3Fdistro=sid
2
url pkg:deb/debian/firefox@149.0-1?distro=sid
purl pkg:deb/debian/firefox@149.0-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0-1%3Fdistro=sid
3
url pkg:deb/debian/firefox@149.0.2-1?distro=sid
purl pkg:deb/debian/firefox@149.0.2-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0.2-1%3Fdistro=sid
aliases CVE-2022-36317
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-jxwt-d17p-1fgk
147
url VCID-jz16-4ywn-u7h3
vulnerability_id VCID-jz16-4ywn-u7h3
summary Long pressing on a download link could potentially allow Javascript commands to be executed within the browser
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2024-43111
reference_id
reference_type
scores
0
value 0.00876
scoring_system epss
scoring_elements 0.75327
published_at 2026-04-21T12:55:00Z
1
value 0.00876
scoring_system epss
scoring_elements 0.75323
published_at 2026-04-11T12:55:00Z
2
value 0.00876
scoring_system epss
scoring_elements 0.75301
published_at 2026-04-12T12:55:00Z
3
value 0.00876
scoring_system epss
scoring_elements 0.7529
published_at 2026-04-13T12:55:00Z
4
value 0.00876
scoring_system epss
scoring_elements 0.75329
published_at 2026-04-16T12:55:00Z
5
value 0.00876
scoring_system epss
scoring_elements 0.75336
published_at 2026-04-18T12:55:00Z
6
value 0.00876
scoring_system epss
scoring_elements 0.7524
published_at 2026-04-02T12:55:00Z
7
value 0.00876
scoring_system epss
scoring_elements 0.75272
published_at 2026-04-04T12:55:00Z
8
value 0.00876
scoring_system epss
scoring_elements 0.75249
published_at 2026-04-07T12:55:00Z
9
value 0.00876
scoring_system epss
scoring_elements 0.75291
published_at 2026-04-08T12:55:00Z
10
value 0.00876
scoring_system epss
scoring_elements 0.75302
published_at 2026-04-09T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2024-43111
1
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2024-36
reference_id mfsa2024-36
reference_type
scores
0
value none
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2024-36
2
reference_url https://www.mozilla.org/security/advisories/mfsa2024-36/
reference_id mfsa2024-36
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-08-07T13:59:25Z/
url https://www.mozilla.org/security/advisories/mfsa2024-36/
3
reference_url https://bugzilla.mozilla.org/show_bug.cgi?id=1874907
reference_id show_bug.cgi?id=1874907
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-08-07T13:59:25Z/
url https://bugzilla.mozilla.org/show_bug.cgi?id=1874907
fixed_packages
0
url pkg:deb/debian/firefox@150.0-1?distro=sid
purl pkg:deb/debian/firefox@150.0-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@150.0-1%3Fdistro=sid
1
url pkg:deb/debian/firefox@0?distro=sid
purl pkg:deb/debian/firefox@0?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@0%3Fdistro=sid
2
url pkg:deb/debian/firefox@149.0-1?distro=sid
purl pkg:deb/debian/firefox@149.0-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0-1%3Fdistro=sid
3
url pkg:deb/debian/firefox@149.0.2-1?distro=sid
purl pkg:deb/debian/firefox@149.0.2-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0.2-1%3Fdistro=sid
aliases CVE-2024-43111
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-jz16-4ywn-u7h3
148
url VCID-k813-qahc-ubf4
vulnerability_id VCID-k813-qahc-ubf4
summary 
Security researcher Aral reported an out-of-bounds write when using
the ANGLE graphics library, which is used for WebGL content on Windows systems. This crash
occurs due to improper size checking while writing to an array during some WebGL shader
operations.
The ANGLE graphics library is only used on Windows. Linux, OS X, and
Android operating systems are not affected by this vulnerability.
references
0
reference_url http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00014.html
reference_id
reference_type
scores
url http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00014.html
1
reference_url http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00016.html
reference_id
reference_type
scores
url http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00016.html
2
reference_url http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00055.html
reference_id
reference_type
scores
url http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00055.html
3
reference_url https://api.first.org/data/v1/epss?cve=CVE-2016-2824
reference_id
reference_type
scores
0
value 0.00696
scoring_system epss
scoring_elements 0.71942
published_at 2026-04-21T12:55:00Z
1
value 0.00696
scoring_system epss
scoring_elements 0.71874
published_at 2026-04-01T12:55:00Z
2
value 0.00696
scoring_system epss
scoring_elements 0.71945
published_at 2026-04-11T12:55:00Z
3
value 0.00696
scoring_system epss
scoring_elements 0.71928
published_at 2026-04-12T12:55:00Z
4
value 0.00696
scoring_system epss
scoring_elements 0.71953
published_at 2026-04-16T12:55:00Z
5
value 0.00696
scoring_system epss
scoring_elements 0.71957
published_at 2026-04-18T12:55:00Z
6
value 0.00696
scoring_system epss
scoring_elements 0.71881
published_at 2026-04-02T12:55:00Z
7
value 0.00696
scoring_system epss
scoring_elements 0.719
published_at 2026-04-04T12:55:00Z
8
value 0.00696
scoring_system epss
scoring_elements 0.71872
published_at 2026-04-07T12:55:00Z
9
value 0.00696
scoring_system epss
scoring_elements 0.71911
published_at 2026-04-13T12:55:00Z
10
value 0.00696
scoring_system epss
scoring_elements 0.71922
published_at 2026-04-09T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2016-2824
4
reference_url https://bugzilla.mozilla.org/show_bug.cgi?id=1248580
reference_id
reference_type
scores
url https://bugzilla.mozilla.org/show_bug.cgi?id=1248580
5
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 6.8
scoring_system cvssv2
scoring_elements AV:N/AC:M/Au:N/C:P/I:P/A:P
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
6
reference_url http://www.mozilla.org/security/announce/2016/mfsa2016-53.html
reference_id
reference_type
scores
url http://www.mozilla.org/security/announce/2016/mfsa2016-53.html
7
reference_url http://www.securityfocus.com/bid/91075
reference_id
reference_type
scores
url http://www.securityfocus.com/bid/91075
8
reference_url http://www.securitytracker.com/id/1036057
reference_id
reference_type
scores
url http://www.securitytracker.com/id/1036057
9
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*
reference_id cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*
10
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:45.1.0:*:*:*:*:*:*:*
reference_id cpe:2.3:a:mozilla:firefox:45.1.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:45.1.0:*:*:*:*:*:*:*
11
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:45.1.1:*:*:*:*:*:*:*
reference_id cpe:2.3:a:mozilla:firefox:45.1.1:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:45.1.1:*:*:*:*:*:*:*
12
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*
reference_id cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*
13
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:42.1:*:*:*:*:*:*:*
reference_id cpe:2.3:o:opensuse:leap:42.1:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:42.1:*:*:*:*:*:*:*
14
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*
reference_id cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*
15
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*
reference_id cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*
16
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2824
reference_id CVE-2016-2824
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2824
17
reference_url https://nvd.nist.gov/vuln/detail/CVE-2016-2824
reference_id CVE-2016-2824
reference_type
scores
0
value 6.8
scoring_system cvssv2
scoring_elements AV:N/AC:M/Au:N/C:P/I:P/A:P
1
value 8.8
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
url https://nvd.nist.gov/vuln/detail/CVE-2016-2824
18
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2016-53
reference_id mfsa2016-53
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2016-53
fixed_packages
0
url pkg:deb/debian/firefox@150.0-1?distro=sid
purl pkg:deb/debian/firefox@150.0-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@150.0-1%3Fdistro=sid
1
url pkg:deb/debian/firefox@0?distro=sid
purl pkg:deb/debian/firefox@0?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@0%3Fdistro=sid
2
url pkg:deb/debian/firefox@149.0-1?distro=sid
purl pkg:deb/debian/firefox@149.0-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0-1%3Fdistro=sid
3
url pkg:deb/debian/firefox@149.0.2-1?distro=sid
purl pkg:deb/debian/firefox@149.0.2-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0.2-1%3Fdistro=sid
aliases CVE-2016-2824
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-k813-qahc-ubf4
149
url VCID-keec-2paa-qqe6
vulnerability_id VCID-keec-2paa-qqe6
summary The location bar in Firefox for Android can be spoofed by forcing a user into fullscreen mode, blocking its exiting, and creating of a fake location bar without any user notification. *Note: This issue only affects Firefox for Android. Other versions and operating systems are unaffected.*
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2016-9065
reference_id
reference_type
scores
0
value 0.0077
scoring_system epss
scoring_elements 0.73559
published_at 2026-04-21T12:55:00Z
1
value 0.0077
scoring_system epss
scoring_elements 0.73462
published_at 2026-04-01T12:55:00Z
2
value 0.0077
scoring_system epss
scoring_elements 0.73512
published_at 2026-04-13T12:55:00Z
3
value 0.0077
scoring_system epss
scoring_elements 0.73555
published_at 2026-04-16T12:55:00Z
4
value 0.0077
scoring_system epss
scoring_elements 0.73565
published_at 2026-04-18T12:55:00Z
5
value 0.0077
scoring_system epss
scoring_elements 0.73471
published_at 2026-04-02T12:55:00Z
6
value 0.0077
scoring_system epss
scoring_elements 0.73493
published_at 2026-04-04T12:55:00Z
7
value 0.0077
scoring_system epss
scoring_elements 0.73465
published_at 2026-04-07T12:55:00Z
8
value 0.0077
scoring_system epss
scoring_elements 0.73501
published_at 2026-04-08T12:55:00Z
9
value 0.0077
scoring_system epss
scoring_elements 0.73515
published_at 2026-04-09T12:55:00Z
10
value 0.0077
scoring_system epss
scoring_elements 0.73538
published_at 2026-04-11T12:55:00Z
11
value 0.0077
scoring_system epss
scoring_elements 0.73519
published_at 2026-04-12T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2016-9065
1
reference_url https://bugzilla.mozilla.org/show_bug.cgi?id=1306696
reference_id
reference_type
scores
url https://bugzilla.mozilla.org/show_bug.cgi?id=1306696
2
reference_url https://www.mozilla.org/security/advisories/mfsa2016-89/
reference_id
reference_type
scores
url https://www.mozilla.org/security/advisories/mfsa2016-89/
3
reference_url http://www.securityfocus.com/bid/94342
reference_id
reference_type
scores
url http://www.securityfocus.com/bid/94342
4
reference_url http://www.securitytracker.com/id/1037298
reference_id
reference_type
scores
url http://www.securitytracker.com/id/1037298
5
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*
reference_id cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*
6
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:google:android:-:*:*:*:*:*:*:*
reference_id cpe:2.3:o:google:android:-:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:google:android:-:*:*:*:*:*:*:*
7
reference_url https://nvd.nist.gov/vuln/detail/CVE-2016-9065
reference_id CVE-2016-9065
reference_type
scores
0
value 5.0
scoring_system cvssv2
scoring_elements AV:N/AC:L/Au:N/C:N/I:P/A:N
1
value 7.5
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
url https://nvd.nist.gov/vuln/detail/CVE-2016-9065
8
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2016-89
reference_id mfsa2016-89
reference_type
scores
0
value critical
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2016-89
fixed_packages
0
url pkg:deb/debian/firefox@150.0-1?distro=sid
purl pkg:deb/debian/firefox@150.0-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@150.0-1%3Fdistro=sid
1
url pkg:deb/debian/firefox@0?distro=sid
purl pkg:deb/debian/firefox@0?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@0%3Fdistro=sid
2
url pkg:deb/debian/firefox@149.0-1?distro=sid
purl pkg:deb/debian/firefox@149.0-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0-1%3Fdistro=sid
3
url pkg:deb/debian/firefox@149.0.2-1?distro=sid
purl pkg:deb/debian/firefox@149.0.2-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0.2-1%3Fdistro=sid
aliases CVE-2016-9065
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-keec-2paa-qqe6
150
url VCID-khm6-vuzx-zfeg
vulnerability_id VCID-khm6-vuzx-zfeg
summary A potential use-after-free in libaudio was fixed by disabling the AAudio backend when running on Android API below version 30.*This bug only affects Firefox for Android. Other versions of Firefox are unaffected.*
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2023-25747
reference_id
reference_type
scores
0
value 0.00231
scoring_system epss
scoring_elements 0.45929
published_at 2026-04-08T12:55:00Z
1
value 0.00231
scoring_system epss
scoring_elements 0.45903
published_at 2026-04-02T12:55:00Z
2
value 0.00231
scoring_system epss
scoring_elements 0.45927
published_at 2026-04-13T12:55:00Z
3
value 0.00231
scoring_system epss
scoring_elements 0.45919
published_at 2026-04-12T12:55:00Z
4
value 0.00231
scoring_system epss
scoring_elements 0.45949
published_at 2026-04-11T12:55:00Z
5
value 0.00231
scoring_system epss
scoring_elements 0.45926
published_at 2026-04-09T12:55:00Z
6
value 0.00231
scoring_system epss
scoring_elements 0.45924
published_at 2026-04-04T12:55:00Z
7
value 0.00231
scoring_system epss
scoring_elements 0.45873
published_at 2026-04-07T12:55:00Z
8
value 0.00246
scoring_system epss
scoring_elements 0.47935
published_at 2026-04-21T12:55:00Z
9
value 0.00246
scoring_system epss
scoring_elements 0.47985
published_at 2026-04-16T12:55:00Z
10
value 0.00246
scoring_system epss
scoring_elements 0.4798
published_at 2026-04-18T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2023-25747
1
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2023-08
reference_id mfsa2023-08
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2023-08
2
reference_url https://www.mozilla.org/security/advisories/mfsa2023-08/
reference_id mfsa2023-08
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-12-11T16:00:40Z/
url https://www.mozilla.org/security/advisories/mfsa2023-08/
3
reference_url https://bugzilla.mozilla.org/show_bug.cgi?id=1815801
reference_id show_bug.cgi?id=1815801
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-12-11T16:00:40Z/
url https://bugzilla.mozilla.org/show_bug.cgi?id=1815801
fixed_packages
0
url pkg:deb/debian/firefox@150.0-1?distro=sid
purl pkg:deb/debian/firefox@150.0-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@150.0-1%3Fdistro=sid
1
url pkg:deb/debian/firefox@0?distro=sid
purl pkg:deb/debian/firefox@0?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@0%3Fdistro=sid
2
url pkg:deb/debian/firefox@149.0-1?distro=sid
purl pkg:deb/debian/firefox@149.0-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0-1%3Fdistro=sid
3
url pkg:deb/debian/firefox@149.0.2-1?distro=sid
purl pkg:deb/debian/firefox@149.0.2-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0.2-1%3Fdistro=sid
aliases CVE-2023-25747
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-khm6-vuzx-zfeg
151
url VCID-kr94-y6hg-d3hp
vulnerability_id VCID-kr94-y6hg-d3hp
summary 
Multiple vulnerabilities have been found in Mozilla Firefox, the
    worst of which may allow execution of arbitrary code.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-6799.json
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-6799.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2020-6799
reference_id
reference_type
scores
0
value 0.00474
scoring_system epss
scoring_elements 0.64787
published_at 2026-04-21T12:55:00Z
1
value 0.00474
scoring_system epss
scoring_elements 0.64751
published_at 2026-04-13T12:55:00Z
2
value 0.00474
scoring_system epss
scoring_elements 0.64789
published_at 2026-04-16T12:55:00Z
3
value 0.00474
scoring_system epss
scoring_elements 0.64799
published_at 2026-04-18T12:55:00Z
4
value 0.00474
scoring_system epss
scoring_elements 0.64672
published_at 2026-04-01T12:55:00Z
5
value 0.00474
scoring_system epss
scoring_elements 0.64724
published_at 2026-04-02T12:55:00Z
6
value 0.00474
scoring_system epss
scoring_elements 0.64752
published_at 2026-04-04T12:55:00Z
7
value 0.00474
scoring_system epss
scoring_elements 0.6471
published_at 2026-04-07T12:55:00Z
8
value 0.00474
scoring_system epss
scoring_elements 0.64758
published_at 2026-04-08T12:55:00Z
9
value 0.00474
scoring_system epss
scoring_elements 0.64773
published_at 2026-04-09T12:55:00Z
10
value 0.00474
scoring_system epss
scoring_elements 0.6479
published_at 2026-04-11T12:55:00Z
11
value 0.00474
scoring_system epss
scoring_elements 0.64778
published_at 2026-04-12T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2020-6799
2
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
3
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1801919
reference_id 1801919
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1801919
4
reference_url https://security.gentoo.org/glsa/202003-02
reference_id GLSA-202003-02
reference_type
scores
url https://security.gentoo.org/glsa/202003-02
5
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2020-05
reference_id mfsa2020-05
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2020-05
6
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2020-06
reference_id mfsa2020-06
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2020-06
fixed_packages
0
url pkg:deb/debian/firefox@150.0-1?distro=sid
purl pkg:deb/debian/firefox@150.0-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@150.0-1%3Fdistro=sid
1
url pkg:deb/debian/firefox@0?distro=sid
purl pkg:deb/debian/firefox@0?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@0%3Fdistro=sid
2
url pkg:deb/debian/firefox@149.0-1?distro=sid
purl pkg:deb/debian/firefox@149.0-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0-1%3Fdistro=sid
3
url pkg:deb/debian/firefox@149.0.2-1?distro=sid
purl pkg:deb/debian/firefox@149.0.2-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0.2-1%3Fdistro=sid
aliases CVE-2020-6799
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-kr94-y6hg-d3hp
152
url VCID-krg2-d4vy-z7fu
vulnerability_id VCID-krg2-d4vy-z7fu
summary During the initialization of a new content process, a pointer offset can be manipulated leading to memory corruption and a potentially exploitable crash in the parent process. *Note: this issue only occurs on Windows. Other operating systems are unaffected.*
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-17015.json
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-17015.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2019-17015
reference_id
reference_type
scores
0
value 0.00932
scoring_system epss
scoring_elements 0.76148
published_at 2026-04-21T12:55:00Z
1
value 0.00932
scoring_system epss
scoring_elements 0.7612
published_at 2026-04-13T12:55:00Z
2
value 0.00932
scoring_system epss
scoring_elements 0.76161
published_at 2026-04-16T12:55:00Z
3
value 0.00932
scoring_system epss
scoring_elements 0.76165
published_at 2026-04-18T12:55:00Z
4
value 0.00932
scoring_system epss
scoring_elements 0.76061
published_at 2026-04-01T12:55:00Z
5
value 0.00932
scoring_system epss
scoring_elements 0.76064
published_at 2026-04-02T12:55:00Z
6
value 0.00932
scoring_system epss
scoring_elements 0.76096
published_at 2026-04-04T12:55:00Z
7
value 0.00932
scoring_system epss
scoring_elements 0.76075
published_at 2026-04-07T12:55:00Z
8
value 0.00932
scoring_system epss
scoring_elements 0.76109
published_at 2026-04-08T12:55:00Z
9
value 0.00932
scoring_system epss
scoring_elements 0.76122
published_at 2026-04-09T12:55:00Z
10
value 0.00932
scoring_system epss
scoring_elements 0.76147
published_at 2026-04-11T12:55:00Z
11
value 0.00932
scoring_system epss
scoring_elements 0.76123
published_at 2026-04-12T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2019-17015
2
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1788722
reference_id 1788722
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1788722
3
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2020-01
reference_id mfsa2020-01
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2020-01
4
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2020-02
reference_id mfsa2020-02
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2020-02
5
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2020-04
reference_id mfsa2020-04
reference_type
scores
0
value critical
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2020-04
fixed_packages
0
url pkg:deb/debian/firefox@150.0-1?distro=sid
purl pkg:deb/debian/firefox@150.0-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@150.0-1%3Fdistro=sid
1
url pkg:deb/debian/firefox@0?distro=sid
purl pkg:deb/debian/firefox@0?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@0%3Fdistro=sid
2
url pkg:deb/debian/firefox@149.0-1?distro=sid
purl pkg:deb/debian/firefox@149.0-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0-1%3Fdistro=sid
3
url pkg:deb/debian/firefox@149.0.2-1?distro=sid
purl pkg:deb/debian/firefox@149.0.2-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0.2-1%3Fdistro=sid
aliases CVE-2019-17015
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-krg2-d4vy-z7fu
153
url VCID-m4hs-41n2-8bbz
vulnerability_id VCID-m4hs-41n2-8bbz
summary Malicious pages could use Firefox for Android to pass FIDO: links to the OS and trigger the "hybrid" passkey transport. An attacker within Bluetooth range could have used this to trick the user into using their passkey to log the attacker's computer into the target account.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2024-9956
reference_id
reference_type
scores
0
value 0.0002
scoring_system epss
scoring_elements 0.05626
published_at 2026-04-21T12:55:00Z
1
value 0.0002
scoring_system epss
scoring_elements 0.0555
published_at 2026-04-09T12:55:00Z
2
value 0.0002
scoring_system epss
scoring_elements 0.05524
published_at 2026-04-11T12:55:00Z
3
value 0.0002
scoring_system epss
scoring_elements 0.05511
published_at 2026-04-12T12:55:00Z
4
value 0.0002
scoring_system epss
scoring_elements 0.05504
published_at 2026-04-13T12:55:00Z
5
value 0.0002
scoring_system epss
scoring_elements 0.05463
published_at 2026-04-18T12:55:00Z
6
value 0.0002
scoring_system epss
scoring_elements 0.05455
published_at 2026-04-16T12:55:00Z
7
value 0.0002
scoring_system epss
scoring_elements 0.05489
published_at 2026-04-04T12:55:00Z
8
value 0.0002
scoring_system epss
scoring_elements 0.05492
published_at 2026-04-07T12:55:00Z
9
value 0.0002
scoring_system epss
scoring_elements 0.05528
published_at 2026-04-08T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2024-9956
1
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-9956
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-9956
2
reference_url https://issues.chromium.org/issues/370482421
reference_id 370482421
reference_type
scores
0
value 7.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-16T20:01:37Z/
url https://issues.chromium.org/issues/370482421
3
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2025-14
reference_id mfsa2025-14
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2025-14
4
reference_url https://chromereleases.googleblog.com/2024/10/stable-channel-update-for-desktop_15.html
reference_id stable-channel-update-for-desktop_15.html
reference_type
scores
0
value 7.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-16T20:01:37Z/
url https://chromereleases.googleblog.com/2024/10/stable-channel-update-for-desktop_15.html
fixed_packages
0
url pkg:deb/debian/firefox@150.0-1?distro=sid
purl pkg:deb/debian/firefox@150.0-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@150.0-1%3Fdistro=sid
1
url pkg:deb/debian/firefox@0?distro=sid
purl pkg:deb/debian/firefox@0?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@0%3Fdistro=sid
2
url pkg:deb/debian/firefox@149.0-1?distro=sid
purl pkg:deb/debian/firefox@149.0-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0-1%3Fdistro=sid
3
url pkg:deb/debian/firefox@149.0.2-1?distro=sid
purl pkg:deb/debian/firefox@149.0.2-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0.2-1%3Fdistro=sid
aliases CVE-2024-9956
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-m4hs-41n2-8bbz
154
url VCID-m92a-91pv-dffv
vulnerability_id VCID-m92a-91pv-dffv
summary If a user downloaded a file lacking an extension on Windows, and then "Open"-ed it from the downloads panel, if there was an executable file in the downloads directory with the same name but with an executable extension (such as .bat or .exe) that executable would have been launched instead.*Note: This issue only affected Windows operating systems. Other operating systems are unaffected.*
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-35112.json
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-35112.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2020-35112
reference_id
reference_type
scores
0
value 0.00532
scoring_system epss
scoring_elements 0.67328
published_at 2026-04-21T12:55:00Z
1
value 0.00532
scoring_system epss
scoring_elements 0.67318
published_at 2026-04-08T12:55:00Z
2
value 0.00532
scoring_system epss
scoring_elements 0.67331
published_at 2026-04-09T12:55:00Z
3
value 0.00532
scoring_system epss
scoring_elements 0.67351
published_at 2026-04-11T12:55:00Z
4
value 0.00532
scoring_system epss
scoring_elements 0.67338
published_at 2026-04-16T12:55:00Z
5
value 0.00532
scoring_system epss
scoring_elements 0.67303
published_at 2026-04-13T12:55:00Z
6
value 0.00532
scoring_system epss
scoring_elements 0.6735
published_at 2026-04-18T12:55:00Z
7
value 0.00532
scoring_system epss
scoring_elements 0.67228
published_at 2026-04-01T12:55:00Z
8
value 0.00532
scoring_system epss
scoring_elements 0.67265
published_at 2026-04-02T12:55:00Z
9
value 0.00532
scoring_system epss
scoring_elements 0.67289
published_at 2026-04-04T12:55:00Z
10
value 0.00532
scoring_system epss
scoring_elements 0.67266
published_at 2026-04-07T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2020-35112
2
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
3
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1908028
reference_id 1908028
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1908028
4
reference_url https://security.archlinux.org/AVG-1364
reference_id AVG-1364
reference_type
scores
0
value Low
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-1364
5
reference_url https://security.archlinux.org/AVG-1366
reference_id AVG-1366
reference_type
scores
0
value Low
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-1366
6
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2020-54
reference_id mfsa2020-54
reference_type
scores
0
value critical
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2020-54
7
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2020-55
reference_id mfsa2020-55
reference_type
scores
0
value critical
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2020-55
8
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2020-56
reference_id mfsa2020-56
reference_type
scores
0
value critical
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2020-56
fixed_packages
0
url pkg:deb/debian/firefox@150.0-1?distro=sid
purl pkg:deb/debian/firefox@150.0-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@150.0-1%3Fdistro=sid
1
url pkg:deb/debian/firefox@0?distro=sid
purl pkg:deb/debian/firefox@0?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@0%3Fdistro=sid
2
url pkg:deb/debian/firefox@149.0-1?distro=sid
purl pkg:deb/debian/firefox@149.0-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0-1%3Fdistro=sid
3
url pkg:deb/debian/firefox@149.0.2-1?distro=sid
purl pkg:deb/debian/firefox@149.0.2-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0.2-1%3Fdistro=sid
aliases CVE-2020-35112
risk_score 4.5
exploitability 0.5
weighted_severity 9.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-m92a-91pv-dffv
155
url VCID-mj2t-phst-v7f8
vulnerability_id VCID-mj2t-phst-v7f8
summary 
Firefox for Android allowed navigations through the `intent://` protocol, which could be used to cause crashes and UI spoofs.
*This bug only affects Firefox for Android. Other operating systems are unaffected.*
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2021-29993
reference_id
reference_type
scores
0
value 0.00401
scoring_system epss
scoring_elements 0.60772
published_at 2026-04-21T12:55:00Z
1
value 0.00401
scoring_system epss
scoring_elements 0.60615
published_at 2026-04-01T12:55:00Z
2
value 0.00401
scoring_system epss
scoring_elements 0.60783
published_at 2026-04-16T12:55:00Z
3
value 0.00401
scoring_system epss
scoring_elements 0.60788
published_at 2026-04-18T12:55:00Z
4
value 0.00401
scoring_system epss
scoring_elements 0.6069
published_at 2026-04-02T12:55:00Z
5
value 0.00401
scoring_system epss
scoring_elements 0.60719
published_at 2026-04-04T12:55:00Z
6
value 0.00401
scoring_system epss
scoring_elements 0.60685
published_at 2026-04-07T12:55:00Z
7
value 0.00401
scoring_system epss
scoring_elements 0.60733
published_at 2026-04-08T12:55:00Z
8
value 0.00401
scoring_system epss
scoring_elements 0.60749
published_at 2026-04-09T12:55:00Z
9
value 0.00401
scoring_system epss
scoring_elements 0.60773
published_at 2026-04-11T12:55:00Z
10
value 0.00401
scoring_system epss
scoring_elements 0.6076
published_at 2026-04-12T12:55:00Z
11
value 0.00401
scoring_system epss
scoring_elements 0.60741
published_at 2026-04-13T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2021-29993
1
reference_url https://security.archlinux.org/AVG-2351
reference_id AVG-2351
reference_type
scores
0
value Medium
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-2351
2
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2021-38
reference_id mfsa2021-38
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2021-38
fixed_packages
0
url pkg:deb/debian/firefox@150.0-1?distro=sid
purl pkg:deb/debian/firefox@150.0-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@150.0-1%3Fdistro=sid
1
url pkg:deb/debian/firefox@0?distro=sid
purl pkg:deb/debian/firefox@0?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@0%3Fdistro=sid
2
url pkg:deb/debian/firefox@149.0-1?distro=sid
purl pkg:deb/debian/firefox@149.0-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0-1%3Fdistro=sid
3
url pkg:deb/debian/firefox@149.0.2-1?distro=sid
purl pkg:deb/debian/firefox@149.0.2-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0.2-1%3Fdistro=sid
aliases CVE-2021-29993
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-mj2t-phst-v7f8
156
url VCID-mp4n-ez8p-63ek
vulnerability_id VCID-mp4n-ez8p-63ek
summary Multiple vulnerabilities have been discovered in Mozilla Thunderbird, the worst of which could result in arbitrary code execution.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-28163.json
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-28163.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2023-28163
reference_id
reference_type
scores
0
value 0.00246
scoring_system epss
scoring_elements 0.47933
published_at 2026-04-21T12:55:00Z
1
value 0.00246
scoring_system epss
scoring_elements 0.47978
published_at 2026-04-18T12:55:00Z
2
value 0.00246
scoring_system epss
scoring_elements 0.47901
published_at 2026-04-02T12:55:00Z
3
value 0.00246
scoring_system epss
scoring_elements 0.47984
published_at 2026-04-16T12:55:00Z
4
value 0.00246
scoring_system epss
scoring_elements 0.47929
published_at 2026-04-13T12:55:00Z
5
value 0.00246
scoring_system epss
scoring_elements 0.4792
published_at 2026-04-12T12:55:00Z
6
value 0.00246
scoring_system epss
scoring_elements 0.47942
published_at 2026-04-11T12:55:00Z
7
value 0.00246
scoring_system epss
scoring_elements 0.47918
published_at 2026-04-09T12:55:00Z
8
value 0.00246
scoring_system epss
scoring_elements 0.47923
published_at 2026-04-08T12:55:00Z
9
value 0.00246
scoring_system epss
scoring_elements 0.47871
published_at 2026-04-07T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2023-28163
2
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2178468
reference_id 2178468
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2178468
3
reference_url https://security.gentoo.org/glsa/202305-35
reference_id GLSA-202305-35
reference_type
scores
url https://security.gentoo.org/glsa/202305-35
4
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2023-09
reference_id mfsa2023-09
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2023-09
5
reference_url https://www.mozilla.org/security/advisories/mfsa2023-09/
reference_id mfsa2023-09
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-09T15:17:13Z/
url https://www.mozilla.org/security/advisories/mfsa2023-09/
6
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2023-10
reference_id mfsa2023-10
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2023-10
7
reference_url https://www.mozilla.org/security/advisories/mfsa2023-10/
reference_id mfsa2023-10
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-09T15:17:13Z/
url https://www.mozilla.org/security/advisories/mfsa2023-10/
8
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2023-11
reference_id mfsa2023-11
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2023-11
9
reference_url https://www.mozilla.org/security/advisories/mfsa2023-11/
reference_id mfsa2023-11
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-09T15:17:13Z/
url https://www.mozilla.org/security/advisories/mfsa2023-11/
10
reference_url https://bugzilla.mozilla.org/show_bug.cgi?id=1817768
reference_id show_bug.cgi?id=1817768
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-09T15:17:13Z/
url https://bugzilla.mozilla.org/show_bug.cgi?id=1817768
fixed_packages
0
url pkg:deb/debian/firefox@150.0-1?distro=sid
purl pkg:deb/debian/firefox@150.0-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@150.0-1%3Fdistro=sid
1
url pkg:deb/debian/firefox@0?distro=sid
purl pkg:deb/debian/firefox@0?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@0%3Fdistro=sid
2
url pkg:deb/debian/firefox@149.0-1?distro=sid
purl pkg:deb/debian/firefox@149.0-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0-1%3Fdistro=sid
3
url pkg:deb/debian/firefox@149.0.2-1?distro=sid
purl pkg:deb/debian/firefox@149.0.2-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0.2-1%3Fdistro=sid
aliases CVE-2023-28163
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-mp4n-ez8p-63ek
157
url VCID-mpx9-1b8x-qkaj
vulnerability_id VCID-mpx9-1b8x-qkaj
summary A mechanism where disruption of the loading of a new web page can cause the previous page's favicon and SSL indicator to not be reset when the new page is loaded. *Note: this issue only affects Firefox for Android. Desktop Firefox is unaffected.*
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2016-5298
reference_id
reference_type
scores
0
value 0.00639
scoring_system epss
scoring_elements 0.70558
published_at 2026-04-21T12:55:00Z
1
value 0.00639
scoring_system epss
scoring_elements 0.70464
published_at 2026-04-01T12:55:00Z
2
value 0.00639
scoring_system epss
scoring_elements 0.70527
published_at 2026-04-13T12:55:00Z
3
value 0.00639
scoring_system epss
scoring_elements 0.70572
published_at 2026-04-16T12:55:00Z
4
value 0.00639
scoring_system epss
scoring_elements 0.7058
published_at 2026-04-18T12:55:00Z
5
value 0.00639
scoring_system epss
scoring_elements 0.70477
published_at 2026-04-02T12:55:00Z
6
value 0.00639
scoring_system epss
scoring_elements 0.70494
published_at 2026-04-04T12:55:00Z
7
value 0.00639
scoring_system epss
scoring_elements 0.70472
published_at 2026-04-07T12:55:00Z
8
value 0.00639
scoring_system epss
scoring_elements 0.70518
published_at 2026-04-08T12:55:00Z
9
value 0.00639
scoring_system epss
scoring_elements 0.70533
published_at 2026-04-09T12:55:00Z
10
value 0.00639
scoring_system epss
scoring_elements 0.70557
published_at 2026-04-11T12:55:00Z
11
value 0.00639
scoring_system epss
scoring_elements 0.70541
published_at 2026-04-12T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2016-5298
1
reference_url https://bugzilla.mozilla.org/show_bug.cgi?id=1227538
reference_id
reference_type
scores
url https://bugzilla.mozilla.org/show_bug.cgi?id=1227538
2
reference_url https://www.mozilla.org/security/advisories/mfsa2016-89/
reference_id
reference_type
scores
url https://www.mozilla.org/security/advisories/mfsa2016-89/
3
reference_url http://www.securityfocus.com/bid/94337
reference_id
reference_type
scores
url http://www.securityfocus.com/bid/94337
4
reference_url http://www.securitytracker.com/id/1037298
reference_id
reference_type
scores
url http://www.securitytracker.com/id/1037298
5
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*
reference_id cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*
6
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:google:android:-:*:*:*:*:*:*:*
reference_id cpe:2.3:o:google:android:-:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:google:android:-:*:*:*:*:*:*:*
7
reference_url https://nvd.nist.gov/vuln/detail/CVE-2016-5298
reference_id CVE-2016-5298
reference_type
scores
0
value 4.3
scoring_system cvssv2
scoring_elements AV:N/AC:M/Au:N/C:N/I:P/A:N
1
value 6.5
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N
url https://nvd.nist.gov/vuln/detail/CVE-2016-5298
8
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2016-89
reference_id mfsa2016-89
reference_type
scores
0
value critical
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2016-89
fixed_packages
0
url pkg:deb/debian/firefox@150.0-1?distro=sid
purl pkg:deb/debian/firefox@150.0-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@150.0-1%3Fdistro=sid
1
url pkg:deb/debian/firefox@0?distro=sid
purl pkg:deb/debian/firefox@0?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@0%3Fdistro=sid
2
url pkg:deb/debian/firefox@149.0-1?distro=sid
purl pkg:deb/debian/firefox@149.0-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0-1%3Fdistro=sid
3
url pkg:deb/debian/firefox@149.0.2-1?distro=sid
purl pkg:deb/debian/firefox@149.0.2-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0.2-1%3Fdistro=sid
aliases CVE-2016-5298
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-mpx9-1b8x-qkaj
158
url VCID-mqte-f1hw-2ya5
vulnerability_id VCID-mqte-f1hw-2ya5
summary Multiple vulnerabilities have been found in Mozilla Firefox, the worst of which could result in the arbitrary execution of code.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-22753.json
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-22753.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2022-22753
reference_id
reference_type
scores
0
value 0.00411
scoring_system epss
scoring_elements 0.61418
published_at 2026-04-21T12:55:00Z
1
value 0.00411
scoring_system epss
scoring_elements 0.61435
published_at 2026-04-18T12:55:00Z
2
value 0.00411
scoring_system epss
scoring_elements 0.61345
published_at 2026-04-02T12:55:00Z
3
value 0.00411
scoring_system epss
scoring_elements 0.61431
published_at 2026-04-16T12:55:00Z
4
value 0.00411
scoring_system epss
scoring_elements 0.61393
published_at 2026-04-13T12:55:00Z
5
value 0.00411
scoring_system epss
scoring_elements 0.61412
published_at 2026-04-12T12:55:00Z
6
value 0.00411
scoring_system epss
scoring_elements 0.61427
published_at 2026-04-11T12:55:00Z
7
value 0.00411
scoring_system epss
scoring_elements 0.61405
published_at 2026-04-09T12:55:00Z
8
value 0.00411
scoring_system epss
scoring_elements 0.6139
published_at 2026-04-08T12:55:00Z
9
value 0.00411
scoring_system epss
scoring_elements 0.61374
published_at 2026-04-04T12:55:00Z
10
value 0.00411
scoring_system epss
scoring_elements 0.61343
published_at 2026-04-07T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2022-22753
2
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2053241
reference_id 2053241
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2053241
3
reference_url https://security.gentoo.org/glsa/202202-03
reference_id GLSA-202202-03
reference_type
scores
url https://security.gentoo.org/glsa/202202-03
4
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2022-04
reference_id mfsa2022-04
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2022-04
5
reference_url https://www.mozilla.org/security/advisories/mfsa2022-04/
reference_id mfsa2022-04
reference_type
scores
0
value 7.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-16T14:47:11Z/
url https://www.mozilla.org/security/advisories/mfsa2022-04/
6
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2022-05
reference_id mfsa2022-05
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2022-05
7
reference_url https://www.mozilla.org/security/advisories/mfsa2022-05/
reference_id mfsa2022-05
reference_type
scores
0
value 7.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-16T14:47:11Z/
url https://www.mozilla.org/security/advisories/mfsa2022-05/
8
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2022-06
reference_id mfsa2022-06
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2022-06
9
reference_url https://www.mozilla.org/security/advisories/mfsa2022-06/
reference_id mfsa2022-06
reference_type
scores
0
value 7.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-16T14:47:11Z/
url https://www.mozilla.org/security/advisories/mfsa2022-06/
10
reference_url https://bugzilla.mozilla.org/show_bug.cgi?id=1732435
reference_id show_bug.cgi?id=1732435
reference_type
scores
0
value 7.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-16T14:47:11Z/
url https://bugzilla.mozilla.org/show_bug.cgi?id=1732435
fixed_packages
0
url pkg:deb/debian/firefox@150.0-1?distro=sid
purl pkg:deb/debian/firefox@150.0-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@150.0-1%3Fdistro=sid
1
url pkg:deb/debian/firefox@0?distro=sid
purl pkg:deb/debian/firefox@0?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@0%3Fdistro=sid
2
url pkg:deb/debian/firefox@149.0-1?distro=sid
purl pkg:deb/debian/firefox@149.0-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0-1%3Fdistro=sid
3
url pkg:deb/debian/firefox@149.0.2-1?distro=sid
purl pkg:deb/debian/firefox@149.0.2-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0.2-1%3Fdistro=sid
aliases CVE-2022-22753
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-mqte-f1hw-2ya5
159
url VCID-mqyc-vuqn-tfdg
vulnerability_id VCID-mqyc-vuqn-tfdg
summary Scanning certain QR codes that included text with a website URL could allow the URL to be opened without presenting the user with a confirmation alert first
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2025-27425
reference_id
reference_type
scores
0
value 0.00092
scoring_system epss
scoring_elements 0.25945
published_at 2026-04-11T12:55:00Z
1
value 0.00092
scoring_system epss
scoring_elements 0.26001
published_at 2026-04-02T12:55:00Z
2
value 0.00092
scoring_system epss
scoring_elements 0.26043
published_at 2026-04-04T12:55:00Z
3
value 0.00092
scoring_system epss
scoring_elements 0.25814
published_at 2026-04-07T12:55:00Z
4
value 0.00092
scoring_system epss
scoring_elements 0.25935
published_at 2026-04-09T12:55:00Z
5
value 0.00092
scoring_system epss
scoring_elements 0.25883
published_at 2026-04-08T12:55:00Z
6
value 0.00308
scoring_system epss
scoring_elements 0.54055
published_at 2026-04-18T12:55:00Z
7
value 0.00317
scoring_system epss
scoring_elements 0.54763
published_at 2026-04-21T12:55:00Z
8
value 0.00388
scoring_system epss
scoring_elements 0.59925
published_at 2026-04-12T12:55:00Z
9
value 0.00403
scoring_system epss
scoring_elements 0.60885
published_at 2026-04-16T12:55:00Z
10
value 0.00451
scoring_system epss
scoring_elements 0.6369
published_at 2026-04-13T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2025-27425
1
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2025-13
reference_id mfsa2025-13
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2025-13
2
reference_url https://www.mozilla.org/security/advisories/mfsa2025-13/
reference_id mfsa2025-13
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-03-04T15:24:39Z/
url https://www.mozilla.org/security/advisories/mfsa2025-13/
3
reference_url https://bugzilla.mozilla.org/show_bug.cgi?id=1941525
reference_id show_bug.cgi?id=1941525
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-03-04T15:24:39Z/
url https://bugzilla.mozilla.org/show_bug.cgi?id=1941525
fixed_packages
0
url pkg:deb/debian/firefox@150.0-1?distro=sid
purl pkg:deb/debian/firefox@150.0-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@150.0-1%3Fdistro=sid
1
url pkg:deb/debian/firefox@0?distro=sid
purl pkg:deb/debian/firefox@0?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@0%3Fdistro=sid
2
url pkg:deb/debian/firefox@149.0-1?distro=sid
purl pkg:deb/debian/firefox@149.0-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0-1%3Fdistro=sid
3
url pkg:deb/debian/firefox@149.0.2-1?distro=sid
purl pkg:deb/debian/firefox@149.0.2-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0.2-1%3Fdistro=sid
aliases CVE-2025-27425
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-mqyc-vuqn-tfdg
160
url VCID-mtkx-1vvb-3yhp
vulnerability_id VCID-mtkx-1vvb-3yhp
summary In the Angle graphics library, depth pitch computations did not take into account the block size and simply multiplied the row pitch with the pixel height. This caused the load functions to use a very high depth pitch, reading past the end of the user-supplied buffer.*Note: This issue only affected Windows operating systems. Other operating systems are unaffected.*
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-16048.json
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-16048.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2020-16048
reference_id
reference_type
scores
0
value 0.00195
scoring_system epss
scoring_elements 0.41395
published_at 2026-04-01T12:55:00Z
1
value 0.00195
scoring_system epss
scoring_elements 0.41486
published_at 2026-04-12T12:55:00Z
2
value 0.00195
scoring_system epss
scoring_elements 0.41513
published_at 2026-04-04T12:55:00Z
3
value 0.00195
scoring_system epss
scoring_elements 0.4144
published_at 2026-04-07T12:55:00Z
4
value 0.00195
scoring_system epss
scoring_elements 0.4149
published_at 2026-04-08T12:55:00Z
5
value 0.00195
scoring_system epss
scoring_elements 0.41498
published_at 2026-04-09T12:55:00Z
6
value 0.00195
scoring_system epss
scoring_elements 0.41518
published_at 2026-04-11T12:55:00Z
7
value 0.00195
scoring_system epss
scoring_elements 0.41472
published_at 2026-04-13T12:55:00Z
8
value 0.00195
scoring_system epss
scoring_elements 0.41517
published_at 2026-04-16T12:55:00Z
9
value 0.00195
scoring_system epss
scoring_elements 0.41489
published_at 2026-04-18T12:55:00Z
10
value 0.00195
scoring_system epss
scoring_elements 0.41416
published_at 2026-04-21T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2020-16048
2
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1926979
reference_id 1926979
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1926979
3
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2021-06
reference_id mfsa2021-06
reference_type
scores
0
value critical
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2021-06
fixed_packages
0
url pkg:deb/debian/firefox@150.0-1?distro=sid
purl pkg:deb/debian/firefox@150.0-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@150.0-1%3Fdistro=sid
1
url pkg:deb/debian/firefox@0?distro=sid
purl pkg:deb/debian/firefox@0?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@0%3Fdistro=sid
2
url pkg:deb/debian/firefox@149.0-1?distro=sid
purl pkg:deb/debian/firefox@149.0-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0-1%3Fdistro=sid
3
url pkg:deb/debian/firefox@149.0.2-1?distro=sid
purl pkg:deb/debian/firefox@149.0.2-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0.2-1%3Fdistro=sid
aliases CVE-2020-16048
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-mtkx-1vvb-3yhp
161
url VCID-mvg3-6cbk-xyb6
vulnerability_id VCID-mvg3-6cbk-xyb6
summary Multiple vulnerabilities have been discovered in Mozilla Thunderbird, the worst of which could result in arbitrary code execution.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-25740.json
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-25740.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2023-25740
reference_id
reference_type
scores
0
value 0.00247
scoring_system epss
scoring_elements 0.47943
published_at 2026-04-02T12:55:00Z
1
value 0.00247
scoring_system epss
scoring_elements 0.47976
published_at 2026-04-21T12:55:00Z
2
value 0.00247
scoring_system epss
scoring_elements 0.47984
published_at 2026-04-11T12:55:00Z
3
value 0.00247
scoring_system epss
scoring_elements 0.47961
published_at 2026-04-12T12:55:00Z
4
value 0.00247
scoring_system epss
scoring_elements 0.47972
published_at 2026-04-13T12:55:00Z
5
value 0.00247
scoring_system epss
scoring_elements 0.48025
published_at 2026-04-16T12:55:00Z
6
value 0.00247
scoring_system epss
scoring_elements 0.4802
published_at 2026-04-18T12:55:00Z
7
value 0.00247
scoring_system epss
scoring_elements 0.47964
published_at 2026-04-04T12:55:00Z
8
value 0.00247
scoring_system epss
scoring_elements 0.47913
published_at 2026-04-07T12:55:00Z
9
value 0.00247
scoring_system epss
scoring_elements 0.47965
published_at 2026-04-08T12:55:00Z
10
value 0.00247
scoring_system epss
scoring_elements 0.4796
published_at 2026-04-09T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2023-25740
2
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2170385
reference_id 2170385
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2170385
3
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2023-05
reference_id mfsa2023-05
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2023-05
4
reference_url https://www.mozilla.org/security/advisories/mfsa2023-05/
reference_id mfsa2023-05
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value Track*
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2025-01-09T20:02:01Z/
url https://www.mozilla.org/security/advisories/mfsa2023-05/
5
reference_url https://bugzilla.mozilla.org/show_bug.cgi?id=1812354
reference_id show_bug.cgi?id=1812354
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value Track*
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2025-01-09T20:02:01Z/
url https://bugzilla.mozilla.org/show_bug.cgi?id=1812354
fixed_packages
0
url pkg:deb/debian/firefox@150.0-1?distro=sid
purl pkg:deb/debian/firefox@150.0-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@150.0-1%3Fdistro=sid
1
url pkg:deb/debian/firefox@0?distro=sid
purl pkg:deb/debian/firefox@0?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@0%3Fdistro=sid
2
url pkg:deb/debian/firefox@149.0-1?distro=sid
purl pkg:deb/debian/firefox@149.0-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0-1%3Fdistro=sid
3
url pkg:deb/debian/firefox@149.0.2-1?distro=sid
purl pkg:deb/debian/firefox@149.0.2-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0.2-1%3Fdistro=sid
aliases CVE-2023-25740
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-mvg3-6cbk-xyb6
162
url VCID-mwrr-ashj-bfg3
vulnerability_id VCID-mwrr-ashj-bfg3
summary 
Multiple vulnerabilities have been found in Mozilla Thunderbird,
    the worst of which could lead to the execution of arbitrary code.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-7825.json
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-7825.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2017-7825
reference_id
reference_type
scores
0
value 0.0171
scoring_system epss
scoring_elements 0.82371
published_at 2026-04-21T12:55:00Z
1
value 0.0171
scoring_system epss
scoring_elements 0.82318
published_at 2026-04-08T12:55:00Z
2
value 0.0171
scoring_system epss
scoring_elements 0.82325
published_at 2026-04-09T12:55:00Z
3
value 0.0171
scoring_system epss
scoring_elements 0.82345
published_at 2026-04-11T12:55:00Z
4
value 0.0171
scoring_system epss
scoring_elements 0.82339
published_at 2026-04-12T12:55:00Z
5
value 0.0171
scoring_system epss
scoring_elements 0.82333
published_at 2026-04-13T12:55:00Z
6
value 0.0171
scoring_system epss
scoring_elements 0.82367
published_at 2026-04-16T12:55:00Z
7
value 0.0171
scoring_system epss
scoring_elements 0.82368
published_at 2026-04-18T12:55:00Z
8
value 0.0171
scoring_system epss
scoring_elements 0.82264
published_at 2026-04-01T12:55:00Z
9
value 0.0171
scoring_system epss
scoring_elements 0.82277
published_at 2026-04-02T12:55:00Z
10
value 0.0171
scoring_system epss
scoring_elements 0.82296
published_at 2026-04-04T12:55:00Z
11
value 0.0171
scoring_system epss
scoring_elements 0.82291
published_at 2026-04-07T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2017-7825
2
reference_url https://bugzilla.mozilla.org/show_bug.cgi?id=1390980
reference_id
reference_type
scores
url https://bugzilla.mozilla.org/show_bug.cgi?id=1390980
3
reference_url https://bugzilla.mozilla.org/show_bug.cgi?id=1393624
reference_id
reference_type
scores
url https://bugzilla.mozilla.org/show_bug.cgi?id=1393624
4
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 6.4
scoring_system cvssv2
scoring_elements AV:N/AC:L/Au:N/C:P/I:P/A:N
1
value 5.4
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
5
reference_url https://lists.debian.org/debian-lts-announce/2017/11/msg00000.html
reference_id
reference_type
scores
url https://lists.debian.org/debian-lts-announce/2017/11/msg00000.html
6
reference_url https://www.mozilla.org/security/advisories/mfsa2017-21/
reference_id
reference_type
scores
url https://www.mozilla.org/security/advisories/mfsa2017-21/
7
reference_url https://www.mozilla.org/security/advisories/mfsa2017-22/
reference_id
reference_type
scores
url https://www.mozilla.org/security/advisories/mfsa2017-22/
8
reference_url https://www.mozilla.org/security/advisories/mfsa2017-23/
reference_id
reference_type
scores
url https://www.mozilla.org/security/advisories/mfsa2017-23/
9
reference_url http://www.securityfocus.com/bid/101059
reference_id
reference_type
scores
url http://www.securityfocus.com/bid/101059
10
reference_url http://www.securitytracker.com/id/1039465
reference_id
reference_type
scores
url http://www.securitytracker.com/id/1039465
11
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1496657
reference_id 1496657
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1496657
12
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*
reference_id cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*
13
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*
reference_id cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*
14
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*
reference_id cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*
15
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*
reference_id cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*
16
reference_url https://nvd.nist.gov/vuln/detail/CVE-2017-7825
reference_id CVE-2017-7825
reference_type
scores
0
value 5.0
scoring_system cvssv2
scoring_elements AV:N/AC:L/Au:N/C:N/I:P/A:N
1
value 5.3
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
url https://nvd.nist.gov/vuln/detail/CVE-2017-7825
17
reference_url https://security.gentoo.org/glsa/201803-14
reference_id GLSA-201803-14
reference_type
scores
url https://security.gentoo.org/glsa/201803-14
18
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2017-21
reference_id mfsa2017-21
reference_type
scores
0
value critical
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2017-21
19
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2017-22
reference_id mfsa2017-22
reference_type
scores
0
value critical
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2017-22
20
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2017-23
reference_id mfsa2017-23
reference_type
scores
0
value critical
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2017-23
fixed_packages
0
url pkg:deb/debian/firefox@150.0-1?distro=sid
purl pkg:deb/debian/firefox@150.0-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@150.0-1%3Fdistro=sid
1
url pkg:deb/debian/firefox@0?distro=sid
purl pkg:deb/debian/firefox@0?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@0%3Fdistro=sid
2
url pkg:deb/debian/firefox@149.0-1?distro=sid
purl pkg:deb/debian/firefox@149.0-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0-1%3Fdistro=sid
3
url pkg:deb/debian/firefox@149.0.2-1?distro=sid
purl pkg:deb/debian/firefox@149.0.2-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0.2-1%3Fdistro=sid
aliases CVE-2017-7825
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-mwrr-ashj-bfg3
163
url VCID-myaj-sqb7-27dq
vulnerability_id VCID-myaj-sqb7-27dq
summary For native-to-JS bridging, the app requires a unique token to be passed that ensures non-app code can't call the bridging functions. That token was being used for JS-to-native also, but it isn't needed in this case, and its usage was also leaking this token.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2020-6830
reference_id
reference_type
scores
0
value 0.00322
scoring_system epss
scoring_elements 0.55347
published_at 2026-04-21T12:55:00Z
1
value 0.00322
scoring_system epss
scoring_elements 0.55201
published_at 2026-04-01T12:55:00Z
2
value 0.00322
scoring_system epss
scoring_elements 0.553
published_at 2026-04-02T12:55:00Z
3
value 0.00322
scoring_system epss
scoring_elements 0.55324
published_at 2026-04-04T12:55:00Z
4
value 0.00322
scoring_system epss
scoring_elements 0.55306
published_at 2026-04-07T12:55:00Z
5
value 0.00322
scoring_system epss
scoring_elements 0.55356
published_at 2026-04-08T12:55:00Z
6
value 0.00322
scoring_system epss
scoring_elements 0.55357
published_at 2026-04-09T12:55:00Z
7
value 0.00322
scoring_system epss
scoring_elements 0.55368
published_at 2026-04-18T12:55:00Z
8
value 0.00322
scoring_system epss
scoring_elements 0.55346
published_at 2026-04-12T12:55:00Z
9
value 0.00322
scoring_system epss
scoring_elements 0.55327
published_at 2026-04-13T12:55:00Z
10
value 0.00322
scoring_system epss
scoring_elements 0.55364
published_at 2026-04-16T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2020-6830
1
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2020-15
reference_id mfsa2020-15
reference_type
scores
0
value none
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2020-15
fixed_packages
0
url pkg:deb/debian/firefox@150.0-1?distro=sid
purl pkg:deb/debian/firefox@150.0-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@150.0-1%3Fdistro=sid
1
url pkg:deb/debian/firefox@0?distro=sid
purl pkg:deb/debian/firefox@0?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@0%3Fdistro=sid
2
url pkg:deb/debian/firefox@149.0-1?distro=sid
purl pkg:deb/debian/firefox@149.0-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0-1%3Fdistro=sid
3
url pkg:deb/debian/firefox@149.0.2-1?distro=sid
purl pkg:deb/debian/firefox@149.0.2-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0.2-1%3Fdistro=sid
aliases CVE-2020-6830
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-myaj-sqb7-27dq
164
url VCID-myv9-89b8-w7dm
vulnerability_id VCID-myv9-89b8-w7dm
summary In the Windows 10 April 2018 Update, Windows Defender SmartScreen honors the SEE_MASK_FLAG_NO_UI flag associated with downloaded files and will not show any UI. Files that are unknown and potentially dangerous will be allowed to run because SmartScreen will not prompt the user for a decision, and if the user is offline all files will be allowed to be opened because Windows won’t prompt the user to ask what to do. Firefox incorrectly sets this flag when downloading files, leading to less secure behavior from SmartScreen. *Note: this issue only affects Windows 10 users running the April 2018 update or later. It does not affect other Windows users or other operating systems.*
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-5174.json
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-5174.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2018-5174
reference_id
reference_type
scores
0
value 0.0054
scoring_system epss
scoring_elements 0.67633
published_at 2026-04-21T12:55:00Z
1
value 0.0054
scoring_system epss
scoring_elements 0.67632
published_at 2026-04-09T12:55:00Z
2
value 0.0054
scoring_system epss
scoring_elements 0.67654
published_at 2026-04-18T12:55:00Z
3
value 0.0054
scoring_system epss
scoring_elements 0.6764
published_at 2026-04-12T12:55:00Z
4
value 0.0054
scoring_system epss
scoring_elements 0.67608
published_at 2026-04-13T12:55:00Z
5
value 0.0054
scoring_system epss
scoring_elements 0.67642
published_at 2026-04-16T12:55:00Z
6
value 0.0054
scoring_system epss
scoring_elements 0.67531
published_at 2026-04-01T12:55:00Z
7
value 0.0054
scoring_system epss
scoring_elements 0.67567
published_at 2026-04-07T12:55:00Z
8
value 0.0054
scoring_system epss
scoring_elements 0.67589
published_at 2026-04-04T12:55:00Z
9
value 0.0054
scoring_system epss
scoring_elements 0.67618
published_at 2026-04-08T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2018-5174
2
reference_url https://bugzilla.mozilla.org/show_bug.cgi?id=1447080
reference_id
reference_type
scores
url https://bugzilla.mozilla.org/show_bug.cgi?id=1447080
3
reference_url https://www.mozilla.org/security/advisories/mfsa2018-11/
reference_id
reference_type
scores
url https://www.mozilla.org/security/advisories/mfsa2018-11/
4
reference_url https://www.mozilla.org/security/advisories/mfsa2018-12/
reference_id
reference_type
scores
url https://www.mozilla.org/security/advisories/mfsa2018-12/
5
reference_url https://www.mozilla.org/security/advisories/mfsa2018-13/
reference_id
reference_type
scores
url https://www.mozilla.org/security/advisories/mfsa2018-13/
6
reference_url http://www.securityfocus.com/bid/104136
reference_id
reference_type
scores
url http://www.securityfocus.com/bid/104136
7
reference_url http://www.securitytracker.com/id/1040896
reference_id
reference_type
scores
url http://www.securitytracker.com/id/1040896
8
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1576274
reference_id 1576274
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1576274
9
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*
reference_id cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*
10
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*
reference_id cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*
11
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird_esr:*:*:*:*:*:*:*:*
reference_id cpe:2.3:a:mozilla:thunderbird_esr:*:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird_esr:*:*:*:*:*:*:*:*
12
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*
reference_id cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*
13
reference_url https://nvd.nist.gov/vuln/detail/CVE-2018-5174
reference_id CVE-2018-5174
reference_type
scores
0
value 5.0
scoring_system cvssv2
scoring_elements AV:N/AC:L/Au:N/C:N/I:P/A:N
1
value 7.5
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
url https://nvd.nist.gov/vuln/detail/CVE-2018-5174
14
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2018-11
reference_id mfsa2018-11
reference_type
scores
0
value critical
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2018-11
15
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2018-12
reference_id mfsa2018-12
reference_type
scores
0
value critical
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2018-12
16
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2018-13
reference_id mfsa2018-13
reference_type
scores
0
value critical
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2018-13
fixed_packages
0
url pkg:deb/debian/firefox@150.0-1?distro=sid
purl pkg:deb/debian/firefox@150.0-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@150.0-1%3Fdistro=sid
1
url pkg:deb/debian/firefox@0?distro=sid
purl pkg:deb/debian/firefox@0?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@0%3Fdistro=sid
2
url pkg:deb/debian/firefox@149.0-1?distro=sid
purl pkg:deb/debian/firefox@149.0-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0-1%3Fdistro=sid
3
url pkg:deb/debian/firefox@149.0.2-1?distro=sid
purl pkg:deb/debian/firefox@149.0.2-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0.2-1%3Fdistro=sid
aliases CVE-2018-5174
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-myv9-89b8-w7dm
165
url VCID-n4g2-4hj3-vkb9
vulnerability_id VCID-n4g2-4hj3-vkb9
summary Malicious scripts could cause desynchronization between the address bar and web content before a response is received in Firefox iOS, allowing attacker-controlled pages to be presented under spoofed domains.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-2634
reference_id
reference_type
scores
0
value 0.00063
scoring_system epss
scoring_elements 0.1941
published_at 2026-04-21T12:55:00Z
1
value 0.00063
scoring_system epss
scoring_elements 0.19629
published_at 2026-04-02T12:55:00Z
2
value 0.00063
scoring_system epss
scoring_elements 0.19531
published_at 2026-04-11T12:55:00Z
3
value 0.00063
scoring_system epss
scoring_elements 0.19485
published_at 2026-04-12T12:55:00Z
4
value 0.00063
scoring_system epss
scoring_elements 0.19427
published_at 2026-04-13T12:55:00Z
5
value 0.00063
scoring_system epss
scoring_elements 0.19387
published_at 2026-04-16T12:55:00Z
6
value 0.00063
scoring_system epss
scoring_elements 0.19396
published_at 2026-04-18T12:55:00Z
7
value 0.00063
scoring_system epss
scoring_elements 0.19677
published_at 2026-04-04T12:55:00Z
8
value 0.00063
scoring_system epss
scoring_elements 0.19398
published_at 2026-04-07T12:55:00Z
9
value 0.00063
scoring_system epss
scoring_elements 0.19477
published_at 2026-04-08T12:55:00Z
10
value 0.00063
scoring_system epss
scoring_elements 0.19528
published_at 2026-04-09T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-2634
1
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-12
reference_id mfsa2026-12
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-12
2
reference_url https://www.mozilla.org/security/advisories/mfsa2026-12/
reference_id mfsa2026-12
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-02-27T20:55:08Z/
url https://www.mozilla.org/security/advisories/mfsa2026-12/
3
reference_url https://bugzilla.mozilla.org/show_bug.cgi?id=1975529
reference_id show_bug.cgi?id=1975529
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-02-27T20:55:08Z/
url https://bugzilla.mozilla.org/show_bug.cgi?id=1975529
fixed_packages
0
url pkg:deb/debian/firefox@150.0-1?distro=sid
purl pkg:deb/debian/firefox@150.0-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@150.0-1%3Fdistro=sid
1
url pkg:deb/debian/firefox@0?distro=sid
purl pkg:deb/debian/firefox@0?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@0%3Fdistro=sid
2
url pkg:deb/debian/firefox@149.0-1?distro=sid
purl pkg:deb/debian/firefox@149.0-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0-1%3Fdistro=sid
3
url pkg:deb/debian/firefox@149.0.2-1?distro=sid
purl pkg:deb/debian/firefox@149.0.2-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0.2-1%3Fdistro=sid
aliases CVE-2026-2634
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-n4g2-4hj3-vkb9
166
url VCID-n7fp-17uy-eqe7
vulnerability_id VCID-n7fp-17uy-eqe7
summary Spoofing issue in the Address Bar component of Firefox Focus for Android.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2025-9186
reference_id
reference_type
scores
0
value 0.00027
scoring_system epss
scoring_elements 0.07678
published_at 2026-04-21T12:55:00Z
1
value 0.00027
scoring_system epss
scoring_elements 0.07652
published_at 2026-04-09T12:55:00Z
2
value 0.00027
scoring_system epss
scoring_elements 0.07653
published_at 2026-04-11T12:55:00Z
3
value 0.00027
scoring_system epss
scoring_elements 0.07639
published_at 2026-04-12T12:55:00Z
4
value 0.00027
scoring_system epss
scoring_elements 0.07625
published_at 2026-04-13T12:55:00Z
5
value 0.00027
scoring_system epss
scoring_elements 0.07551
published_at 2026-04-16T12:55:00Z
6
value 0.00027
scoring_system epss
scoring_elements 0.07539
published_at 2026-04-18T12:55:00Z
7
value 0.00027
scoring_system epss
scoring_elements 0.07558
published_at 2026-04-02T12:55:00Z
8
value 0.00027
scoring_system epss
scoring_elements 0.076
published_at 2026-04-04T12:55:00Z
9
value 0.00027
scoring_system epss
scoring_elements 0.07576
published_at 2026-04-07T12:55:00Z
10
value 0.00027
scoring_system epss
scoring_elements 0.07635
published_at 2026-04-08T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2025-9186
1
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
2
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2025-64
reference_id mfsa2025-64
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2025-64
3
reference_url https://www.mozilla.org/security/advisories/mfsa2025-64/
reference_id mfsa2025-64
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-08-20T14:05:05Z/
url https://www.mozilla.org/security/advisories/mfsa2025-64/
4
reference_url https://bugzilla.mozilla.org/show_bug.cgi?id=1445758
reference_id show_bug.cgi?id=1445758
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-08-20T14:05:05Z/
url https://bugzilla.mozilla.org/show_bug.cgi?id=1445758
fixed_packages
0
url pkg:deb/debian/firefox@150.0-1?distro=sid
purl pkg:deb/debian/firefox@150.0-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@150.0-1%3Fdistro=sid
1
url pkg:deb/debian/firefox@0?distro=sid
purl pkg:deb/debian/firefox@0?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@0%3Fdistro=sid
2
url pkg:deb/debian/firefox@149.0-1?distro=sid
purl pkg:deb/debian/firefox@149.0-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0-1%3Fdistro=sid
3
url pkg:deb/debian/firefox@149.0.2-1?distro=sid
purl pkg:deb/debian/firefox@149.0.2-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0.2-1%3Fdistro=sid
aliases CVE-2025-9186
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-n7fp-17uy-eqe7
167
url VCID-nexj-aaak-u7aq
vulnerability_id VCID-nexj-aaak-u7aq
summary Low descenders on some Tibetan characters in several fonts on OS X are clipped when rendered in the addressbar. When used as part of an Internationalized Domain Name (IDN) this can be used for domain name spoofing attacks. *Note: This attack only affects OS X operating systems. Other operating systems are unaffected.*
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2018-5121
reference_id
reference_type
scores
0
value 0.00981
scoring_system epss
scoring_elements 0.76814
published_at 2026-04-21T12:55:00Z
1
value 0.00981
scoring_system epss
scoring_elements 0.76719
published_at 2026-04-01T12:55:00Z
2
value 0.00981
scoring_system epss
scoring_elements 0.76776
published_at 2026-04-13T12:55:00Z
3
value 0.00981
scoring_system epss
scoring_elements 0.76817
published_at 2026-04-16T12:55:00Z
4
value 0.00981
scoring_system epss
scoring_elements 0.76822
published_at 2026-04-18T12:55:00Z
5
value 0.00981
scoring_system epss
scoring_elements 0.76722
published_at 2026-04-02T12:55:00Z
6
value 0.00981
scoring_system epss
scoring_elements 0.76751
published_at 2026-04-04T12:55:00Z
7
value 0.00981
scoring_system epss
scoring_elements 0.76733
published_at 2026-04-07T12:55:00Z
8
value 0.00981
scoring_system epss
scoring_elements 0.76764
published_at 2026-04-08T12:55:00Z
9
value 0.00981
scoring_system epss
scoring_elements 0.76775
published_at 2026-04-09T12:55:00Z
10
value 0.00981
scoring_system epss
scoring_elements 0.76804
published_at 2026-04-11T12:55:00Z
11
value 0.00981
scoring_system epss
scoring_elements 0.76784
published_at 2026-04-12T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2018-5121
1
reference_url https://bugzilla.mozilla.org/show_bug.cgi?id=1402368
reference_id
reference_type
scores
url https://bugzilla.mozilla.org/show_bug.cgi?id=1402368
2
reference_url https://www.mozilla.org/security/advisories/mfsa2018-02/
reference_id
reference_type
scores
url https://www.mozilla.org/security/advisories/mfsa2018-02/
3
reference_url http://www.securityfocus.com/bid/102786
reference_id
reference_type
scores
url http://www.securityfocus.com/bid/102786
4
reference_url http://www.securitytracker.com/id/1040270
reference_id
reference_type
scores
url http://www.securitytracker.com/id/1040270
5
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*
reference_id cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*
6
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*
reference_id cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*
7
reference_url https://nvd.nist.gov/vuln/detail/CVE-2018-5121
reference_id CVE-2018-5121
reference_type
scores
0
value 5.0
scoring_system cvssv2
scoring_elements AV:N/AC:L/Au:N/C:N/I:P/A:N
1
value 5.3
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
url https://nvd.nist.gov/vuln/detail/CVE-2018-5121
8
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2018-02
reference_id mfsa2018-02
reference_type
scores
0
value critical
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2018-02
fixed_packages
0
url pkg:deb/debian/firefox@150.0-1?distro=sid
purl pkg:deb/debian/firefox@150.0-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@150.0-1%3Fdistro=sid
1
url pkg:deb/debian/firefox@0?distro=sid
purl pkg:deb/debian/firefox@0?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@0%3Fdistro=sid
2
url pkg:deb/debian/firefox@149.0-1?distro=sid
purl pkg:deb/debian/firefox@149.0-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0-1%3Fdistro=sid
3
url pkg:deb/debian/firefox@149.0.2-1?distro=sid
purl pkg:deb/debian/firefox@149.0.2-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0.2-1%3Fdistro=sid
aliases CVE-2018-5121
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-nexj-aaak-u7aq
168
url VCID-p1tr-p6je-dybj
vulnerability_id VCID-p1tr-p6je-dybj
summary This vulnerability allows an attacker to use the Mozilla Maintenance Service to escalate privilege by having the Maintenance Service invoke the Mozilla Updater to run malicious local files. This vulnerability requires local system access and is a variant of MFSA2013-44. *Note: this issue only affects Windows operating systems.*
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2016-5295
reference_id
reference_type
scores
0
value 0.0008
scoring_system epss
scoring_elements 0.23529
published_at 2026-04-21T12:55:00Z
1
value 0.0008
scoring_system epss
scoring_elements 0.23528
published_at 2026-04-01T12:55:00Z
2
value 0.0008
scoring_system epss
scoring_elements 0.23545
published_at 2026-04-13T12:55:00Z
3
value 0.0008
scoring_system epss
scoring_elements 0.23557
published_at 2026-04-16T12:55:00Z
4
value 0.0008
scoring_system epss
scoring_elements 0.2355
published_at 2026-04-18T12:55:00Z
5
value 0.0008
scoring_system epss
scoring_elements 0.23688
published_at 2026-04-02T12:55:00Z
6
value 0.0008
scoring_system epss
scoring_elements 0.23729
published_at 2026-04-04T12:55:00Z
7
value 0.0008
scoring_system epss
scoring_elements 0.2351
published_at 2026-04-07T12:55:00Z
8
value 0.0008
scoring_system epss
scoring_elements 0.23581
published_at 2026-04-08T12:55:00Z
9
value 0.0008
scoring_system epss
scoring_elements 0.23627
published_at 2026-04-09T12:55:00Z
10
value 0.0008
scoring_system epss
scoring_elements 0.23643
published_at 2026-04-11T12:55:00Z
11
value 0.0008
scoring_system epss
scoring_elements 0.23601
published_at 2026-04-12T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2016-5295
1
reference_url https://bugzilla.mozilla.org/show_bug.cgi?id=1247239
reference_id
reference_type
scores
url https://bugzilla.mozilla.org/show_bug.cgi?id=1247239
2
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2013-44/
reference_id
reference_type
scores
url https://www.mozilla.org/en-US/security/advisories/mfsa2013-44/
3
reference_url https://www.mozilla.org/security/advisories/mfsa2016-89/
reference_id
reference_type
scores
url https://www.mozilla.org/security/advisories/mfsa2016-89/
4
reference_url http://www.securityfocus.com/bid/94337
reference_id
reference_type
scores
url http://www.securityfocus.com/bid/94337
5
reference_url http://www.securitytracker.com/id/1037298
reference_id
reference_type
scores
url http://www.securitytracker.com/id/1037298
6
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*
reference_id cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*
7
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*
reference_id cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*
8
reference_url https://nvd.nist.gov/vuln/detail/CVE-2016-5295
reference_id CVE-2016-5295
reference_type
scores
0
value 4.6
scoring_system cvssv2
scoring_elements AV:L/AC:L/Au:N/C:P/I:P/A:P
1
value 7.8
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
url https://nvd.nist.gov/vuln/detail/CVE-2016-5295
9
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2016-89
reference_id mfsa2016-89
reference_type
scores
0
value critical
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2016-89
fixed_packages
0
url pkg:deb/debian/firefox@150.0-1?distro=sid
purl pkg:deb/debian/firefox@150.0-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@150.0-1%3Fdistro=sid
1
url pkg:deb/debian/firefox@0?distro=sid
purl pkg:deb/debian/firefox@0?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@0%3Fdistro=sid
2
url pkg:deb/debian/firefox@149.0-1?distro=sid
purl pkg:deb/debian/firefox@149.0-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0-1%3Fdistro=sid
3
url pkg:deb/debian/firefox@149.0.2-1?distro=sid
purl pkg:deb/debian/firefox@149.0.2-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0.2-1%3Fdistro=sid
aliases CVE-2016-5295
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-p1tr-p6je-dybj
169
url VCID-p4kh-nd6b-jubh
vulnerability_id VCID-p4kh-nd6b-jubh
summary When drawing text onto a canvas with WebRender disabled, an out of bounds read could occur. *This bug only affects Firefox on Windows. Other operating systems are unaffected.*
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2021-29968
reference_id
reference_type
scores
0
value 0.00296
scoring_system epss
scoring_elements 0.5291
published_at 2026-04-21T12:55:00Z
1
value 0.00296
scoring_system epss
scoring_elements 0.528
published_at 2026-04-01T12:55:00Z
2
value 0.00296
scoring_system epss
scoring_elements 0.5292
published_at 2026-04-16T12:55:00Z
3
value 0.00296
scoring_system epss
scoring_elements 0.52927
published_at 2026-04-18T12:55:00Z
4
value 0.00296
scoring_system epss
scoring_elements 0.52824
published_at 2026-04-02T12:55:00Z
5
value 0.00296
scoring_system epss
scoring_elements 0.5285
published_at 2026-04-04T12:55:00Z
6
value 0.00296
scoring_system epss
scoring_elements 0.52819
published_at 2026-04-07T12:55:00Z
7
value 0.00296
scoring_system epss
scoring_elements 0.5287
published_at 2026-04-08T12:55:00Z
8
value 0.00296
scoring_system epss
scoring_elements 0.52864
published_at 2026-04-09T12:55:00Z
9
value 0.00296
scoring_system epss
scoring_elements 0.52914
published_at 2026-04-11T12:55:00Z
10
value 0.00296
scoring_system epss
scoring_elements 0.52898
published_at 2026-04-12T12:55:00Z
11
value 0.00296
scoring_system epss
scoring_elements 0.52883
published_at 2026-04-13T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2021-29968
1
reference_url https://security.archlinux.org/AVG-2074
reference_id AVG-2074
reference_type
scores
0
value Medium
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-2074
2
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2021-27
reference_id mfsa2021-27
reference_type
scores
0
value none
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2021-27
fixed_packages
0
url pkg:deb/debian/firefox@150.0-1?distro=sid
purl pkg:deb/debian/firefox@150.0-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@150.0-1%3Fdistro=sid
1
url pkg:deb/debian/firefox@0?distro=sid
purl pkg:deb/debian/firefox@0?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@0%3Fdistro=sid
2
url pkg:deb/debian/firefox@149.0-1?distro=sid
purl pkg:deb/debian/firefox@149.0-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0-1%3Fdistro=sid
3
url pkg:deb/debian/firefox@149.0.2-1?distro=sid
purl pkg:deb/debian/firefox@149.0.2-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0.2-1%3Fdistro=sid
aliases CVE-2021-29968
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-p4kh-nd6b-jubh
170
url VCID-pber-bzw2-r3gw
vulnerability_id VCID-pber-bzw2-r3gw
summary The Mozilla Maintenance Service can be invoked by an unprivileged user to read 32 bytes of any arbitrary file on the local system by convincing the service that it is reading a status file provided by the Mozilla Windows Updater. The Mozilla Maintenance Service executes with privileged access, bypassing system protections against unprivileged users. *Note: This attack requires local system access and only affects Windows. Other operating systems are not affected.*
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2017-7768
reference_id
reference_type
scores
0
value 0.00046
scoring_system epss
scoring_elements 0.14212
published_at 2026-04-21T12:55:00Z
1
value 0.00046
scoring_system epss
scoring_elements 0.14306
published_at 2026-04-12T12:55:00Z
2
value 0.00046
scoring_system epss
scoring_elements 0.1425
published_at 2026-04-13T12:55:00Z
3
value 0.00046
scoring_system epss
scoring_elements 0.14141
published_at 2026-04-16T12:55:00Z
4
value 0.00046
scoring_system epss
scoring_elements 0.14138
published_at 2026-04-18T12:55:00Z
5
value 0.00046
scoring_system epss
scoring_elements 0.14302
published_at 2026-04-01T12:55:00Z
6
value 0.00046
scoring_system epss
scoring_elements 0.14387
published_at 2026-04-02T12:55:00Z
7
value 0.00046
scoring_system epss
scoring_elements 0.14453
published_at 2026-04-04T12:55:00Z
8
value 0.00046
scoring_system epss
scoring_elements 0.14259
published_at 2026-04-07T12:55:00Z
9
value 0.00046
scoring_system epss
scoring_elements 0.14342
published_at 2026-04-08T12:55:00Z
10
value 0.00046
scoring_system epss
scoring_elements 0.14398
published_at 2026-04-09T12:55:00Z
11
value 0.00046
scoring_system epss
scoring_elements 0.14346
published_at 2026-04-11T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2017-7768
1
reference_url https://bugzilla.mozilla.org/show_bug.cgi?id=1336979
reference_id
reference_type
scores
url https://bugzilla.mozilla.org/show_bug.cgi?id=1336979
2
reference_url https://www.mozilla.org/security/advisories/mfsa2017-15/
reference_id
reference_type
scores
url https://www.mozilla.org/security/advisories/mfsa2017-15/
3
reference_url https://www.mozilla.org/security/advisories/mfsa2017-16/
reference_id
reference_type
scores
url https://www.mozilla.org/security/advisories/mfsa2017-16/
4
reference_url http://www.securityfocus.com/bid/99057
reference_id
reference_type
scores
url http://www.securityfocus.com/bid/99057
5
reference_url http://www.securitytracker.com/id/1038689
reference_id
reference_type
scores
url http://www.securitytracker.com/id/1038689
6
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*
reference_id cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*
7
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*
reference_id cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*
8
reference_url https://nvd.nist.gov/vuln/detail/CVE-2017-7768
reference_id CVE-2017-7768
reference_type
scores
0
value 2.1
scoring_system cvssv2
scoring_elements AV:L/AC:L/Au:N/C:P/I:N/A:N
1
value 5.5
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
url https://nvd.nist.gov/vuln/detail/CVE-2017-7768
9
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2017-15
reference_id mfsa2017-15
reference_type
scores
0
value critical
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2017-15
10
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2017-16
reference_id mfsa2017-16
reference_type
scores
0
value critical
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2017-16
fixed_packages
0
url pkg:deb/debian/firefox@150.0-1?distro=sid
purl pkg:deb/debian/firefox@150.0-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@150.0-1%3Fdistro=sid
1
url pkg:deb/debian/firefox@0?distro=sid
purl pkg:deb/debian/firefox@0?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@0%3Fdistro=sid
2
url pkg:deb/debian/firefox@149.0-1?distro=sid
purl pkg:deb/debian/firefox@149.0-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0-1%3Fdistro=sid
3
url pkg:deb/debian/firefox@149.0.2-1?distro=sid
purl pkg:deb/debian/firefox@149.0.2-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0.2-1%3Fdistro=sid
aliases CVE-2017-7768
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-pber-bzw2-r3gw
171
url VCID-phf8-uzdb-vber
vulnerability_id VCID-phf8-uzdb-vber
summary Multiple vulnerabilities have been found in Mozilla Firefox, the worst of which could result in the arbitrary execution of code.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2022-29910
reference_id
reference_type
scores
0
value 0.00247
scoring_system epss
scoring_elements 0.47997
published_at 2026-04-21T12:55:00Z
1
value 0.00247
scoring_system epss
scoring_elements 0.47965
published_at 2026-04-02T12:55:00Z
2
value 0.00247
scoring_system epss
scoring_elements 0.48005
published_at 2026-04-11T12:55:00Z
3
value 0.00247
scoring_system epss
scoring_elements 0.47982
published_at 2026-04-12T12:55:00Z
4
value 0.00247
scoring_system epss
scoring_elements 0.47993
published_at 2026-04-13T12:55:00Z
5
value 0.00247
scoring_system epss
scoring_elements 0.48046
published_at 2026-04-16T12:55:00Z
6
value 0.00247
scoring_system epss
scoring_elements 0.48041
published_at 2026-04-18T12:55:00Z
7
value 0.00247
scoring_system epss
scoring_elements 0.47986
published_at 2026-04-04T12:55:00Z
8
value 0.00247
scoring_system epss
scoring_elements 0.47934
published_at 2026-04-07T12:55:00Z
9
value 0.00247
scoring_system epss
scoring_elements 0.47987
published_at 2026-04-08T12:55:00Z
10
value 0.00247
scoring_system epss
scoring_elements 0.47981
published_at 2026-04-09T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2022-29910
1
reference_url https://security.gentoo.org/glsa/202208-08
reference_id GLSA-202208-08
reference_type
scores
url https://security.gentoo.org/glsa/202208-08
2
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2022-16
reference_id mfsa2022-16
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2022-16
3
reference_url https://www.mozilla.org/security/advisories/mfsa2022-16/
reference_id mfsa2022-16
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-16T13:45:34Z/
url https://www.mozilla.org/security/advisories/mfsa2022-16/
4
reference_url https://bugzilla.mozilla.org/show_bug.cgi?id=1757138
reference_id show_bug.cgi?id=1757138
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-16T13:45:34Z/
url https://bugzilla.mozilla.org/show_bug.cgi?id=1757138
fixed_packages
0
url pkg:deb/debian/firefox@150.0-1?distro=sid
purl pkg:deb/debian/firefox@150.0-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@150.0-1%3Fdistro=sid
1
url pkg:deb/debian/firefox@0?distro=sid
purl pkg:deb/debian/firefox@0?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@0%3Fdistro=sid
2
url pkg:deb/debian/firefox@149.0-1?distro=sid
purl pkg:deb/debian/firefox@149.0-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0-1%3Fdistro=sid
3
url pkg:deb/debian/firefox@149.0.2-1?distro=sid
purl pkg:deb/debian/firefox@149.0.2-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0.2-1%3Fdistro=sid
aliases CVE-2022-29910
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-phf8-uzdb-vber
172
url VCID-pn68-e9g7-qbf1
vulnerability_id VCID-pn68-e9g7-qbf1
summary The executable file warning did not warn users before opening files with the terminal extension. *This bug only affects Thunderbird for macOS. Other versions of Thunderbird are unaffected.*
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-6426.json
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-6426.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2025-6426
reference_id
reference_type
scores
0
value 0.00042
scoring_system epss
scoring_elements 0.12839
published_at 2026-04-07T12:55:00Z
1
value 0.00042
scoring_system epss
scoring_elements 0.12989
published_at 2026-04-02T12:55:00Z
2
value 0.00042
scoring_system epss
scoring_elements 0.12968
published_at 2026-04-09T12:55:00Z
3
value 0.00042
scoring_system epss
scoring_elements 0.12918
published_at 2026-04-08T12:55:00Z
4
value 0.00042
scoring_system epss
scoring_elements 0.13039
published_at 2026-04-04T12:55:00Z
5
value 0.00046
scoring_system epss
scoring_elements 0.14109
published_at 2026-04-11T12:55:00Z
6
value 0.00046
scoring_system epss
scoring_elements 0.13899
published_at 2026-04-18T12:55:00Z
7
value 0.00046
scoring_system epss
scoring_elements 0.13908
published_at 2026-04-16T12:55:00Z
8
value 0.00046
scoring_system epss
scoring_elements 0.14014
published_at 2026-04-13T12:55:00Z
9
value 0.00046
scoring_system epss
scoring_elements 0.14068
published_at 2026-04-12T12:55:00Z
10
value 0.00138
scoring_system epss
scoring_elements 0.33771
published_at 2026-04-21T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2025-6426
2
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 8.2
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:L
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
3
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2374560
reference_id 2374560
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2374560
4
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2025-51
reference_id mfsa2025-51
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2025-51
5
reference_url https://www.mozilla.org/security/advisories/mfsa2025-51/
reference_id mfsa2025-51
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-06-25T14:21:30Z/
url https://www.mozilla.org/security/advisories/mfsa2025-51/
6
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2025-53
reference_id mfsa2025-53
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2025-53
7
reference_url https://www.mozilla.org/security/advisories/mfsa2025-53/
reference_id mfsa2025-53
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-06-25T14:21:30Z/
url https://www.mozilla.org/security/advisories/mfsa2025-53/
8
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2025-54
reference_id mfsa2025-54
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2025-54
9
reference_url https://www.mozilla.org/security/advisories/mfsa2025-54/
reference_id mfsa2025-54
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-06-25T14:21:30Z/
url https://www.mozilla.org/security/advisories/mfsa2025-54/
10
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2025-55
reference_id mfsa2025-55
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2025-55
11
reference_url https://www.mozilla.org/security/advisories/mfsa2025-55/
reference_id mfsa2025-55
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-06-25T14:21:30Z/
url https://www.mozilla.org/security/advisories/mfsa2025-55/
12
reference_url https://bugzilla.mozilla.org/show_bug.cgi?id=1964385
reference_id show_bug.cgi?id=1964385
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-06-25T14:21:30Z/
url https://bugzilla.mozilla.org/show_bug.cgi?id=1964385
13
reference_url https://usn.ubuntu.com/7663-1/
reference_id USN-7663-1
reference_type
scores
url https://usn.ubuntu.com/7663-1/
fixed_packages
0
url pkg:deb/debian/firefox@150.0-1?distro=sid
purl pkg:deb/debian/firefox@150.0-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@150.0-1%3Fdistro=sid
1
url pkg:deb/debian/firefox@0?distro=sid
purl pkg:deb/debian/firefox@0?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@0%3Fdistro=sid
2
url pkg:deb/debian/firefox@149.0-1?distro=sid
purl pkg:deb/debian/firefox@149.0-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0-1%3Fdistro=sid
3
url pkg:deb/debian/firefox@149.0.2-1?distro=sid
purl pkg:deb/debian/firefox@149.0.2-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0.2-1%3Fdistro=sid
aliases CVE-2025-6426
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-pn68-e9g7-qbf1
173
url VCID-prum-nfkw-a3gp
vulnerability_id VCID-prum-nfkw-a3gp
summary When in Private Browsing Mode on Windows 10, the Windows keyboard may retain word suggestions to improve the accuracy of the keyboard.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2019-17018
reference_id
reference_type
scores
0
value 0.00156
scoring_system epss
scoring_elements 0.36278
published_at 2026-04-21T12:55:00Z
1
value 0.00156
scoring_system epss
scoring_elements 0.36231
published_at 2026-04-01T12:55:00Z
2
value 0.00156
scoring_system epss
scoring_elements 0.36421
published_at 2026-04-02T12:55:00Z
3
value 0.00156
scoring_system epss
scoring_elements 0.36454
published_at 2026-04-04T12:55:00Z
4
value 0.00156
scoring_system epss
scoring_elements 0.36288
published_at 2026-04-07T12:55:00Z
5
value 0.00156
scoring_system epss
scoring_elements 0.36337
published_at 2026-04-08T12:55:00Z
6
value 0.00156
scoring_system epss
scoring_elements 0.36358
published_at 2026-04-09T12:55:00Z
7
value 0.00156
scoring_system epss
scoring_elements 0.36365
published_at 2026-04-11T12:55:00Z
8
value 0.00156
scoring_system epss
scoring_elements 0.36328
published_at 2026-04-12T12:55:00Z
9
value 0.00156
scoring_system epss
scoring_elements 0.36307
published_at 2026-04-13T12:55:00Z
10
value 0.00156
scoring_system epss
scoring_elements 0.36349
published_at 2026-04-16T12:55:00Z
11
value 0.00156
scoring_system epss
scoring_elements 0.36333
published_at 2026-04-18T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2019-17018
1
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2020-01
reference_id mfsa2020-01
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2020-01
fixed_packages
0
url pkg:deb/debian/firefox@150.0-1?distro=sid
purl pkg:deb/debian/firefox@150.0-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@150.0-1%3Fdistro=sid
1
url pkg:deb/debian/firefox@0?distro=sid
purl pkg:deb/debian/firefox@0?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@0%3Fdistro=sid
2
url pkg:deb/debian/firefox@149.0-1?distro=sid
purl pkg:deb/debian/firefox@149.0-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0-1%3Fdistro=sid
3
url pkg:deb/debian/firefox@149.0.2-1?distro=sid
purl pkg:deb/debian/firefox@149.0.2-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0.2-1%3Fdistro=sid
aliases CVE-2019-17018
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-prum-nfkw-a3gp
174
url VCID-q2t7-31ux-cyc6
vulnerability_id VCID-q2t7-31ux-cyc6
summary On Windows systems, the logger run by the Windows updater deletes the file "update.log" before it runs in order to write a new log of that name. The path to this file is supplied at the command line to the updater and could be used in concert with another local exploit to delete a different file named "update.log" instead of the one intended. *Note: This attack only affects Windows operating systems. Other operating systems are not affected.*
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2017-7796
reference_id
reference_type
scores
0
value 0.00057
scoring_system epss
scoring_elements 0.17858
published_at 2026-04-21T12:55:00Z
1
value 0.00057
scoring_system epss
scoring_elements 0.17881
published_at 2026-04-01T12:55:00Z
2
value 0.00057
scoring_system epss
scoring_elements 0.17868
published_at 2026-04-13T12:55:00Z
3
value 0.00057
scoring_system epss
scoring_elements 0.17811
published_at 2026-04-16T12:55:00Z
4
value 0.00057
scoring_system epss
scoring_elements 0.17821
published_at 2026-04-18T12:55:00Z
5
value 0.00057
scoring_system epss
scoring_elements 0.18041
published_at 2026-04-02T12:55:00Z
6
value 0.00057
scoring_system epss
scoring_elements 0.18096
published_at 2026-04-04T12:55:00Z
7
value 0.00057
scoring_system epss
scoring_elements 0.17798
published_at 2026-04-07T12:55:00Z
8
value 0.00057
scoring_system epss
scoring_elements 0.17885
published_at 2026-04-08T12:55:00Z
9
value 0.00057
scoring_system epss
scoring_elements 0.17946
published_at 2026-04-09T12:55:00Z
10
value 0.00057
scoring_system epss
scoring_elements 0.17963
published_at 2026-04-11T12:55:00Z
11
value 0.00057
scoring_system epss
scoring_elements 0.17918
published_at 2026-04-12T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2017-7796
1
reference_url https://bugzilla.mozilla.org/show_bug.cgi?id=1234401
reference_id
reference_type
scores
url https://bugzilla.mozilla.org/show_bug.cgi?id=1234401
2
reference_url https://www.mozilla.org/security/advisories/mfsa2017-18/
reference_id
reference_type
scores
url https://www.mozilla.org/security/advisories/mfsa2017-18/
3
reference_url http://www.securitytracker.com/id/1039124
reference_id
reference_type
scores
url http://www.securitytracker.com/id/1039124
4
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*
reference_id cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*
5
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*
reference_id cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*
6
reference_url https://nvd.nist.gov/vuln/detail/CVE-2017-7796
reference_id CVE-2017-7796
reference_type
scores
0
value 3.3
scoring_system cvssv2
scoring_elements AV:L/AC:M/Au:N/C:N/I:P/A:P
1
value 4.7
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:N
url https://nvd.nist.gov/vuln/detail/CVE-2017-7796
7
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2017-18
reference_id mfsa2017-18
reference_type
scores
0
value critical
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2017-18
fixed_packages
0
url pkg:deb/debian/firefox@150.0-1?distro=sid
purl pkg:deb/debian/firefox@150.0-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@150.0-1%3Fdistro=sid
1
url pkg:deb/debian/firefox@0?distro=sid
purl pkg:deb/debian/firefox@0?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@0%3Fdistro=sid
2
url pkg:deb/debian/firefox@149.0-1?distro=sid
purl pkg:deb/debian/firefox@149.0-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0-1%3Fdistro=sid
3
url pkg:deb/debian/firefox@149.0.2-1?distro=sid
purl pkg:deb/debian/firefox@149.0.2-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0.2-1%3Fdistro=sid
aliases CVE-2017-7796
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-q2t7-31ux-cyc6
175
url VCID-q4x5-dz5r-jqgr
vulnerability_id VCID-q4x5-dz5r-jqgr
summary 
Multiple vulnerabilities have been found in Mozilla Firefox and
    Thunderbird the worst of which could lead to the execution of arbitrary
    code.
references
0
reference_url http://rhn.redhat.com/errata/RHSA-2016-2946.html
reference_id
reference_type
scores
url http://rhn.redhat.com/errata/RHSA-2016-2946.html
1
reference_url http://rhn.redhat.com/errata/RHSA-2016-2973.html
reference_id
reference_type
scores
url http://rhn.redhat.com/errata/RHSA-2016-2973.html
2
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-9905.json
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-9905.json
3
reference_url https://api.first.org/data/v1/epss?cve=CVE-2016-9905
reference_id
reference_type
scores
0
value 0.01174
scoring_system epss
scoring_elements 0.78714
published_at 2026-04-21T12:55:00Z
1
value 0.01174
scoring_system epss
scoring_elements 0.78716
published_at 2026-04-11T12:55:00Z
2
value 0.01174
scoring_system epss
scoring_elements 0.78698
published_at 2026-04-12T12:55:00Z
3
value 0.01174
scoring_system epss
scoring_elements 0.7869
published_at 2026-04-13T12:55:00Z
4
value 0.01174
scoring_system epss
scoring_elements 0.78719
published_at 2026-04-16T12:55:00Z
5
value 0.01174
scoring_system epss
scoring_elements 0.78717
published_at 2026-04-18T12:55:00Z
6
value 0.01174
scoring_system epss
scoring_elements 0.78642
published_at 2026-04-01T12:55:00Z
7
value 0.01174
scoring_system epss
scoring_elements 0.78648
published_at 2026-04-02T12:55:00Z
8
value 0.01174
scoring_system epss
scoring_elements 0.78679
published_at 2026-04-04T12:55:00Z
9
value 0.01174
scoring_system epss
scoring_elements 0.78659
published_at 2026-04-07T12:55:00Z
10
value 0.01174
scoring_system epss
scoring_elements 0.78685
published_at 2026-04-08T12:55:00Z
11
value 0.01174
scoring_system epss
scoring_elements 0.78692
published_at 2026-04-09T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2016-9905
4
reference_url https://bugzilla.mozilla.org/show_bug.cgi?id=1293985
reference_id
reference_type
scores
url https://bugzilla.mozilla.org/show_bug.cgi?id=1293985
5
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9893
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9893
6
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9895
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9895
7
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9897
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9897
8
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9898
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9898
9
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9899
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9899
10
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9900
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9900
11
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9901
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9901
12
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9902
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9902
13
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9904
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9904
14
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9905
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9905
15
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 6.8
scoring_system cvssv2
scoring_elements AV:N/AC:M/Au:N/C:P/I:P/A:P
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
16
reference_url https://www.debian.org/security/2017/dsa-3757
reference_id
reference_type
scores
url https://www.debian.org/security/2017/dsa-3757
17
reference_url https://www.mozilla.org/security/advisories/mfsa2016-95/
reference_id
reference_type
scores
url https://www.mozilla.org/security/advisories/mfsa2016-95/
18
reference_url https://www.mozilla.org/security/advisories/mfsa2016-96/
reference_id
reference_type
scores
url https://www.mozilla.org/security/advisories/mfsa2016-96/
19
reference_url http://www.securityfocus.com/bid/94884
reference_id
reference_type
scores
url http://www.securityfocus.com/bid/94884
20
reference_url http://www.securitytracker.com/id/1037462
reference_id
reference_type
scores
url http://www.securitytracker.com/id/1037462
21
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1404094
reference_id 1404094
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1404094
22
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*
reference_id cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*
23
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*
reference_id cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*
24
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*
reference_id cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*
25
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:*:*:*:*:*:*:*
reference_id cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:*:*:*:*:*:*:*
26
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*
reference_id cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*
27
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*
reference_id cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*
28
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:5.0:*:*:*:*:*:*:*
reference_id cpe:2.3:o:redhat:enterprise_linux_server:5.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:5.0:*:*:*:*:*:*:*
29
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*
reference_id cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*
30
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*
reference_id cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*
31
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:*:*:*:*:*:*:*
reference_id cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:*:*:*:*:*:*:*
32
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*
reference_id cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*
33
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*
reference_id cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*
34
reference_url https://nvd.nist.gov/vuln/detail/CVE-2016-9905
reference_id CVE-2016-9905
reference_type
scores
0
value 6.8
scoring_system cvssv2
scoring_elements AV:N/AC:M/Au:N/C:P/I:P/A:P
1
value 8.8
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
url https://nvd.nist.gov/vuln/detail/CVE-2016-9905
35
reference_url https://security.gentoo.org/glsa/201701-15
reference_id GLSA-201701-15
reference_type
scores
url https://security.gentoo.org/glsa/201701-15
36
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2016-95
reference_id mfsa2016-95
reference_type
scores
0
value critical
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2016-95
37
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2016-96
reference_id mfsa2016-96
reference_type
scores
0
value critical
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2016-96
38
reference_url https://access.redhat.com/errata/RHSA-2016:2946
reference_id RHSA-2016:2946
reference_type
scores
url https://access.redhat.com/errata/RHSA-2016:2946
39
reference_url https://access.redhat.com/errata/RHSA-2016:2973
reference_id RHSA-2016:2973
reference_type
scores
url https://access.redhat.com/errata/RHSA-2016:2973
40
reference_url https://usn.ubuntu.com/3165-1/
reference_id USN-3165-1
reference_type
scores
url https://usn.ubuntu.com/3165-1/
fixed_packages
0
url pkg:deb/debian/firefox@150.0-1?distro=sid
purl pkg:deb/debian/firefox@150.0-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@150.0-1%3Fdistro=sid
1
url pkg:deb/debian/firefox@0?distro=sid
purl pkg:deb/debian/firefox@0?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@0%3Fdistro=sid
2
url pkg:deb/debian/firefox@149.0-1?distro=sid
purl pkg:deb/debian/firefox@149.0-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0-1%3Fdistro=sid
3
url pkg:deb/debian/firefox@149.0.2-1?distro=sid
purl pkg:deb/debian/firefox@149.0.2-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0.2-1%3Fdistro=sid
aliases CVE-2016-9905
risk_score 4.5
exploitability 0.5
weighted_severity 9.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-q4x5-dz5r-jqgr
176
url VCID-qb3k-wy5x-buh4
vulnerability_id VCID-qb3k-wy5x-buh4
summary Long hostnames in URLs could be leveraged to obscure the actual host of the website or spoof the website address
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2025-23109
reference_id
reference_type
scores
0
value 0.00652
scoring_system epss
scoring_elements 0.70911
published_at 2026-04-11T12:55:00Z
1
value 0.00652
scoring_system epss
scoring_elements 0.70836
published_at 2026-04-02T12:55:00Z
2
value 0.00652
scoring_system epss
scoring_elements 0.70854
published_at 2026-04-04T12:55:00Z
3
value 0.00652
scoring_system epss
scoring_elements 0.70829
published_at 2026-04-07T12:55:00Z
4
value 0.00652
scoring_system epss
scoring_elements 0.70872
published_at 2026-04-08T12:55:00Z
5
value 0.00652
scoring_system epss
scoring_elements 0.70888
published_at 2026-04-09T12:55:00Z
6
value 0.00884
scoring_system epss
scoring_elements 0.75466
published_at 2026-04-18T12:55:00Z
7
value 0.00884
scoring_system epss
scoring_elements 0.75461
published_at 2026-04-16T12:55:00Z
8
value 0.00884
scoring_system epss
scoring_elements 0.75419
published_at 2026-04-13T12:55:00Z
9
value 0.00884
scoring_system epss
scoring_elements 0.7543
published_at 2026-04-12T12:55:00Z
10
value 0.01136
scoring_system epss
scoring_elements 0.78403
published_at 2026-04-21T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2025-23109
1
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2025-06
reference_id mfsa2025-06
reference_type
scores
0
value none
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2025-06
2
reference_url https://www.mozilla.org/security/advisories/mfsa2025-06/
reference_id mfsa2025-06
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-13T17:38:40Z/
url https://www.mozilla.org/security/advisories/mfsa2025-06/
3
reference_url https://bugzilla.mozilla.org/show_bug.cgi?id=1419275
reference_id show_bug.cgi?id=1419275
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-13T17:38:40Z/
url https://bugzilla.mozilla.org/show_bug.cgi?id=1419275
fixed_packages
0
url pkg:deb/debian/firefox@150.0-1?distro=sid
purl pkg:deb/debian/firefox@150.0-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@150.0-1%3Fdistro=sid
1
url pkg:deb/debian/firefox@0?distro=sid
purl pkg:deb/debian/firefox@0?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@0%3Fdistro=sid
2
url pkg:deb/debian/firefox@149.0-1?distro=sid
purl pkg:deb/debian/firefox@149.0-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0-1%3Fdistro=sid
3
url pkg:deb/debian/firefox@149.0.2-1?distro=sid
purl pkg:deb/debian/firefox@149.0.2-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0.2-1%3Fdistro=sid
aliases CVE-2025-23109
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-qb3k-wy5x-buh4
177
url VCID-qewm-wn6h-b3f3
vulnerability_id VCID-qewm-wn6h-b3f3
summary OneCRL was non-functional in the new Firefox for Android due to a missing service initialization. This could result in a failure to enforce some certificate revocations.*Note: This issue only affected Firefox for Android. Other operating systems are unaffected.*
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2020-26957
reference_id
reference_type
scores
0
value 0.00178
scoring_system epss
scoring_elements 0.39281
published_at 2026-04-21T12:55:00Z
1
value 0.00178
scoring_system epss
scoring_elements 0.39208
published_at 2026-04-01T12:55:00Z
2
value 0.00178
scoring_system epss
scoring_elements 0.39381
published_at 2026-04-02T12:55:00Z
3
value 0.00178
scoring_system epss
scoring_elements 0.39405
published_at 2026-04-04T12:55:00Z
4
value 0.00178
scoring_system epss
scoring_elements 0.39319
published_at 2026-04-07T12:55:00Z
5
value 0.00178
scoring_system epss
scoring_elements 0.39374
published_at 2026-04-08T12:55:00Z
6
value 0.00178
scoring_system epss
scoring_elements 0.39391
published_at 2026-04-09T12:55:00Z
7
value 0.00178
scoring_system epss
scoring_elements 0.39402
published_at 2026-04-11T12:55:00Z
8
value 0.00178
scoring_system epss
scoring_elements 0.39363
published_at 2026-04-12T12:55:00Z
9
value 0.00178
scoring_system epss
scoring_elements 0.39344
published_at 2026-04-13T12:55:00Z
10
value 0.00178
scoring_system epss
scoring_elements 0.39396
published_at 2026-04-16T12:55:00Z
11
value 0.00178
scoring_system epss
scoring_elements 0.39368
published_at 2026-04-18T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2020-26957
1
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2020-50
reference_id mfsa2020-50
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2020-50
fixed_packages
0
url pkg:deb/debian/firefox@150.0-1?distro=sid
purl pkg:deb/debian/firefox@150.0-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@150.0-1%3Fdistro=sid
1
url pkg:deb/debian/firefox@0?distro=sid
purl pkg:deb/debian/firefox@0?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@0%3Fdistro=sid
2
url pkg:deb/debian/firefox@149.0-1?distro=sid
purl pkg:deb/debian/firefox@149.0-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0-1%3Fdistro=sid
3
url pkg:deb/debian/firefox@149.0.2-1?distro=sid
purl pkg:deb/debian/firefox@149.0.2-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0.2-1%3Fdistro=sid
aliases CVE-2020-26957
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-qewm-wn6h-b3f3
178
url VCID-qm3n-zmh9-afgy
vulnerability_id VCID-qm3n-zmh9-afgy
summary By triggering multiple pop-up prompts containing javascript: URLs, a malicious webpage could have forced a Firefox for Android user into executing attacker-controlled JavaScript in the context of another domain, resulting in a Universal Cross-Site Scripting vulnerability.*Note: This issue only affected Firefox for Android. Other operating systems are unaffected.*
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-29953.json
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-29953.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2021-29953
reference_id
reference_type
scores
0
value 0.00392
scoring_system epss
scoring_elements 0.60103
published_at 2026-04-01T12:55:00Z
1
value 0.00392
scoring_system epss
scoring_elements 0.60262
published_at 2026-04-21T12:55:00Z
2
value 0.00392
scoring_system epss
scoring_elements 0.60268
published_at 2026-04-16T12:55:00Z
3
value 0.00392
scoring_system epss
scoring_elements 0.60275
published_at 2026-04-18T12:55:00Z
4
value 0.00392
scoring_system epss
scoring_elements 0.6018
published_at 2026-04-02T12:55:00Z
5
value 0.00392
scoring_system epss
scoring_elements 0.60205
published_at 2026-04-04T12:55:00Z
6
value 0.00392
scoring_system epss
scoring_elements 0.60174
published_at 2026-04-07T12:55:00Z
7
value 0.00392
scoring_system epss
scoring_elements 0.60223
published_at 2026-04-08T12:55:00Z
8
value 0.00392
scoring_system epss
scoring_elements 0.60238
published_at 2026-04-09T12:55:00Z
9
value 0.00392
scoring_system epss
scoring_elements 0.60259
published_at 2026-04-11T12:55:00Z
10
value 0.00392
scoring_system epss
scoring_elements 0.60245
published_at 2026-04-12T12:55:00Z
11
value 0.00392
scoring_system epss
scoring_elements 0.60228
published_at 2026-04-13T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2021-29953
2
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1961493
reference_id 1961493
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1961493
3
reference_url https://security.archlinux.org/AVG-1918
reference_id AVG-1918
reference_type
scores
0
value Critical
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-1918
4
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2021-20
reference_id mfsa2021-20
reference_type
scores
0
value critical
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2021-20
fixed_packages
0
url pkg:deb/debian/firefox@150.0-1?distro=sid
purl pkg:deb/debian/firefox@150.0-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@150.0-1%3Fdistro=sid
1
url pkg:deb/debian/firefox@0?distro=sid
purl pkg:deb/debian/firefox@0?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@0%3Fdistro=sid
2
url pkg:deb/debian/firefox@149.0-1?distro=sid
purl pkg:deb/debian/firefox@149.0-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0-1%3Fdistro=sid
3
url pkg:deb/debian/firefox@149.0.2-1?distro=sid
purl pkg:deb/debian/firefox@149.0.2-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0.2-1%3Fdistro=sid
aliases CVE-2021-29953
risk_score 4.5
exploitability 0.5
weighted_severity 9.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-qm3n-zmh9-afgy
179
url VCID-qnk9-a332-dbfg
vulnerability_id VCID-qnk9-a332-dbfg
summary A crafted URL using a blob: URI could have hidden the true origin of the page, resulting in a potential spoofing attack.*Note: This issue only affected Android operating systems. Other operating systems are unaffected.*
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2025-8364
reference_id
reference_type
scores
0
value 0.00034
scoring_system epss
scoring_elements 0.10109
published_at 2026-04-21T12:55:00Z
1
value 0.00034
scoring_system epss
scoring_elements 0.10054
published_at 2026-04-02T12:55:00Z
2
value 0.00034
scoring_system epss
scoring_elements 0.10089
published_at 2026-04-08T12:55:00Z
3
value 0.00034
scoring_system epss
scoring_elements 0.10149
published_at 2026-04-09T12:55:00Z
4
value 0.00034
scoring_system epss
scoring_elements 0.10188
published_at 2026-04-11T12:55:00Z
5
value 0.00034
scoring_system epss
scoring_elements 0.10148
published_at 2026-04-12T12:55:00Z
6
value 0.00034
scoring_system epss
scoring_elements 0.10127
published_at 2026-04-13T12:55:00Z
7
value 0.00034
scoring_system epss
scoring_elements 0.1
published_at 2026-04-16T12:55:00Z
8
value 0.00034
scoring_system epss
scoring_elements 0.09977
published_at 2026-04-18T12:55:00Z
9
value 0.00034
scoring_system epss
scoring_elements 0.10114
published_at 2026-04-04T12:55:00Z
10
value 0.00034
scoring_system epss
scoring_elements 0.10012
published_at 2026-04-07T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2025-8364
1
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2025-56
reference_id mfsa2025-56
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2025-56
2
reference_url https://www.mozilla.org/security/advisories/mfsa2025-56/
reference_id mfsa2025-56
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-08-20T14:03:15Z/
url https://www.mozilla.org/security/advisories/mfsa2025-56/
3
reference_url https://bugzilla.mozilla.org/show_bug.cgi?id=1909609
reference_id show_bug.cgi?id=1909609
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-08-20T14:03:15Z/
url https://bugzilla.mozilla.org/show_bug.cgi?id=1909609
4
reference_url https://bugzilla.mozilla.org/show_bug.cgi?id=1969937
reference_id show_bug.cgi?id=1969937
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-08-20T14:03:15Z/
url https://bugzilla.mozilla.org/show_bug.cgi?id=1969937
fixed_packages
0
url pkg:deb/debian/firefox@150.0-1?distro=sid
purl pkg:deb/debian/firefox@150.0-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@150.0-1%3Fdistro=sid
1
url pkg:deb/debian/firefox@0?distro=sid
purl pkg:deb/debian/firefox@0?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@0%3Fdistro=sid
2
url pkg:deb/debian/firefox@149.0-1?distro=sid
purl pkg:deb/debian/firefox@149.0-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0-1%3Fdistro=sid
3
url pkg:deb/debian/firefox@149.0.2-1?distro=sid
purl pkg:deb/debian/firefox@149.0.2-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0.2-1%3Fdistro=sid
aliases CVE-2025-8364
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-qnk9-a332-dbfg
180
url VCID-qqxg-94u9-m7cm
vulnerability_id VCID-qqxg-94u9-m7cm
summary The cache directory on the local file system is set to be world writable. Firefox defaults to extracting libraries from this cache. This allows for the possibility of an installed malicious application or tools with write access to the file system to replace files used by Firefox with their own versions.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2017-5397
reference_id
reference_type
scores
0
value 0.00527
scoring_system epss
scoring_elements 0.67065
published_at 2026-04-21T12:55:00Z
1
value 0.00527
scoring_system epss
scoring_elements 0.66965
published_at 2026-04-01T12:55:00Z
2
value 0.00527
scoring_system epss
scoring_elements 0.67037
published_at 2026-04-13T12:55:00Z
3
value 0.00527
scoring_system epss
scoring_elements 0.6707
published_at 2026-04-16T12:55:00Z
4
value 0.00527
scoring_system epss
scoring_elements 0.67085
published_at 2026-04-18T12:55:00Z
5
value 0.00527
scoring_system epss
scoring_elements 0.67003
published_at 2026-04-02T12:55:00Z
6
value 0.00527
scoring_system epss
scoring_elements 0.67027
published_at 2026-04-04T12:55:00Z
7
value 0.00527
scoring_system epss
scoring_elements 0.67001
published_at 2026-04-07T12:55:00Z
8
value 0.00527
scoring_system epss
scoring_elements 0.67051
published_at 2026-04-08T12:55:00Z
9
value 0.00527
scoring_system epss
scoring_elements 0.67063
published_at 2026-04-09T12:55:00Z
10
value 0.00527
scoring_system epss
scoring_elements 0.67082
published_at 2026-04-11T12:55:00Z
11
value 0.00527
scoring_system epss
scoring_elements 0.67068
published_at 2026-04-12T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2017-5397
1
reference_url https://bugzilla.mozilla.org/show_bug.cgi?id=1337304
reference_id
reference_type
scores
url https://bugzilla.mozilla.org/show_bug.cgi?id=1337304
2
reference_url https://www.mozilla.org/security/advisories/mfsa2017-04/
reference_id
reference_type
scores
url https://www.mozilla.org/security/advisories/mfsa2017-04/
3
reference_url http://www.securityfocus.com/bid/96144
reference_id
reference_type
scores
url http://www.securityfocus.com/bid/96144
4
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*
reference_id cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*
5
reference_url https://nvd.nist.gov/vuln/detail/CVE-2017-5397
reference_id CVE-2017-5397
reference_type
scores
0
value 10.0
scoring_system cvssv2
scoring_elements AV:N/AC:L/Au:N/C:C/I:C/A:C
1
value 9.8
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
url https://nvd.nist.gov/vuln/detail/CVE-2017-5397
6
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2017-04
reference_id mfsa2017-04
reference_type
scores
0
value critical
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2017-04
fixed_packages
0
url pkg:deb/debian/firefox@150.0-1?distro=sid
purl pkg:deb/debian/firefox@150.0-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@150.0-1%3Fdistro=sid
1
url pkg:deb/debian/firefox@0?distro=sid
purl pkg:deb/debian/firefox@0?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@0%3Fdistro=sid
2
url pkg:deb/debian/firefox@149.0-1?distro=sid
purl pkg:deb/debian/firefox@149.0-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0-1%3Fdistro=sid
3
url pkg:deb/debian/firefox@149.0.2-1?distro=sid
purl pkg:deb/debian/firefox@149.0.2-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0.2-1%3Fdistro=sid
aliases CVE-2017-5397
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-qqxg-94u9-m7cm
181
url VCID-qrsj-pbnc-a7bt
vulnerability_id VCID-qrsj-pbnc-a7bt
summary A spoofing vulnerability can occur when a malicious site with an extremely long domain name is opened in an Android Custom Tab (a browser panel inside another app) and the default browser is Firefox for Android. This could allow an attacker to spoof which page is actually loaded and in use. *Note: this issue only affects Firefox for Android. Other versions and operating systems are unaffected.*
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2018-5138
reference_id
reference_type
scores
0
value 0.00807
scoring_system epss
scoring_elements 0.74217
published_at 2026-04-21T12:55:00Z
1
value 0.00807
scoring_system epss
scoring_elements 0.7413
published_at 2026-04-01T12:55:00Z
2
value 0.00807
scoring_system epss
scoring_elements 0.74178
published_at 2026-04-13T12:55:00Z
3
value 0.00807
scoring_system epss
scoring_elements 0.74216
published_at 2026-04-16T12:55:00Z
4
value 0.00807
scoring_system epss
scoring_elements 0.74225
published_at 2026-04-18T12:55:00Z
5
value 0.00807
scoring_system epss
scoring_elements 0.74135
published_at 2026-04-02T12:55:00Z
6
value 0.00807
scoring_system epss
scoring_elements 0.74161
published_at 2026-04-04T12:55:00Z
7
value 0.00807
scoring_system epss
scoring_elements 0.74133
published_at 2026-04-07T12:55:00Z
8
value 0.00807
scoring_system epss
scoring_elements 0.74166
published_at 2026-04-08T12:55:00Z
9
value 0.00807
scoring_system epss
scoring_elements 0.74181
published_at 2026-04-09T12:55:00Z
10
value 0.00807
scoring_system epss
scoring_elements 0.74202
published_at 2026-04-11T12:55:00Z
11
value 0.00807
scoring_system epss
scoring_elements 0.74185
published_at 2026-04-12T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2018-5138
1
reference_url https://bugzilla.mozilla.org/show_bug.cgi?id=1432624
reference_id
reference_type
scores
url https://bugzilla.mozilla.org/show_bug.cgi?id=1432624
2
reference_url https://www.mozilla.org/security/advisories/mfsa2018-06/
reference_id
reference_type
scores
url https://www.mozilla.org/security/advisories/mfsa2018-06/
3
reference_url http://www.securityfocus.com/bid/103386
reference_id
reference_type
scores
url http://www.securityfocus.com/bid/103386
4
reference_url http://www.securitytracker.com/id/1040514
reference_id
reference_type
scores
url http://www.securitytracker.com/id/1040514
5
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*
reference_id cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*
6
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:google:android:-:*:*:*:*:*:*:*
reference_id cpe:2.3:o:google:android:-:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:google:android:-:*:*:*:*:*:*:*
7
reference_url https://nvd.nist.gov/vuln/detail/CVE-2018-5138
reference_id CVE-2018-5138
reference_type
scores
0
value 5.0
scoring_system cvssv2
scoring_elements AV:N/AC:L/Au:N/C:N/I:P/A:N
1
value 5.3
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
url https://nvd.nist.gov/vuln/detail/CVE-2018-5138
8
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2018-06
reference_id mfsa2018-06
reference_type
scores
0
value critical
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2018-06
fixed_packages
0
url pkg:deb/debian/firefox@150.0-1?distro=sid
purl pkg:deb/debian/firefox@150.0-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@150.0-1%3Fdistro=sid
1
url pkg:deb/debian/firefox@0?distro=sid
purl pkg:deb/debian/firefox@0?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@0%3Fdistro=sid
2
url pkg:deb/debian/firefox@149.0-1?distro=sid
purl pkg:deb/debian/firefox@149.0-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0-1%3Fdistro=sid
3
url pkg:deb/debian/firefox@149.0.2-1?distro=sid
purl pkg:deb/debian/firefox@149.0.2-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0.2-1%3Fdistro=sid
aliases CVE-2018-5138
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-qrsj-pbnc-a7bt
182
url VCID-qu3v-meay-f3dh
vulnerability_id VCID-qu3v-meay-f3dh
summary Android apps can load web pages using the Custom Tabs feature. This feature supports a transition animation that could have been used to trick a user into granting sensitive permissions by hiding what the user was actually clicking.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-1939.json
reference_id
reference_type
scores
0
value 7.1
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:L/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-1939.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2025-1939
reference_id
reference_type
scores
0
value 0.00024
scoring_system epss
scoring_elements 0.06551
published_at 2026-04-02T12:55:00Z
1
value 0.00024
scoring_system epss
scoring_elements 0.06588
published_at 2026-04-04T12:55:00Z
2
value 0.00024
scoring_system epss
scoring_elements 0.06665
published_at 2026-04-09T12:55:00Z
3
value 0.00024
scoring_system epss
scoring_elements 0.06622
published_at 2026-04-08T12:55:00Z
4
value 0.00024
scoring_system epss
scoring_elements 0.06572
published_at 2026-04-07T12:55:00Z
5
value 0.00024
scoring_system epss
scoring_elements 0.06658
published_at 2026-04-11T12:55:00Z
6
value 0.00131
scoring_system epss
scoring_elements 0.32585
published_at 2026-04-21T12:55:00Z
7
value 0.00131
scoring_system epss
scoring_elements 0.32627
published_at 2026-04-12T12:55:00Z
8
value 0.00131
scoring_system epss
scoring_elements 0.32599
published_at 2026-04-13T12:55:00Z
9
value 0.00131
scoring_system epss
scoring_elements 0.32637
published_at 2026-04-16T12:55:00Z
10
value 0.00131
scoring_system epss
scoring_elements 0.32615
published_at 2026-04-18T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2025-1939
2
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2349798
reference_id 2349798
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2349798
3
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2025-14
reference_id mfsa2025-14
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2025-14
4
reference_url https://www.mozilla.org/security/advisories/mfsa2025-14/
reference_id mfsa2025-14
reference_type
scores
0
value 3.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-03-04T16:11:36Z/
url https://www.mozilla.org/security/advisories/mfsa2025-14/
5
reference_url https://bugzilla.mozilla.org/show_bug.cgi?id=1928334
reference_id show_bug.cgi?id=1928334
reference_type
scores
0
value 3.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-03-04T16:11:36Z/
url https://bugzilla.mozilla.org/show_bug.cgi?id=1928334
fixed_packages
0
url pkg:deb/debian/firefox@150.0-1?distro=sid
purl pkg:deb/debian/firefox@150.0-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@150.0-1%3Fdistro=sid
1
url pkg:deb/debian/firefox@0?distro=sid
purl pkg:deb/debian/firefox@0?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@0%3Fdistro=sid
2
url pkg:deb/debian/firefox@149.0-1?distro=sid
purl pkg:deb/debian/firefox@149.0-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0-1%3Fdistro=sid
3
url pkg:deb/debian/firefox@149.0.2-1?distro=sid
purl pkg:deb/debian/firefox@149.0.2-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0.2-1%3Fdistro=sid
aliases CVE-2025-1939
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-qu3v-meay-f3dh
183
url VCID-qu9b-rst3-v7fa
vulnerability_id VCID-qu9b-rst3-v7fa
summary 
Security researcher Frédéric Hoguin reported a mechanism where the
Mozilla Windows updater could be used to overwrite arbitrary files. He found that files
extracted by the updater from a MAR archive are not locked for writing and
can be overwritten by other processes while the updater is running. A malicious local
program could invoke the updater and then interfere with the extracted files, replacing
them with its own. This vulnerability could be used for privilege escalation if these
overwritten files were later invoked by other Windows components that had higher
privileges. 
This issue does not affect non-Windows operating systems.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2016-2826
reference_id
reference_type
scores
0
value 0.00053
scoring_system epss
scoring_elements 0.16615
published_at 2026-04-21T12:55:00Z
1
value 0.00053
scoring_system epss
scoring_elements 0.16589
published_at 2026-04-01T12:55:00Z
2
value 0.00053
scoring_system epss
scoring_elements 0.16688
published_at 2026-04-12T12:55:00Z
3
value 0.00053
scoring_system epss
scoring_elements 0.16631
published_at 2026-04-13T12:55:00Z
4
value 0.00053
scoring_system epss
scoring_elements 0.16568
published_at 2026-04-16T12:55:00Z
5
value 0.00053
scoring_system epss
scoring_elements 0.16576
published_at 2026-04-18T12:55:00Z
6
value 0.00053
scoring_system epss
scoring_elements 0.16769
published_at 2026-04-02T12:55:00Z
7
value 0.00053
scoring_system epss
scoring_elements 0.16826
published_at 2026-04-04T12:55:00Z
8
value 0.00053
scoring_system epss
scoring_elements 0.16612
published_at 2026-04-07T12:55:00Z
9
value 0.00053
scoring_system epss
scoring_elements 0.16697
published_at 2026-04-08T12:55:00Z
10
value 0.00053
scoring_system epss
scoring_elements 0.16751
published_at 2026-04-09T12:55:00Z
11
value 0.00053
scoring_system epss
scoring_elements 0.16731
published_at 2026-04-11T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2016-2826
1
reference_url https://bugzilla.mozilla.org/show_bug.cgi?id=1237219
reference_id
reference_type
scores
url https://bugzilla.mozilla.org/show_bug.cgi?id=1237219
2
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 4.1
scoring_system cvssv2
scoring_elements AV:L/AC:M/Au:S/C:P/I:P/A:P
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
3
reference_url http://www.mozilla.org/security/announce/2016/mfsa2016-55.html
reference_id
reference_type
scores
url http://www.mozilla.org/security/announce/2016/mfsa2016-55.html
4
reference_url http://www.securityfocus.com/bid/91075
reference_id
reference_type
scores
url http://www.securityfocus.com/bid/91075
5
reference_url http://www.securitytracker.com/id/1036057
reference_id
reference_type
scores
url http://www.securitytracker.com/id/1036057
6
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*
reference_id cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*
7
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:45.1.0:*:*:*:*:*:*:*
reference_id cpe:2.3:a:mozilla:firefox:45.1.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:45.1.0:*:*:*:*:*:*:*
8
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:45.1.1:*:*:*:*:*:*:*
reference_id cpe:2.3:a:mozilla:firefox:45.1.1:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:45.1.1:*:*:*:*:*:*:*
9
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*
reference_id cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*
10
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2826
reference_id CVE-2016-2826
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2826
11
reference_url https://nvd.nist.gov/vuln/detail/CVE-2016-2826
reference_id CVE-2016-2826
reference_type
scores
0
value 7.2
scoring_system cvssv2
scoring_elements AV:L/AC:L/Au:N/C:C/I:C/A:C
1
value 7.8
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
url https://nvd.nist.gov/vuln/detail/CVE-2016-2826
12
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2016-55
reference_id mfsa2016-55
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2016-55
fixed_packages
0
url pkg:deb/debian/firefox@150.0-1?distro=sid
purl pkg:deb/debian/firefox@150.0-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@150.0-1%3Fdistro=sid
1
url pkg:deb/debian/firefox@0?distro=sid
purl pkg:deb/debian/firefox@0?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@0%3Fdistro=sid
2
url pkg:deb/debian/firefox@149.0-1?distro=sid
purl pkg:deb/debian/firefox@149.0-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0-1%3Fdistro=sid
3
url pkg:deb/debian/firefox@149.0.2-1?distro=sid
purl pkg:deb/debian/firefox@149.0.2-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0.2-1%3Fdistro=sid
aliases CVE-2016-2826
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-qu9b-rst3-v7fa
184
url VCID-qw5k-tgdz-vkcw
vulnerability_id VCID-qw5k-tgdz-vkcw
summary The Mozilla Windows updater can be called by a non-privileged user to delete an arbitrary local file by passing a special path to the callback parameter through the Mozilla Maintenance Service, which has privileged access. *Note: This attack requires local system access and only affects Windows. Other operating systems are not affected.*
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2017-5409
reference_id
reference_type
scores
0
value 0.00109
scoring_system epss
scoring_elements 0.29143
published_at 2026-04-21T12:55:00Z
1
value 0.00109
scoring_system epss
scoring_elements 0.29285
published_at 2026-04-11T12:55:00Z
2
value 0.00109
scoring_system epss
scoring_elements 0.29238
published_at 2026-04-12T12:55:00Z
3
value 0.00109
scoring_system epss
scoring_elements 0.29186
published_at 2026-04-13T12:55:00Z
4
value 0.00109
scoring_system epss
scoring_elements 0.29213
published_at 2026-04-16T12:55:00Z
5
value 0.00109
scoring_system epss
scoring_elements 0.29188
published_at 2026-04-18T12:55:00Z
6
value 0.00109
scoring_system epss
scoring_elements 0.2924
published_at 2026-04-01T12:55:00Z
7
value 0.00109
scoring_system epss
scoring_elements 0.29314
published_at 2026-04-02T12:55:00Z
8
value 0.00109
scoring_system epss
scoring_elements 0.29362
published_at 2026-04-04T12:55:00Z
9
value 0.00109
scoring_system epss
scoring_elements 0.29175
published_at 2026-04-07T12:55:00Z
10
value 0.00109
scoring_system epss
scoring_elements 0.29239
published_at 2026-04-08T12:55:00Z
11
value 0.00109
scoring_system epss
scoring_elements 0.29279
published_at 2026-04-09T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2017-5409
1
reference_url https://bugzilla.mozilla.org/show_bug.cgi?id=1321814
reference_id
reference_type
scores
url https://bugzilla.mozilla.org/show_bug.cgi?id=1321814
2
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 1.5
scoring_system cvssv2
scoring_elements AV:L/AC:M/Au:S/C:N/I:P/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
3
reference_url https://www.mozilla.org/security/advisories/mfsa2017-05/
reference_id
reference_type
scores
url https://www.mozilla.org/security/advisories/mfsa2017-05/
4
reference_url https://www.mozilla.org/security/advisories/mfsa2017-06/
reference_id
reference_type
scores
url https://www.mozilla.org/security/advisories/mfsa2017-06/
5
reference_url http://www.securityfocus.com/bid/96696
reference_id
reference_type
scores
url http://www.securityfocus.com/bid/96696
6
reference_url http://www.securitytracker.com/id/1037966
reference_id
reference_type
scores
url http://www.securitytracker.com/id/1037966
7
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*
reference_id cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*
8
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*
reference_id cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*
9
reference_url https://nvd.nist.gov/vuln/detail/CVE-2017-5409
reference_id CVE-2017-5409
reference_type
scores
0
value 3.6
scoring_system cvssv2
scoring_elements AV:L/AC:L/Au:N/C:N/I:P/A:P
1
value 5.5
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N
url https://nvd.nist.gov/vuln/detail/CVE-2017-5409
10
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2017-05
reference_id mfsa2017-05
reference_type
scores
0
value critical
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2017-05
11
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2017-06
reference_id mfsa2017-06
reference_type
scores
0
value critical
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2017-06
fixed_packages
0
url pkg:deb/debian/firefox@150.0-1?distro=sid
purl pkg:deb/debian/firefox@150.0-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@150.0-1%3Fdistro=sid
1
url pkg:deb/debian/firefox@0?distro=sid
purl pkg:deb/debian/firefox@0?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@0%3Fdistro=sid
2
url pkg:deb/debian/firefox@149.0-1?distro=sid
purl pkg:deb/debian/firefox@149.0-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0-1%3Fdistro=sid
3
url pkg:deb/debian/firefox@149.0.2-1?distro=sid
purl pkg:deb/debian/firefox@149.0.2-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0.2-1%3Fdistro=sid
aliases CVE-2017-5409
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-qw5k-tgdz-vkcw
185
url VCID-r5rm-yv4h-4kc3
vulnerability_id VCID-r5rm-yv4h-4kc3
summary Information disclosure due to uninitialized memory in Firefox and Firefox Focus for Android. This vulnerability affects Firefox < 148.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-2794.json
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-2794.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-2794
reference_id
reference_type
scores
0
value 0.00038
scoring_system epss
scoring_elements 0.11536
published_at 2026-04-21T12:55:00Z
1
value 0.00038
scoring_system epss
scoring_elements 0.11544
published_at 2026-04-08T12:55:00Z
2
value 0.00038
scoring_system epss
scoring_elements 0.11604
published_at 2026-04-09T12:55:00Z
3
value 0.00038
scoring_system epss
scoring_elements 0.11614
published_at 2026-04-11T12:55:00Z
4
value 0.00038
scoring_system epss
scoring_elements 0.11578
published_at 2026-04-12T12:55:00Z
5
value 0.00038
scoring_system epss
scoring_elements 0.11552
published_at 2026-04-13T12:55:00Z
6
value 0.00038
scoring_system epss
scoring_elements 0.11413
published_at 2026-04-18T12:55:00Z
7
value 0.00038
scoring_system epss
scoring_elements 0.11615
published_at 2026-04-02T12:55:00Z
8
value 0.00038
scoring_system epss
scoring_elements 0.11672
published_at 2026-04-04T12:55:00Z
9
value 0.00038
scoring_system epss
scoring_elements 0.11459
published_at 2026-04-07T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-2794
2
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
3
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2442286
reference_id 2442286
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2442286
4
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-13
reference_id mfsa2026-13
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-13
5
reference_url https://www.mozilla.org/security/advisories/mfsa2026-13/
reference_id mfsa2026-13
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-02-26T20:18:03Z/
url https://www.mozilla.org/security/advisories/mfsa2026-13/
6
reference_url https://bugzilla.mozilla.org/show_bug.cgi?id=2008365
reference_id show_bug.cgi?id=2008365
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-02-26T20:18:03Z/
url https://bugzilla.mozilla.org/show_bug.cgi?id=2008365
fixed_packages
0
url pkg:deb/debian/firefox@150.0-1?distro=sid
purl pkg:deb/debian/firefox@150.0-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@150.0-1%3Fdistro=sid
1
url pkg:deb/debian/firefox@0?distro=sid
purl pkg:deb/debian/firefox@0?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@0%3Fdistro=sid
2
url pkg:deb/debian/firefox@149.0-1?distro=sid
purl pkg:deb/debian/firefox@149.0-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0-1%3Fdistro=sid
3
url pkg:deb/debian/firefox@149.0.2-1?distro=sid
purl pkg:deb/debian/firefox@149.0.2-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0.2-1%3Fdistro=sid
aliases CVE-2026-2794
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-r5rm-yv4h-4kc3
186
url VCID-rakk-h5vn-kbaw
vulnerability_id VCID-rakk-h5vn-kbaw
summary 
Given an installed malicious file picker application, an attacker was able to steal and upload local files of their choosing, regardless of the actually files picked.
*Note: This issue only affected Firefox for Android. Other operating systems are unaffected.*
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-15649.json
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-15649.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2020-15649
reference_id
reference_type
scores
0
value 0.00243
scoring_system epss
scoring_elements 0.47465
published_at 2026-04-07T12:55:00Z
1
value 0.00243
scoring_system epss
scoring_elements 0.47495
published_at 2026-04-02T12:55:00Z
2
value 0.00243
scoring_system epss
scoring_elements 0.47516
published_at 2026-04-09T12:55:00Z
3
value 0.00243
scoring_system epss
scoring_elements 0.47519
published_at 2026-04-08T12:55:00Z
4
value 0.00243
scoring_system epss
scoring_elements 0.47538
published_at 2026-04-11T12:55:00Z
5
value 0.00243
scoring_system epss
scoring_elements 0.47514
published_at 2026-04-12T12:55:00Z
6
value 0.00243
scoring_system epss
scoring_elements 0.47522
published_at 2026-04-13T12:55:00Z
7
value 0.00243
scoring_system epss
scoring_elements 0.47581
published_at 2026-04-16T12:55:00Z
8
value 0.00243
scoring_system epss
scoring_elements 0.47574
published_at 2026-04-18T12:55:00Z
9
value 0.00243
scoring_system epss
scoring_elements 0.47525
published_at 2026-04-21T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2020-15649
2
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1870408
reference_id 1870408
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1870408
3
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2020-31
reference_id mfsa2020-31
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2020-31
fixed_packages
0
url pkg:deb/debian/firefox@150.0-1?distro=sid
purl pkg:deb/debian/firefox@150.0-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@150.0-1%3Fdistro=sid
1
url pkg:deb/debian/firefox@0?distro=sid
purl pkg:deb/debian/firefox@0?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@0%3Fdistro=sid
2
url pkg:deb/debian/firefox@149.0-1?distro=sid
purl pkg:deb/debian/firefox@149.0-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0-1%3Fdistro=sid
3
url pkg:deb/debian/firefox@149.0.2-1?distro=sid
purl pkg:deb/debian/firefox@149.0.2-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0.2-1%3Fdistro=sid
aliases CVE-2020-15649
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-rakk-h5vn-kbaw
187
url VCID-rpu7-by29-4fc5
vulnerability_id VCID-rpu7-by29-4fc5
summary Under certain circumstances, navigating to a webpage would result in the address missing from the location URL bar, making it unclear what the URL was for the loaded webpage.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2024-53976
reference_id
reference_type
scores
0
value 0.00175
scoring_system epss
scoring_elements 0.38964
published_at 2026-04-09T12:55:00Z
1
value 0.00175
scoring_system epss
scoring_elements 0.38958
published_at 2026-04-16T12:55:00Z
2
value 0.00175
scoring_system epss
scoring_elements 0.38911
published_at 2026-04-13T12:55:00Z
3
value 0.00175
scoring_system epss
scoring_elements 0.38938
published_at 2026-04-12T12:55:00Z
4
value 0.00175
scoring_system epss
scoring_elements 0.38975
published_at 2026-04-11T12:55:00Z
5
value 0.00175
scoring_system epss
scoring_elements 0.38947
published_at 2026-04-02T12:55:00Z
6
value 0.00175
scoring_system epss
scoring_elements 0.38967
published_at 2026-04-04T12:55:00Z
7
value 0.00175
scoring_system epss
scoring_elements 0.38897
published_at 2026-04-07T12:55:00Z
8
value 0.00175
scoring_system epss
scoring_elements 0.3895
published_at 2026-04-08T12:55:00Z
9
value 0.00237
scoring_system epss
scoring_elements 0.46844
published_at 2026-04-21T12:55:00Z
10
value 0.00237
scoring_system epss
scoring_elements 0.46895
published_at 2026-04-18T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2024-53976
1
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2024-66
reference_id mfsa2024-66
reference_type
scores
0
value none
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2024-66
2
reference_url https://www.mozilla.org/security/advisories/mfsa2024-66/
reference_id mfsa2024-66
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-11-26T15:28:46Z/
url https://www.mozilla.org/security/advisories/mfsa2024-66/
3
reference_url https://bugzilla.mozilla.org/show_bug.cgi?id=1905749
reference_id show_bug.cgi?id=1905749
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-11-26T15:28:46Z/
url https://bugzilla.mozilla.org/show_bug.cgi?id=1905749
fixed_packages
0
url pkg:deb/debian/firefox@150.0-1?distro=sid
purl pkg:deb/debian/firefox@150.0-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@150.0-1%3Fdistro=sid
1
url pkg:deb/debian/firefox@0?distro=sid
purl pkg:deb/debian/firefox@0?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@0%3Fdistro=sid
2
url pkg:deb/debian/firefox@149.0-1?distro=sid
purl pkg:deb/debian/firefox@149.0-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0-1%3Fdistro=sid
3
url pkg:deb/debian/firefox@149.0.2-1?distro=sid
purl pkg:deb/debian/firefox@149.0.2-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0.2-1%3Fdistro=sid
aliases CVE-2024-53976
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-rpu7-by29-4fc5
188
url VCID-rr5w-77jr-uygh
vulnerability_id VCID-rr5w-77jr-uygh
summary During startup, a graphics driver with an unexpected name could lead to a stack-buffer overflow causing a potentially exploitable crash.*This issue only affects Firefox for Android. Other operating systems are not affected.*
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2022-40961
reference_id
reference_type
scores
0
value 0.00399
scoring_system epss
scoring_elements 0.60677
published_at 2026-04-21T12:55:00Z
1
value 0.00399
scoring_system epss
scoring_elements 0.6059
published_at 2026-04-07T12:55:00Z
2
value 0.00399
scoring_system epss
scoring_elements 0.60678
published_at 2026-04-11T12:55:00Z
3
value 0.00399
scoring_system epss
scoring_elements 0.60663
published_at 2026-04-12T12:55:00Z
4
value 0.00399
scoring_system epss
scoring_elements 0.60642
published_at 2026-04-13T12:55:00Z
5
value 0.00399
scoring_system epss
scoring_elements 0.60685
published_at 2026-04-16T12:55:00Z
6
value 0.00399
scoring_system epss
scoring_elements 0.60691
published_at 2026-04-18T12:55:00Z
7
value 0.00399
scoring_system epss
scoring_elements 0.6062
published_at 2026-04-04T12:55:00Z
8
value 0.00399
scoring_system epss
scoring_elements 0.60638
published_at 2026-04-08T12:55:00Z
9
value 0.00399
scoring_system epss
scoring_elements 0.60654
published_at 2026-04-09T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2022-40961
1
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2022-40
reference_id mfsa2022-40
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2022-40
2
reference_url https://www.mozilla.org/security/advisories/mfsa2022-40/
reference_id mfsa2022-40
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-15T14:49:54Z/
url https://www.mozilla.org/security/advisories/mfsa2022-40/
3
reference_url https://bugzilla.mozilla.org/show_bug.cgi?id=1784588
reference_id show_bug.cgi?id=1784588
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-15T14:49:54Z/
url https://bugzilla.mozilla.org/show_bug.cgi?id=1784588
fixed_packages
0
url pkg:deb/debian/firefox@150.0-1?distro=sid
purl pkg:deb/debian/firefox@150.0-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@150.0-1%3Fdistro=sid
1
url pkg:deb/debian/firefox@0?distro=sid
purl pkg:deb/debian/firefox@0?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@0%3Fdistro=sid
2
url pkg:deb/debian/firefox@149.0-1?distro=sid
purl pkg:deb/debian/firefox@149.0-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0-1%3Fdistro=sid
3
url pkg:deb/debian/firefox@149.0.2-1?distro=sid
purl pkg:deb/debian/firefox@149.0.2-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0.2-1%3Fdistro=sid
aliases CVE-2022-40961
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-rr5w-77jr-uygh
189
url VCID-rsy6-acfe-ffb5
vulnerability_id VCID-rsy6-acfe-ffb5
summary The constructed curl command from the "Copy as curl" feature in DevTools was not properly escaped for PowerShell. This could have lead to command injection if pasted into a Powershell prompt.*This bug only affects Firefox for Windows. Other operating systems are unaffected.*
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-22744.json
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-22744.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2022-22744
reference_id
reference_type
scores
0
value 0.00443
scoring_system epss
scoring_elements 0.63349
published_at 2026-04-21T12:55:00Z
1
value 0.00443
scoring_system epss
scoring_elements 0.63371
published_at 2026-04-18T12:55:00Z
2
value 0.00443
scoring_system epss
scoring_elements 0.63302
published_at 2026-04-02T12:55:00Z
3
value 0.00443
scoring_system epss
scoring_elements 0.63363
published_at 2026-04-16T12:55:00Z
4
value 0.00443
scoring_system epss
scoring_elements 0.63329
published_at 2026-04-13T12:55:00Z
5
value 0.00443
scoring_system epss
scoring_elements 0.63382
published_at 2026-04-11T12:55:00Z
6
value 0.00443
scoring_system epss
scoring_elements 0.63365
published_at 2026-04-12T12:55:00Z
7
value 0.00443
scoring_system epss
scoring_elements 0.63347
published_at 2026-04-08T12:55:00Z
8
value 0.00443
scoring_system epss
scoring_elements 0.6333
published_at 2026-04-04T12:55:00Z
9
value 0.00443
scoring_system epss
scoring_elements 0.63296
published_at 2026-04-07T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2022-22744
2
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2039571
reference_id 2039571
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2039571
3
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2022-01
reference_id mfsa2022-01
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2022-01
4
reference_url https://www.mozilla.org/security/advisories/mfsa2022-01/
reference_id mfsa2022-01
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-16T15:10:40Z/
url https://www.mozilla.org/security/advisories/mfsa2022-01/
5
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2022-02
reference_id mfsa2022-02
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2022-02
6
reference_url https://www.mozilla.org/security/advisories/mfsa2022-02/
reference_id mfsa2022-02
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-16T15:10:40Z/
url https://www.mozilla.org/security/advisories/mfsa2022-02/
7
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2022-03
reference_id mfsa2022-03
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2022-03
8
reference_url https://www.mozilla.org/security/advisories/mfsa2022-03/
reference_id mfsa2022-03
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-16T15:10:40Z/
url https://www.mozilla.org/security/advisories/mfsa2022-03/
9
reference_url https://bugzilla.mozilla.org/show_bug.cgi?id=1737252
reference_id show_bug.cgi?id=1737252
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-16T15:10:40Z/
url https://bugzilla.mozilla.org/show_bug.cgi?id=1737252
fixed_packages
0
url pkg:deb/debian/firefox@150.0-1?distro=sid
purl pkg:deb/debian/firefox@150.0-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@150.0-1%3Fdistro=sid
1
url pkg:deb/debian/firefox@0?distro=sid
purl pkg:deb/debian/firefox@0?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@0%3Fdistro=sid
2
url pkg:deb/debian/firefox@149.0-1?distro=sid
purl pkg:deb/debian/firefox@149.0-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0-1%3Fdistro=sid
3
url pkg:deb/debian/firefox@149.0.2-1?distro=sid
purl pkg:deb/debian/firefox@149.0.2-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0.2-1%3Fdistro=sid
aliases CVE-2022-22744
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-rsy6-acfe-ffb5
190
url VCID-rwu8-zz41-1kav
vulnerability_id VCID-rwu8-zz41-1kav
summary Weak proxy objects have weak references on multiple threads when they should only have them on one, resulting in incorrect memory usage and corruption, which leads to potentially exploitable crashes. *Note: This issue only affects Firefox for Android. Other operating systems are not affected.*
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2017-5392
reference_id
reference_type
scores
0
value 0.01847
scoring_system epss
scoring_elements 0.83024
published_at 2026-04-21T12:55:00Z
1
value 0.01847
scoring_system epss
scoring_elements 0.82917
published_at 2026-04-01T12:55:00Z
2
value 0.01847
scoring_system epss
scoring_elements 0.82985
published_at 2026-04-12T12:55:00Z
3
value 0.01847
scoring_system epss
scoring_elements 0.82981
published_at 2026-04-13T12:55:00Z
4
value 0.01847
scoring_system epss
scoring_elements 0.8302
published_at 2026-04-18T12:55:00Z
5
value 0.01847
scoring_system epss
scoring_elements 0.82934
published_at 2026-04-02T12:55:00Z
6
value 0.01847
scoring_system epss
scoring_elements 0.82946
published_at 2026-04-04T12:55:00Z
7
value 0.01847
scoring_system epss
scoring_elements 0.82943
published_at 2026-04-07T12:55:00Z
8
value 0.01847
scoring_system epss
scoring_elements 0.82968
published_at 2026-04-08T12:55:00Z
9
value 0.01847
scoring_system epss
scoring_elements 0.82975
published_at 2026-04-09T12:55:00Z
10
value 0.01847
scoring_system epss
scoring_elements 0.82991
published_at 2026-04-11T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2017-5392
1
reference_url https://bugzilla.mozilla.org/show_bug.cgi?id=1293709
reference_id
reference_type
scores
url https://bugzilla.mozilla.org/show_bug.cgi?id=1293709
2
reference_url https://www.mozilla.org/security/advisories/mfsa2017-01/
reference_id
reference_type
scores
url https://www.mozilla.org/security/advisories/mfsa2017-01/
3
reference_url http://www.securityfocus.com/bid/95763
reference_id
reference_type
scores
url http://www.securityfocus.com/bid/95763
4
reference_url http://www.securitytracker.com/id/1037693
reference_id
reference_type
scores
url http://www.securitytracker.com/id/1037693
5
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*
reference_id cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*
6
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:google:android:-:*:*:*:*:*:*:*
reference_id cpe:2.3:o:google:android:-:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:google:android:-:*:*:*:*:*:*:*
7
reference_url https://nvd.nist.gov/vuln/detail/CVE-2017-5392
reference_id CVE-2017-5392
reference_type
scores
0
value 7.5
scoring_system cvssv2
scoring_elements AV:N/AC:L/Au:N/C:P/I:P/A:P
1
value 9.8
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
url https://nvd.nist.gov/vuln/detail/CVE-2017-5392
8
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2017-01
reference_id mfsa2017-01
reference_type
scores
0
value critical
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2017-01
fixed_packages
0
url pkg:deb/debian/firefox@150.0-1?distro=sid
purl pkg:deb/debian/firefox@150.0-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@150.0-1%3Fdistro=sid
1
url pkg:deb/debian/firefox@0?distro=sid
purl pkg:deb/debian/firefox@0?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@0%3Fdistro=sid
2
url pkg:deb/debian/firefox@149.0-1?distro=sid
purl pkg:deb/debian/firefox@149.0-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0-1%3Fdistro=sid
3
url pkg:deb/debian/firefox@149.0.2-1?distro=sid
purl pkg:deb/debian/firefox@149.0.2-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0.2-1%3Fdistro=sid
aliases CVE-2017-5392
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-rwu8-zz41-1kav
191
url VCID-s3kc-mhdz-nkeh
vulnerability_id VCID-s3kc-mhdz-nkeh
summary Multiple vulnerabilities have been discovered in Mozilla Thunderbird, the worst of which could result in arbitrary code execution.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-25743.json
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-25743.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2023-25743
reference_id
reference_type
scores
0
value 0.00084
scoring_system epss
scoring_elements 0.2464
published_at 2026-04-02T12:55:00Z
1
value 0.00084
scoring_system epss
scoring_elements 0.24463
published_at 2026-04-21T12:55:00Z
2
value 0.00084
scoring_system epss
scoring_elements 0.24534
published_at 2026-04-12T12:55:00Z
3
value 0.00084
scoring_system epss
scoring_elements 0.2448
published_at 2026-04-13T12:55:00Z
4
value 0.00084
scoring_system epss
scoring_elements 0.24494
published_at 2026-04-16T12:55:00Z
5
value 0.00084
scoring_system epss
scoring_elements 0.24488
published_at 2026-04-18T12:55:00Z
6
value 0.00084
scoring_system epss
scoring_elements 0.24677
published_at 2026-04-04T12:55:00Z
7
value 0.00084
scoring_system epss
scoring_elements 0.2445
published_at 2026-04-07T12:55:00Z
8
value 0.00084
scoring_system epss
scoring_elements 0.24518
published_at 2026-04-08T12:55:00Z
9
value 0.00084
scoring_system epss
scoring_elements 0.24562
published_at 2026-04-09T12:55:00Z
10
value 0.00084
scoring_system epss
scoring_elements 0.24578
published_at 2026-04-11T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2023-25743
2
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2170376
reference_id 2170376
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2170376
3
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2023-05
reference_id mfsa2023-05
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2023-05
4
reference_url https://www.mozilla.org/security/advisories/mfsa2023-05/
reference_id mfsa2023-05
reference_type
scores
0
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-01-09T16:12:53Z/
url https://www.mozilla.org/security/advisories/mfsa2023-05/
5
reference_url https://www.mozilla.org/security/advisories/mfsa2023-06/
reference_id mfsa2023-06
reference_type
scores
0
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-01-09T16:12:53Z/
url https://www.mozilla.org/security/advisories/mfsa2023-06/
6
reference_url https://access.redhat.com/errata/RHSA-2023:0805
reference_id RHSA-2023:0805
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:0805
7
reference_url https://access.redhat.com/errata/RHSA-2023:0806
reference_id RHSA-2023:0806
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:0806
8
reference_url https://access.redhat.com/errata/RHSA-2023:0807
reference_id RHSA-2023:0807
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:0807
9
reference_url https://access.redhat.com/errata/RHSA-2023:0808
reference_id RHSA-2023:0808
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:0808
10
reference_url https://access.redhat.com/errata/RHSA-2023:0809
reference_id RHSA-2023:0809
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:0809
11
reference_url https://access.redhat.com/errata/RHSA-2023:0810
reference_id RHSA-2023:0810
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:0810
12
reference_url https://access.redhat.com/errata/RHSA-2023:0811
reference_id RHSA-2023:0811
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:0811
13
reference_url https://access.redhat.com/errata/RHSA-2023:0812
reference_id RHSA-2023:0812
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:0812
14
reference_url https://access.redhat.com/errata/RHSA-2023:0817
reference_id RHSA-2023:0817
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:0817
15
reference_url https://access.redhat.com/errata/RHSA-2023:0818
reference_id RHSA-2023:0818
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:0818
16
reference_url https://access.redhat.com/errata/RHSA-2023:0819
reference_id RHSA-2023:0819
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:0819
17
reference_url https://access.redhat.com/errata/RHSA-2023:0820
reference_id RHSA-2023:0820
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:0820
18
reference_url https://access.redhat.com/errata/RHSA-2023:0821
reference_id RHSA-2023:0821
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:0821
19
reference_url https://access.redhat.com/errata/RHSA-2023:0822
reference_id RHSA-2023:0822
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:0822
20
reference_url https://access.redhat.com/errata/RHSA-2023:0823
reference_id RHSA-2023:0823
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:0823
21
reference_url https://access.redhat.com/errata/RHSA-2023:0824
reference_id RHSA-2023:0824
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:0824
22
reference_url https://bugzilla.mozilla.org/show_bug.cgi?id=1800203
reference_id show_bug.cgi?id=1800203
reference_type
scores
0
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-01-09T16:12:53Z/
url https://bugzilla.mozilla.org/show_bug.cgi?id=1800203
fixed_packages
0
url pkg:deb/debian/firefox@150.0-1?distro=sid
purl pkg:deb/debian/firefox@150.0-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@150.0-1%3Fdistro=sid
1
url pkg:deb/debian/firefox@0?distro=sid
purl pkg:deb/debian/firefox@0?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@0%3Fdistro=sid
2
url pkg:deb/debian/firefox@149.0-1?distro=sid
purl pkg:deb/debian/firefox@149.0-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0-1%3Fdistro=sid
3
url pkg:deb/debian/firefox@149.0.2-1?distro=sid
purl pkg:deb/debian/firefox@149.0.2-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0.2-1%3Fdistro=sid
aliases CVE-2023-25743
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-s3kc-mhdz-nkeh
192
url VCID-s7rc-xagh-w3av
vulnerability_id VCID-s7rc-xagh-w3av
summary Multiple vulnerabilities have been discovered in Mozilla Firefox, the worst of which could result in arbitrary code execution.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2023-28159
reference_id
reference_type
scores
0
value 0.00168
scoring_system epss
scoring_elements 0.37913
published_at 2026-04-21T12:55:00Z
1
value 0.00168
scoring_system epss
scoring_elements 0.38028
published_at 2026-04-02T12:55:00Z
2
value 0.00168
scoring_system epss
scoring_elements 0.38011
published_at 2026-04-11T12:55:00Z
3
value 0.00168
scoring_system epss
scoring_elements 0.37974
published_at 2026-04-12T12:55:00Z
4
value 0.00168
scoring_system epss
scoring_elements 0.3795
published_at 2026-04-13T12:55:00Z
5
value 0.00168
scoring_system epss
scoring_elements 0.37995
published_at 2026-04-16T12:55:00Z
6
value 0.00168
scoring_system epss
scoring_elements 0.37975
published_at 2026-04-18T12:55:00Z
7
value 0.00168
scoring_system epss
scoring_elements 0.38054
published_at 2026-04-04T12:55:00Z
8
value 0.00168
scoring_system epss
scoring_elements 0.37933
published_at 2026-04-07T12:55:00Z
9
value 0.00168
scoring_system epss
scoring_elements 0.37983
published_at 2026-04-08T12:55:00Z
10
value 0.00168
scoring_system epss
scoring_elements 0.37994
published_at 2026-04-09T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2023-28159
1
reference_url https://security.gentoo.org/glsa/202305-35
reference_id GLSA-202305-35
reference_type
scores
url https://security.gentoo.org/glsa/202305-35
2
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2023-09
reference_id mfsa2023-09
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2023-09
3
reference_url https://www.mozilla.org/security/advisories/mfsa2023-09/
reference_id mfsa2023-09
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-09T16:42:14Z/
url https://www.mozilla.org/security/advisories/mfsa2023-09/
4
reference_url https://bugzilla.mozilla.org/show_bug.cgi?id=1783561
reference_id show_bug.cgi?id=1783561
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-09T16:42:14Z/
url https://bugzilla.mozilla.org/show_bug.cgi?id=1783561
fixed_packages
0
url pkg:deb/debian/firefox@150.0-1?distro=sid
purl pkg:deb/debian/firefox@150.0-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@150.0-1%3Fdistro=sid
1
url pkg:deb/debian/firefox@0?distro=sid
purl pkg:deb/debian/firefox@0?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@0%3Fdistro=sid
2
url pkg:deb/debian/firefox@149.0-1?distro=sid
purl pkg:deb/debian/firefox@149.0-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0-1%3Fdistro=sid
3
url pkg:deb/debian/firefox@149.0.2-1?distro=sid
purl pkg:deb/debian/firefox@149.0.2-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0.2-1%3Fdistro=sid
aliases CVE-2023-28159
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-s7rc-xagh-w3av
193
url VCID-s9ss-vz54-j3ha
vulnerability_id VCID-s9ss-vz54-j3ha
summary 
Address bar search suggestions in private browsing mode were re-using session data from normal mode.
*This bug only affects Firefox for Android. Other operating systems are unaffected.*
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2021-29963
reference_id
reference_type
scores
0
value 0.00143
scoring_system epss
scoring_elements 0.34599
published_at 2026-04-21T12:55:00Z
1
value 0.00143
scoring_system epss
scoring_elements 0.3448
published_at 2026-04-01T12:55:00Z
2
value 0.00143
scoring_system epss
scoring_elements 0.34652
published_at 2026-04-16T12:55:00Z
3
value 0.00143
scoring_system epss
scoring_elements 0.34639
published_at 2026-04-18T12:55:00Z
4
value 0.00143
scoring_system epss
scoring_elements 0.34698
published_at 2026-04-02T12:55:00Z
5
value 0.00143
scoring_system epss
scoring_elements 0.34724
published_at 2026-04-04T12:55:00Z
6
value 0.00143
scoring_system epss
scoring_elements 0.34602
published_at 2026-04-07T12:55:00Z
7
value 0.00143
scoring_system epss
scoring_elements 0.34645
published_at 2026-04-08T12:55:00Z
8
value 0.00143
scoring_system epss
scoring_elements 0.34674
published_at 2026-04-09T12:55:00Z
9
value 0.00143
scoring_system epss
scoring_elements 0.34678
published_at 2026-04-11T12:55:00Z
10
value 0.00143
scoring_system epss
scoring_elements 0.34638
published_at 2026-04-12T12:55:00Z
11
value 0.00143
scoring_system epss
scoring_elements 0.34615
published_at 2026-04-13T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2021-29963
1
reference_url https://security.archlinux.org/AVG-2019
reference_id AVG-2019
reference_type
scores
0
value High
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-2019
2
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2021-23
reference_id mfsa2021-23
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2021-23
fixed_packages
0
url pkg:deb/debian/firefox@150.0-1?distro=sid
purl pkg:deb/debian/firefox@150.0-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@150.0-1%3Fdistro=sid
1
url pkg:deb/debian/firefox@0?distro=sid
purl pkg:deb/debian/firefox@0?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@0%3Fdistro=sid
2
url pkg:deb/debian/firefox@149.0-1?distro=sid
purl pkg:deb/debian/firefox@149.0-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0-1%3Fdistro=sid
3
url pkg:deb/debian/firefox@149.0.2-1?distro=sid
purl pkg:deb/debian/firefox@149.0.2-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0.2-1%3Fdistro=sid
aliases CVE-2021-29963
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-s9ss-vz54-j3ha
194
url VCID-sbyn-4c25-h7gz
vulnerability_id VCID-sbyn-4c25-h7gz
summary 
Firefox for Android would become unstable and hard-to-recover when a website opened too many popups.
*This bug only affects Firefox for Android. Other operating systems are unaffected.*
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2021-29962
reference_id
reference_type
scores
0
value 0.00399
scoring_system epss
scoring_elements 0.60659
published_at 2026-04-21T12:55:00Z
1
value 0.00399
scoring_system epss
scoring_elements 0.605
published_at 2026-04-01T12:55:00Z
2
value 0.00399
scoring_system epss
scoring_elements 0.60667
published_at 2026-04-16T12:55:00Z
3
value 0.00399
scoring_system epss
scoring_elements 0.60673
published_at 2026-04-18T12:55:00Z
4
value 0.00399
scoring_system epss
scoring_elements 0.60574
published_at 2026-04-02T12:55:00Z
5
value 0.00399
scoring_system epss
scoring_elements 0.60602
published_at 2026-04-04T12:55:00Z
6
value 0.00399
scoring_system epss
scoring_elements 0.60571
published_at 2026-04-07T12:55:00Z
7
value 0.00399
scoring_system epss
scoring_elements 0.6062
published_at 2026-04-08T12:55:00Z
8
value 0.00399
scoring_system epss
scoring_elements 0.60636
published_at 2026-04-09T12:55:00Z
9
value 0.00399
scoring_system epss
scoring_elements 0.6066
published_at 2026-04-11T12:55:00Z
10
value 0.00399
scoring_system epss
scoring_elements 0.60645
published_at 2026-04-12T12:55:00Z
11
value 0.00399
scoring_system epss
scoring_elements 0.60625
published_at 2026-04-13T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2021-29962
1
reference_url https://security.archlinux.org/AVG-2019
reference_id AVG-2019
reference_type
scores
0
value High
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-2019
2
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2021-23
reference_id mfsa2021-23
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2021-23
fixed_packages
0
url pkg:deb/debian/firefox@150.0-1?distro=sid
purl pkg:deb/debian/firefox@150.0-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@150.0-1%3Fdistro=sid
1
url pkg:deb/debian/firefox@0?distro=sid
purl pkg:deb/debian/firefox@0?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@0%3Fdistro=sid
2
url pkg:deb/debian/firefox@149.0-1?distro=sid
purl pkg:deb/debian/firefox@149.0-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0-1%3Fdistro=sid
3
url pkg:deb/debian/firefox@149.0.2-1?distro=sid
purl pkg:deb/debian/firefox@149.0.2-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0.2-1%3Fdistro=sid
aliases CVE-2021-29962
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-sbyn-4c25-h7gz
195
url VCID-scws-6fhd-3fg7
vulnerability_id VCID-scws-6fhd-3fg7
summary Spoofing issue in the WebAuthn component in Firefox for Android. This vulnerability affects Firefox < 143 and Thunderbird < 143.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-10530.json
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-10530.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2025-10530
reference_id
reference_type
scores
0
value 0.00038
scoring_system epss
scoring_elements 0.1137
published_at 2026-04-11T12:55:00Z
1
value 0.00038
scoring_system epss
scoring_elements 0.11438
published_at 2026-04-04T12:55:00Z
2
value 0.00038
scoring_system epss
scoring_elements 0.11364
published_at 2026-04-09T12:55:00Z
3
value 0.00038
scoring_system epss
scoring_elements 0.1131
published_at 2026-04-08T12:55:00Z
4
value 0.00038
scoring_system epss
scoring_elements 0.11229
published_at 2026-04-07T12:55:00Z
5
value 0.00038
scoring_system epss
scoring_elements 0.11382
published_at 2026-04-02T12:55:00Z
6
value 0.0004
scoring_system epss
scoring_elements 0.123
published_at 2026-04-21T12:55:00Z
7
value 0.0004
scoring_system epss
scoring_elements 0.12332
published_at 2026-04-12T12:55:00Z
8
value 0.0004
scoring_system epss
scoring_elements 0.12294
published_at 2026-04-13T12:55:00Z
9
value 0.0004
scoring_system epss
scoring_elements 0.12192
published_at 2026-04-16T12:55:00Z
10
value 0.0004
scoring_system epss
scoring_elements 0.12195
published_at 2026-04-18T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2025-10530
2
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2395749
reference_id 2395749
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2395749
3
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2025-73
reference_id mfsa2025-73
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2025-73
4
reference_url https://www.mozilla.org/security/advisories/mfsa2025-73/
reference_id mfsa2025-73
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-09-17T17:07:11Z/
url https://www.mozilla.org/security/advisories/mfsa2025-73/
5
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2025-77
reference_id mfsa2025-77
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2025-77
6
reference_url https://www.mozilla.org/security/advisories/mfsa2025-77/
reference_id mfsa2025-77
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-09-17T17:07:11Z/
url https://www.mozilla.org/security/advisories/mfsa2025-77/
7
reference_url https://bugzilla.mozilla.org/show_bug.cgi?id=1974025
reference_id show_bug.cgi?id=1974025
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-09-17T17:07:11Z/
url https://bugzilla.mozilla.org/show_bug.cgi?id=1974025
fixed_packages
0
url pkg:deb/debian/firefox@150.0-1?distro=sid
purl pkg:deb/debian/firefox@150.0-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@150.0-1%3Fdistro=sid
1
url pkg:deb/debian/firefox@0?distro=sid
purl pkg:deb/debian/firefox@0?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@0%3Fdistro=sid
2
url pkg:deb/debian/firefox@149.0-1?distro=sid
purl pkg:deb/debian/firefox@149.0-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0-1%3Fdistro=sid
3
url pkg:deb/debian/firefox@149.0.2-1?distro=sid
purl pkg:deb/debian/firefox@149.0.2-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0.2-1%3Fdistro=sid
aliases CVE-2025-10530
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-scws-6fhd-3fg7
196
url VCID-sjy7-cp3x-nfh2
vulnerability_id VCID-sjy7-cp3x-nfh2
summary 
Multiple vulnerabilities have been found in Mozilla Firefox, the
    worst of which may allow execution of arbitrary code.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-12368.json
reference_id
reference_type
scores
0
value 8.1
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-12368.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2018-12368
reference_id
reference_type
scores
0
value 0.01952
scoring_system epss
scoring_elements 0.83504
published_at 2026-04-21T12:55:00Z
1
value 0.01952
scoring_system epss
scoring_elements 0.83461
published_at 2026-04-09T12:55:00Z
2
value 0.01952
scoring_system epss
scoring_elements 0.83475
published_at 2026-04-11T12:55:00Z
3
value 0.01952
scoring_system epss
scoring_elements 0.83469
published_at 2026-04-12T12:55:00Z
4
value 0.01952
scoring_system epss
scoring_elements 0.83464
published_at 2026-04-13T12:55:00Z
5
value 0.01952
scoring_system epss
scoring_elements 0.835
published_at 2026-04-16T12:55:00Z
6
value 0.01952
scoring_system epss
scoring_elements 0.83502
published_at 2026-04-18T12:55:00Z
7
value 0.01952
scoring_system epss
scoring_elements 0.834
published_at 2026-04-01T12:55:00Z
8
value 0.01952
scoring_system epss
scoring_elements 0.83413
published_at 2026-04-02T12:55:00Z
9
value 0.01952
scoring_system epss
scoring_elements 0.83428
published_at 2026-04-04T12:55:00Z
10
value 0.01952
scoring_system epss
scoring_elements 0.83427
published_at 2026-04-07T12:55:00Z
11
value 0.01952
scoring_system epss
scoring_elements 0.83451
published_at 2026-04-08T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2018-12368
2
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
3
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1595033
reference_id 1595033
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1595033
4
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2018-15
reference_id mfsa2018-15
reference_type
scores
0
value critical
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2018-15
5
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2018-16
reference_id mfsa2018-16
reference_type
scores
0
value critical
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2018-16
6
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2018-17
reference_id mfsa2018-17
reference_type
scores
0
value critical
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2018-17
7
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2018-18
reference_id mfsa2018-18
reference_type
scores
0
value critical
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2018-18
8
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2018-19
reference_id mfsa2018-19
reference_type
scores
0
value critical
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2018-19
fixed_packages
0
url pkg:deb/debian/firefox@150.0-1?distro=sid
purl pkg:deb/debian/firefox@150.0-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@150.0-1%3Fdistro=sid
1
url pkg:deb/debian/firefox@0?distro=sid
purl pkg:deb/debian/firefox@0?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@0%3Fdistro=sid
2
url pkg:deb/debian/firefox@149.0-1?distro=sid
purl pkg:deb/debian/firefox@149.0-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0-1%3Fdistro=sid
3
url pkg:deb/debian/firefox@149.0.2-1?distro=sid
purl pkg:deb/debian/firefox@149.0.2-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0.2-1%3Fdistro=sid
aliases CVE-2018-12368
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-sjy7-cp3x-nfh2
197
url VCID-snbc-j4e3-uff1
vulnerability_id VCID-snbc-j4e3-uff1
summary Multiple vulnerabilities have been discovered in Mozilla Thunderbird, the worst of which could lead to remote code execution.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-4582.json
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-4582.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2023-4582
reference_id
reference_type
scores
0
value 0.00718
scoring_system epss
scoring_elements 0.72395
published_at 2026-04-02T12:55:00Z
1
value 0.00798
scoring_system epss
scoring_elements 0.74
published_at 2026-04-08T12:55:00Z
2
value 0.00798
scoring_system epss
scoring_elements 0.74036
published_at 2026-04-11T12:55:00Z
3
value 0.00798
scoring_system epss
scoring_elements 0.73995
published_at 2026-04-04T12:55:00Z
4
value 0.00798
scoring_system epss
scoring_elements 0.73966
published_at 2026-04-07T12:55:00Z
5
value 0.00798
scoring_system epss
scoring_elements 0.74014
published_at 2026-04-09T12:55:00Z
6
value 0.00798
scoring_system epss
scoring_elements 0.74051
published_at 2026-04-21T12:55:00Z
7
value 0.00798
scoring_system epss
scoring_elements 0.74059
published_at 2026-04-18T12:55:00Z
8
value 0.00798
scoring_system epss
scoring_elements 0.7405
published_at 2026-04-16T12:55:00Z
9
value 0.00798
scoring_system epss
scoring_elements 0.74011
published_at 2026-04-13T12:55:00Z
10
value 0.00798
scoring_system epss
scoring_elements 0.74018
published_at 2026-04-12T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2023-4582
2
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2236081
reference_id 2236081
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2236081
3
reference_url https://security.gentoo.org/glsa/202402-25
reference_id GLSA-202402-25
reference_type
scores
url https://security.gentoo.org/glsa/202402-25
4
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2023-34
reference_id mfsa2023-34
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2023-34
5
reference_url https://www.mozilla.org/security/advisories/mfsa2023-34/
reference_id mfsa2023-34
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-09-19T20:00:26Z/
url https://www.mozilla.org/security/advisories/mfsa2023-34/
6
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2023-36
reference_id mfsa2023-36
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2023-36
7
reference_url https://www.mozilla.org/security/advisories/mfsa2023-36/
reference_id mfsa2023-36
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-09-19T20:00:26Z/
url https://www.mozilla.org/security/advisories/mfsa2023-36/
8
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2023-38
reference_id mfsa2023-38
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2023-38
9
reference_url https://www.mozilla.org/security/advisories/mfsa2023-38/
reference_id mfsa2023-38
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-09-19T20:00:26Z/
url https://www.mozilla.org/security/advisories/mfsa2023-38/
10
reference_url https://bugzilla.mozilla.org/show_bug.cgi?id=1773874
reference_id show_bug.cgi?id=1773874
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-09-19T20:00:26Z/
url https://bugzilla.mozilla.org/show_bug.cgi?id=1773874
fixed_packages
0
url pkg:deb/debian/firefox@150.0-1?distro=sid
purl pkg:deb/debian/firefox@150.0-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@150.0-1%3Fdistro=sid
1
url pkg:deb/debian/firefox@0?distro=sid
purl pkg:deb/debian/firefox@0?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@0%3Fdistro=sid
2
url pkg:deb/debian/firefox@149.0-1?distro=sid
purl pkg:deb/debian/firefox@149.0-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0-1%3Fdistro=sid
3
url pkg:deb/debian/firefox@149.0.2-1?distro=sid
purl pkg:deb/debian/firefox@149.0.2-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0.2-1%3Fdistro=sid
aliases CVE-2023-4582
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-snbc-j4e3-uff1
198
url VCID-srf6-8n4s-uyb6
vulnerability_id VCID-srf6-8n4s-uyb6
summary The Mozilla Maintenance Service can be invoked by an unprivileged user to overwrite arbitrary files with junk data using the Mozilla Windows Updater, which runs with the Maintenance Service's privileged access. *Note: This attack requires local system access and only affects Windows. Other operating systems are not affected.*
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2017-7767
reference_id
reference_type
scores
0
value 0.00138
scoring_system epss
scoring_elements 0.33537
published_at 2026-04-21T12:55:00Z
1
value 0.00138
scoring_system epss
scoring_elements 0.33583
published_at 2026-04-12T12:55:00Z
2
value 0.00138
scoring_system epss
scoring_elements 0.3356
published_at 2026-04-13T12:55:00Z
3
value 0.00138
scoring_system epss
scoring_elements 0.33593
published_at 2026-04-16T12:55:00Z
4
value 0.00138
scoring_system epss
scoring_elements 0.33569
published_at 2026-04-18T12:55:00Z
5
value 0.00138
scoring_system epss
scoring_elements 0.33528
published_at 2026-04-01T12:55:00Z
6
value 0.00138
scoring_system epss
scoring_elements 0.3368
published_at 2026-04-02T12:55:00Z
7
value 0.00138
scoring_system epss
scoring_elements 0.33713
published_at 2026-04-04T12:55:00Z
8
value 0.00138
scoring_system epss
scoring_elements 0.33551
published_at 2026-04-07T12:55:00Z
9
value 0.00138
scoring_system epss
scoring_elements 0.33595
published_at 2026-04-08T12:55:00Z
10
value 0.00138
scoring_system epss
scoring_elements 0.33629
published_at 2026-04-09T12:55:00Z
11
value 0.00138
scoring_system epss
scoring_elements 0.33624
published_at 2026-04-11T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2017-7767
1
reference_url https://bugzilla.mozilla.org/show_bug.cgi?id=1336964
reference_id
reference_type
scores
url https://bugzilla.mozilla.org/show_bug.cgi?id=1336964
2
reference_url https://www.mozilla.org/security/advisories/mfsa2017-15/
reference_id
reference_type
scores
url https://www.mozilla.org/security/advisories/mfsa2017-15/
3
reference_url https://www.mozilla.org/security/advisories/mfsa2017-16/
reference_id
reference_type
scores
url https://www.mozilla.org/security/advisories/mfsa2017-16/
4
reference_url http://www.securityfocus.com/bid/99057
reference_id
reference_type
scores
url http://www.securityfocus.com/bid/99057
5
reference_url http://www.securitytracker.com/id/1038689
reference_id
reference_type
scores
url http://www.securitytracker.com/id/1038689
6
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*
reference_id cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*
7
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*
reference_id cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*
8
reference_url https://nvd.nist.gov/vuln/detail/CVE-2017-7767
reference_id CVE-2017-7767
reference_type
scores
0
value 2.1
scoring_system cvssv2
scoring_elements AV:L/AC:L/Au:N/C:N/I:P/A:N
1
value 5.5
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N
url https://nvd.nist.gov/vuln/detail/CVE-2017-7767
9
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2017-15
reference_id mfsa2017-15
reference_type
scores
0
value critical
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2017-15
10
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2017-16
reference_id mfsa2017-16
reference_type
scores
0
value critical
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2017-16
fixed_packages
0
url pkg:deb/debian/firefox@150.0-1?distro=sid
purl pkg:deb/debian/firefox@150.0-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@150.0-1%3Fdistro=sid
1
url pkg:deb/debian/firefox@0?distro=sid
purl pkg:deb/debian/firefox@0?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@0%3Fdistro=sid
2
url pkg:deb/debian/firefox@149.0-1?distro=sid
purl pkg:deb/debian/firefox@149.0-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0-1%3Fdistro=sid
3
url pkg:deb/debian/firefox@149.0.2-1?distro=sid
purl pkg:deb/debian/firefox@149.0.2-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0.2-1%3Fdistro=sid
aliases CVE-2017-7767
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-srf6-8n4s-uyb6
199
url VCID-stk9-md62-w7b6
vulnerability_id VCID-stk9-md62-w7b6
summary Information disclosure, mitigation bypass in the Privacy component in Firefox for Android. This vulnerability affects Firefox < 143.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-10535.json
reference_id
reference_type
scores
0
value 3.4
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-10535.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2025-10535
reference_id
reference_type
scores
0
value 0.00041
scoring_system epss
scoring_elements 0.12575
published_at 2026-04-02T12:55:00Z
1
value 0.00041
scoring_system epss
scoring_elements 0.12617
published_at 2026-04-04T12:55:00Z
2
value 0.00041
scoring_system epss
scoring_elements 0.12557
published_at 2026-04-09T12:55:00Z
3
value 0.00041
scoring_system epss
scoring_elements 0.12506
published_at 2026-04-08T12:55:00Z
4
value 0.00041
scoring_system epss
scoring_elements 0.12426
published_at 2026-04-07T12:55:00Z
5
value 0.00041
scoring_system epss
scoring_elements 0.12527
published_at 2026-04-11T12:55:00Z
6
value 0.00044
scoring_system epss
scoring_elements 0.13449
published_at 2026-04-21T12:55:00Z
7
value 0.00044
scoring_system epss
scoring_elements 0.13513
published_at 2026-04-12T12:55:00Z
8
value 0.00044
scoring_system epss
scoring_elements 0.13467
published_at 2026-04-13T12:55:00Z
9
value 0.00044
scoring_system epss
scoring_elements 0.13379
published_at 2026-04-16T12:55:00Z
10
value 0.00044
scoring_system epss
scoring_elements 0.13378
published_at 2026-04-18T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2025-10535
2
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2395760
reference_id 2395760
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2395760
3
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2025-73
reference_id mfsa2025-73
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2025-73
4
reference_url https://www.mozilla.org/security/advisories/mfsa2025-73/
reference_id mfsa2025-73
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-09-17T14:02:21Z/
url https://www.mozilla.org/security/advisories/mfsa2025-73/
5
reference_url https://bugzilla.mozilla.org/show_bug.cgi?id=1979918
reference_id show_bug.cgi?id=1979918
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-09-17T14:02:21Z/
url https://bugzilla.mozilla.org/show_bug.cgi?id=1979918
fixed_packages
0
url pkg:deb/debian/firefox@150.0-1?distro=sid
purl pkg:deb/debian/firefox@150.0-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@150.0-1%3Fdistro=sid
1
url pkg:deb/debian/firefox@0?distro=sid
purl pkg:deb/debian/firefox@0?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@0%3Fdistro=sid
2
url pkg:deb/debian/firefox@149.0-1?distro=sid
purl pkg:deb/debian/firefox@149.0-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0-1%3Fdistro=sid
3
url pkg:deb/debian/firefox@149.0.2-1?distro=sid
purl pkg:deb/debian/firefox@149.0.2-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0.2-1%3Fdistro=sid
aliases CVE-2025-10535
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-stk9-md62-w7b6
200
url VCID-suv6-qrt5-wugc
vulnerability_id VCID-suv6-qrt5-wugc
summary On Android systems, Firefox can load a library from APITRACE_LIB, which is writable by all users and applications. This could allow malicious third party applications to execute a man-in-the-middle attack if a malicious code was written to that location and loaded. *Note: This issue only affects Android. Other operating systems are unaffected.*
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2019-9798
reference_id
reference_type
scores
0
value 0.00194
scoring_system epss
scoring_elements 0.41279
published_at 2026-04-21T12:55:00Z
1
value 0.00194
scoring_system epss
scoring_elements 0.41256
published_at 2026-04-01T12:55:00Z
2
value 0.00194
scoring_system epss
scoring_elements 0.41349
published_at 2026-04-02T12:55:00Z
3
value 0.00194
scoring_system epss
scoring_elements 0.41377
published_at 2026-04-04T12:55:00Z
4
value 0.00194
scoring_system epss
scoring_elements 0.41305
published_at 2026-04-07T12:55:00Z
5
value 0.00194
scoring_system epss
scoring_elements 0.41356
published_at 2026-04-08T12:55:00Z
6
value 0.00194
scoring_system epss
scoring_elements 0.41363
published_at 2026-04-09T12:55:00Z
7
value 0.00194
scoring_system epss
scoring_elements 0.41384
published_at 2026-04-11T12:55:00Z
8
value 0.00194
scoring_system epss
scoring_elements 0.41352
published_at 2026-04-12T12:55:00Z
9
value 0.00194
scoring_system epss
scoring_elements 0.41339
published_at 2026-04-13T12:55:00Z
10
value 0.00194
scoring_system epss
scoring_elements 0.41382
published_at 2026-04-16T12:55:00Z
11
value 0.00194
scoring_system epss
scoring_elements 0.41353
published_at 2026-04-18T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2019-9798
1
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2019-07
reference_id mfsa2019-07
reference_type
scores
0
value critical
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2019-07
fixed_packages
0
url pkg:deb/debian/firefox@150.0-1?distro=sid
purl pkg:deb/debian/firefox@150.0-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@150.0-1%3Fdistro=sid
1
url pkg:deb/debian/firefox@0?distro=sid
purl pkg:deb/debian/firefox@0?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@0%3Fdistro=sid
2
url pkg:deb/debian/firefox@149.0-1?distro=sid
purl pkg:deb/debian/firefox@149.0-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0-1%3Fdistro=sid
3
url pkg:deb/debian/firefox@149.0.2-1?distro=sid
purl pkg:deb/debian/firefox@149.0.2-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0.2-1%3Fdistro=sid
aliases CVE-2019-9798
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-suv6-qrt5-wugc
201
url VCID-sx7g-4pjb-r7ac
vulnerability_id VCID-sx7g-4pjb-r7ac
summary If Firefox was installed to a world-writable directory, a local privilege escalation could occur when Firefox searched the current directory for system libraries. However the install directory is not world-writable by default.*This bug only affects Firefox for Windows in a non-default installation. Other operating systems are unaffected.*
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2022-22736
reference_id
reference_type
scores
0
value 0.00109
scoring_system epss
scoring_elements 0.2921
published_at 2026-04-21T12:55:00Z
1
value 0.00109
scoring_system epss
scoring_elements 0.29383
published_at 2026-04-02T12:55:00Z
2
value 0.00109
scoring_system epss
scoring_elements 0.29353
published_at 2026-04-11T12:55:00Z
3
value 0.00109
scoring_system epss
scoring_elements 0.29306
published_at 2026-04-12T12:55:00Z
4
value 0.00109
scoring_system epss
scoring_elements 0.29254
published_at 2026-04-13T12:55:00Z
5
value 0.00109
scoring_system epss
scoring_elements 0.29279
published_at 2026-04-16T12:55:00Z
6
value 0.00109
scoring_system epss
scoring_elements 0.29255
published_at 2026-04-18T12:55:00Z
7
value 0.00109
scoring_system epss
scoring_elements 0.29432
published_at 2026-04-04T12:55:00Z
8
value 0.00109
scoring_system epss
scoring_elements 0.29245
published_at 2026-04-07T12:55:00Z
9
value 0.00109
scoring_system epss
scoring_elements 0.29309
published_at 2026-04-08T12:55:00Z
10
value 0.00109
scoring_system epss
scoring_elements 0.29349
published_at 2026-04-09T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2022-22736
1
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2022-01
reference_id mfsa2022-01
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2022-01
2
reference_url https://www.mozilla.org/security/advisories/mfsa2022-01/
reference_id mfsa2022-01
reference_type
scores
0
value 7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value Track*
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2025-04-16T15:12:07Z/
url https://www.mozilla.org/security/advisories/mfsa2022-01/
3
reference_url https://bugzilla.mozilla.org/show_bug.cgi?id=1742692
reference_id show_bug.cgi?id=1742692
reference_type
scores
0
value 7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value Track*
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2025-04-16T15:12:07Z/
url https://bugzilla.mozilla.org/show_bug.cgi?id=1742692
fixed_packages
0
url pkg:deb/debian/firefox@150.0-1?distro=sid
purl pkg:deb/debian/firefox@150.0-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@150.0-1%3Fdistro=sid
1
url pkg:deb/debian/firefox@0?distro=sid
purl pkg:deb/debian/firefox@0?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@0%3Fdistro=sid
2
url pkg:deb/debian/firefox@149.0-1?distro=sid
purl pkg:deb/debian/firefox@149.0-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0-1%3Fdistro=sid
3
url pkg:deb/debian/firefox@149.0.2-1?distro=sid
purl pkg:deb/debian/firefox@149.0.2-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0.2-1%3Fdistro=sid
aliases CVE-2022-22736
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-sx7g-4pjb-r7ac
202
url VCID-szte-x7pv-7ydn
vulnerability_id VCID-szte-x7pv-7ydn
summary By generally accepting and passing resource handles across processes, a compromised content process might have confused higher privileged processes to interact with handles that the unprivileged process should not have access to.*This bug only affects Firefox for Windows and MacOS. Other operating systems are unaffected.*
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2022-22750
reference_id
reference_type
scores
0
value 0.00323
scoring_system epss
scoring_elements 0.55444
published_at 2026-04-16T12:55:00Z
1
value 0.00323
scoring_system epss
scoring_elements 0.55383
published_at 2026-04-02T12:55:00Z
2
value 0.00323
scoring_system epss
scoring_elements 0.55408
published_at 2026-04-13T12:55:00Z
3
value 0.00323
scoring_system epss
scoring_elements 0.55386
published_at 2026-04-07T12:55:00Z
4
value 0.00323
scoring_system epss
scoring_elements 0.55437
published_at 2026-04-09T12:55:00Z
5
value 0.00323
scoring_system epss
scoring_elements 0.55448
published_at 2026-04-18T12:55:00Z
6
value 0.00323
scoring_system epss
scoring_elements 0.55426
published_at 2026-04-21T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2022-22750
1
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2022-01
reference_id mfsa2022-01
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2022-01
2
reference_url https://www.mozilla.org/security/advisories/mfsa2022-01/
reference_id mfsa2022-01
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-16T14:52:23Z/
url https://www.mozilla.org/security/advisories/mfsa2022-01/
3
reference_url https://bugzilla.mozilla.org/show_bug.cgi?id=1566608
reference_id show_bug.cgi?id=1566608
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-16T14:52:23Z/
url https://bugzilla.mozilla.org/show_bug.cgi?id=1566608
fixed_packages
0
url pkg:deb/debian/firefox@150.0-1?distro=sid
purl pkg:deb/debian/firefox@150.0-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@150.0-1%3Fdistro=sid
1
url pkg:deb/debian/firefox@0?distro=sid
purl pkg:deb/debian/firefox@0?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@0%3Fdistro=sid
2
url pkg:deb/debian/firefox@149.0-1?distro=sid
purl pkg:deb/debian/firefox@149.0-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0-1%3Fdistro=sid
3
url pkg:deb/debian/firefox@149.0.2-1?distro=sid
purl pkg:deb/debian/firefox@149.0.2-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0.2-1%3Fdistro=sid
aliases CVE-2022-22750
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-szte-x7pv-7ydn
203
url VCID-t1h9-93b5-73b9
vulnerability_id VCID-t1h9-93b5-73b9
summary Malicious sites can display a spoofed location bar on a subsequently loaded page when the existing location bar on the new page is scrolled out of view if navigations between pages can be timed correctly. *Note: This issue only affects Firefox for Android. Other operating systems are not affected.*
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2017-5395
reference_id
reference_type
scores
0
value 0.00375
scoring_system epss
scoring_elements 0.59179
published_at 2026-04-21T12:55:00Z
1
value 0.00375
scoring_system epss
scoring_elements 0.59051
published_at 2026-04-01T12:55:00Z
2
value 0.00375
scoring_system epss
scoring_elements 0.59159
published_at 2026-04-13T12:55:00Z
3
value 0.00375
scoring_system epss
scoring_elements 0.59194
published_at 2026-04-16T12:55:00Z
4
value 0.00375
scoring_system epss
scoring_elements 0.592
published_at 2026-04-18T12:55:00Z
5
value 0.00375
scoring_system epss
scoring_elements 0.59124
published_at 2026-04-02T12:55:00Z
6
value 0.00375
scoring_system epss
scoring_elements 0.59147
published_at 2026-04-04T12:55:00Z
7
value 0.00375
scoring_system epss
scoring_elements 0.59111
published_at 2026-04-07T12:55:00Z
8
value 0.00375
scoring_system epss
scoring_elements 0.59162
published_at 2026-04-08T12:55:00Z
9
value 0.00375
scoring_system epss
scoring_elements 0.59175
published_at 2026-04-09T12:55:00Z
10
value 0.00375
scoring_system epss
scoring_elements 0.59195
published_at 2026-04-11T12:55:00Z
11
value 0.00375
scoring_system epss
scoring_elements 0.59178
published_at 2026-04-12T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2017-5395
1
reference_url https://bugzilla.mozilla.org/show_bug.cgi?id=1293463
reference_id
reference_type
scores
url https://bugzilla.mozilla.org/show_bug.cgi?id=1293463
2
reference_url https://www.mozilla.org/security/advisories/mfsa2017-01/
reference_id
reference_type
scores
url https://www.mozilla.org/security/advisories/mfsa2017-01/
3
reference_url http://www.securityfocus.com/bid/95763
reference_id
reference_type
scores
url http://www.securityfocus.com/bid/95763
4
reference_url http://www.securitytracker.com/id/1037693
reference_id
reference_type
scores
url http://www.securitytracker.com/id/1037693
5
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*
reference_id cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*
6
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:google:android:-:*:*:*:*:*:*:*
reference_id cpe:2.3:o:google:android:-:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:google:android:-:*:*:*:*:*:*:*
7
reference_url https://nvd.nist.gov/vuln/detail/CVE-2017-5395
reference_id CVE-2017-5395
reference_type
scores
0
value 4.3
scoring_system cvssv2
scoring_elements AV:N/AC:M/Au:N/C:N/I:P/A:N
1
value 4.3
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N
url https://nvd.nist.gov/vuln/detail/CVE-2017-5395
8
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2017-01
reference_id mfsa2017-01
reference_type
scores
0
value critical
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2017-01
fixed_packages
0
url pkg:deb/debian/firefox@150.0-1?distro=sid
purl pkg:deb/debian/firefox@150.0-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@150.0-1%3Fdistro=sid
1
url pkg:deb/debian/firefox@0?distro=sid
purl pkg:deb/debian/firefox@0?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@0%3Fdistro=sid
2
url pkg:deb/debian/firefox@149.0-1?distro=sid
purl pkg:deb/debian/firefox@149.0-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0-1%3Fdistro=sid
3
url pkg:deb/debian/firefox@149.0.2-1?distro=sid
purl pkg:deb/debian/firefox@149.0.2-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0.2-1%3Fdistro=sid
aliases CVE-2017-5395
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-t1h9-93b5-73b9
204
url VCID-t52g-d7e2-zkd4
vulnerability_id VCID-t52g-d7e2-zkd4
summary By attempting to connect a website using an unresponsive port, an attacker could have controlled the content of a tab while the URL bar displayed the original domain. *Note: This issue only affects Firefox for Android. Other operating systems are unaffected.*
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2020-26977
reference_id
reference_type
scores
0
value 0.00384
scoring_system epss
scoring_elements 0.59678
published_at 2026-04-21T12:55:00Z
1
value 0.00384
scoring_system epss
scoring_elements 0.59538
published_at 2026-04-01T12:55:00Z
2
value 0.00384
scoring_system epss
scoring_elements 0.59686
published_at 2026-04-16T12:55:00Z
3
value 0.00384
scoring_system epss
scoring_elements 0.59694
published_at 2026-04-18T12:55:00Z
4
value 0.00384
scoring_system epss
scoring_elements 0.59611
published_at 2026-04-02T12:55:00Z
5
value 0.00384
scoring_system epss
scoring_elements 0.59636
published_at 2026-04-04T12:55:00Z
6
value 0.00384
scoring_system epss
scoring_elements 0.59605
published_at 2026-04-07T12:55:00Z
7
value 0.00384
scoring_system epss
scoring_elements 0.59656
published_at 2026-04-08T12:55:00Z
8
value 0.00384
scoring_system epss
scoring_elements 0.5967
published_at 2026-04-09T12:55:00Z
9
value 0.00384
scoring_system epss
scoring_elements 0.59689
published_at 2026-04-11T12:55:00Z
10
value 0.00384
scoring_system epss
scoring_elements 0.59672
published_at 2026-04-12T12:55:00Z
11
value 0.00384
scoring_system epss
scoring_elements 0.59653
published_at 2026-04-13T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2020-26977
1
reference_url https://security.archlinux.org/AVG-1363
reference_id AVG-1363
reference_type
scores
0
value Medium
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-1363
2
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2020-54
reference_id mfsa2020-54
reference_type
scores
0
value critical
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2020-54
fixed_packages
0
url pkg:deb/debian/firefox@150.0-1?distro=sid
purl pkg:deb/debian/firefox@150.0-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@150.0-1%3Fdistro=sid
1
url pkg:deb/debian/firefox@0?distro=sid
purl pkg:deb/debian/firefox@0?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@0%3Fdistro=sid
2
url pkg:deb/debian/firefox@149.0-1?distro=sid
purl pkg:deb/debian/firefox@149.0-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0-1%3Fdistro=sid
3
url pkg:deb/debian/firefox@149.0.2-1?distro=sid
purl pkg:deb/debian/firefox@149.0.2-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0.2-1%3Fdistro=sid
aliases CVE-2020-26977
risk_score 4.5
exploitability 0.5
weighted_severity 9.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-t52g-d7e2-zkd4
205
url VCID-t769-2t1u-57b6
vulnerability_id VCID-t769-2t1u-57b6
summary Microsoft introduced a new feature in Windows 10 known as Cloud Clipboard which, if enabled, will record data copied to the clipboard to the cloud, and make it available on other computers in certain scenarios. Applications that wish to prevent copied data from being recorded in Cloud History must use specific clipboard formats; and Firefox before versions 94 and ESR 91.3 did not implement them. This could have caused sensitive data to be recorded to a user's Microsoft account.*This bug only affects Firefox for Windows 10+ with Cloud Clipboard enabled. Other operating systems are unaffected.*
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-38505.json
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-38505.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2021-38505
reference_id
reference_type
scores
0
value 0.00354
scoring_system epss
scoring_elements 0.57727
published_at 2026-04-07T12:55:00Z
1
value 0.00354
scoring_system epss
scoring_elements 0.57782
published_at 2026-04-08T12:55:00Z
2
value 0.00354
scoring_system epss
scoring_elements 0.5776
published_at 2026-04-21T12:55:00Z
3
value 0.00354
scoring_system epss
scoring_elements 0.57757
published_at 2026-04-13T12:55:00Z
4
value 0.00354
scoring_system epss
scoring_elements 0.57778
published_at 2026-04-12T12:55:00Z
5
value 0.00354
scoring_system epss
scoring_elements 0.578
published_at 2026-04-11T12:55:00Z
6
value 0.00354
scoring_system epss
scoring_elements 0.57784
published_at 2026-04-18T12:55:00Z
7
value 0.00354
scoring_system epss
scoring_elements 0.57786
published_at 2026-04-16T12:55:00Z
8
value 0.00444
scoring_system epss
scoring_elements 0.63387
published_at 2026-04-04T12:55:00Z
9
value 0.00444
scoring_system epss
scoring_elements 0.633
published_at 2026-04-01T12:55:00Z
10
value 0.00444
scoring_system epss
scoring_elements 0.6336
published_at 2026-04-02T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2021-38505
2
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
3
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2019623
reference_id 2019623
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2019623
4
reference_url https://security.archlinux.org/AVG-2512
reference_id AVG-2512
reference_type
scores
0
value High
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-2512
5
reference_url https://security.archlinux.org/AVG-2519
reference_id AVG-2519
reference_type
scores
0
value High
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-2519
6
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2021-48
reference_id mfsa2021-48
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2021-48
7
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2021-49
reference_id mfsa2021-49
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2021-49
8
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2021-50
reference_id mfsa2021-50
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2021-50
fixed_packages
0
url pkg:deb/debian/firefox@150.0-1?distro=sid
purl pkg:deb/debian/firefox@150.0-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@150.0-1%3Fdistro=sid
1
url pkg:deb/debian/firefox@0?distro=sid
purl pkg:deb/debian/firefox@0?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@0%3Fdistro=sid
2
url pkg:deb/debian/firefox@149.0-1?distro=sid
purl pkg:deb/debian/firefox@149.0-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0-1%3Fdistro=sid
3
url pkg:deb/debian/firefox@149.0.2-1?distro=sid
purl pkg:deb/debian/firefox@149.0.2-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0.2-1%3Fdistro=sid
aliases CVE-2021-38505
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-t769-2t1u-57b6
206
url VCID-t8mb-cdc3-6ydq
vulnerability_id VCID-t8mb-cdc3-6ydq
summary Due to large allocation checks in Angle for GLSL shaders being too lenient an out-of-bounds access could occur when allocating more than 8192 ints in private shader memory on mac OS.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-6600.json
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-6600.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2024-6600
reference_id
reference_type
scores
0
value 0.00151
scoring_system epss
scoring_elements 0.3573
published_at 2026-04-21T12:55:00Z
1
value 0.00151
scoring_system epss
scoring_elements 0.35779
published_at 2026-04-18T12:55:00Z
2
value 0.00151
scoring_system epss
scoring_elements 0.35791
published_at 2026-04-16T12:55:00Z
3
value 0.00169
scoring_system epss
scoring_elements 0.38249
published_at 2026-04-02T12:55:00Z
4
value 0.00169
scoring_system epss
scoring_elements 0.38199
published_at 2026-04-09T12:55:00Z
5
value 0.00169
scoring_system epss
scoring_elements 0.3819
published_at 2026-04-08T12:55:00Z
6
value 0.00169
scoring_system epss
scoring_elements 0.3814
published_at 2026-04-07T12:55:00Z
7
value 0.00169
scoring_system epss
scoring_elements 0.38272
published_at 2026-04-04T12:55:00Z
8
value 0.00169
scoring_system epss
scoring_elements 0.38158
published_at 2026-04-13T12:55:00Z
9
value 0.00169
scoring_system epss
scoring_elements 0.38182
published_at 2026-04-12T12:55:00Z
10
value 0.00169
scoring_system epss
scoring_elements 0.38217
published_at 2026-04-11T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2024-6600
2
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 6.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
3
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2296635
reference_id 2296635
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2296635
4
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2024-29
reference_id mfsa2024-29
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2024-29
5
reference_url https://www.mozilla.org/security/advisories/mfsa2024-29/
reference_id mfsa2024-29
reference_type
scores
0
value 6.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-08-22T16:08:57Z/
url https://www.mozilla.org/security/advisories/mfsa2024-29/
6
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2024-30
reference_id mfsa2024-30
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2024-30
7
reference_url https://www.mozilla.org/security/advisories/mfsa2024-30/
reference_id mfsa2024-30
reference_type
scores
0
value 6.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-08-22T16:08:57Z/
url https://www.mozilla.org/security/advisories/mfsa2024-30/
8
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2024-31
reference_id mfsa2024-31
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2024-31
9
reference_url https://www.mozilla.org/security/advisories/mfsa2024-31/
reference_id mfsa2024-31
reference_type
scores
0
value 6.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-08-22T16:08:57Z/
url https://www.mozilla.org/security/advisories/mfsa2024-31/
10
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2024-32
reference_id mfsa2024-32
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2024-32
11
reference_url https://www.mozilla.org/security/advisories/mfsa2024-32/
reference_id mfsa2024-32
reference_type
scores
0
value 6.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-08-22T16:08:57Z/
url https://www.mozilla.org/security/advisories/mfsa2024-32/
12
reference_url https://bugzilla.mozilla.org/show_bug.cgi?id=1888340
reference_id show_bug.cgi?id=1888340
reference_type
scores
0
value 6.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-08-22T16:08:57Z/
url https://bugzilla.mozilla.org/show_bug.cgi?id=1888340
13
reference_url https://usn.ubuntu.com/6903-1/
reference_id USN-6903-1
reference_type
scores
url https://usn.ubuntu.com/6903-1/
fixed_packages
0
url pkg:deb/debian/firefox@150.0-1?distro=sid
purl pkg:deb/debian/firefox@150.0-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@150.0-1%3Fdistro=sid
1
url pkg:deb/debian/firefox@0?distro=sid
purl pkg:deb/debian/firefox@0?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@0%3Fdistro=sid
2
url pkg:deb/debian/firefox@149.0-1?distro=sid
purl pkg:deb/debian/firefox@149.0-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0-1%3Fdistro=sid
3
url pkg:deb/debian/firefox@149.0.2-1?distro=sid
purl pkg:deb/debian/firefox@149.0.2-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0.2-1%3Fdistro=sid
aliases CVE-2024-6600
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-t8mb-cdc3-6ydq
207
url VCID-tfny-yt17-mffx
vulnerability_id VCID-tfny-yt17-mffx
summary Multiple vulnerabilities have been discovered in Mozilla Thunderbird, the worst of which could lead to remote code execution.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-4054.json
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-4054.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2023-4054
reference_id
reference_type
scores
0
value 0.00032
scoring_system epss
scoring_elements 0.09281
published_at 2026-04-09T12:55:00Z
1
value 0.00032
scoring_system epss
scoring_elements 0.09254
published_at 2026-04-12T12:55:00Z
2
value 0.00032
scoring_system epss
scoring_elements 0.09242
published_at 2026-04-04T12:55:00Z
3
value 0.00032
scoring_system epss
scoring_elements 0.09164
published_at 2026-04-07T12:55:00Z
4
value 0.00032
scoring_system epss
scoring_elements 0.09243
published_at 2026-04-08T12:55:00Z
5
value 0.00032
scoring_system epss
scoring_elements 0.09284
published_at 2026-04-11T12:55:00Z
6
value 0.00032
scoring_system epss
scoring_elements 0.09195
published_at 2026-04-02T12:55:00Z
7
value 0.00032
scoring_system epss
scoring_elements 0.0927
published_at 2026-04-21T12:55:00Z
8
value 0.00032
scoring_system epss
scoring_elements 0.09114
published_at 2026-04-18T12:55:00Z
9
value 0.00032
scoring_system epss
scoring_elements 0.09133
published_at 2026-04-16T12:55:00Z
10
value 0.00032
scoring_system epss
scoring_elements 0.0924
published_at 2026-04-13T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2023-4054
2
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2228366
reference_id 2228366
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2228366
3
reference_url https://security.gentoo.org/glsa/202402-25
reference_id GLSA-202402-25
reference_type
scores
url https://security.gentoo.org/glsa/202402-25
4
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2023-29
reference_id mfsa2023-29
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2023-29
5
reference_url https://www.mozilla.org/security/advisories/mfsa2023-29/
reference_id mfsa2023-29
reference_type
scores
0
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-22T14:37:04Z/
url https://www.mozilla.org/security/advisories/mfsa2023-29/
6
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2023-30
reference_id mfsa2023-30
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2023-30
7
reference_url https://www.mozilla.org/security/advisories/mfsa2023-30/
reference_id mfsa2023-30
reference_type
scores
0
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-22T14:37:04Z/
url https://www.mozilla.org/security/advisories/mfsa2023-30/
8
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2023-31
reference_id mfsa2023-31
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2023-31
9
reference_url https://www.mozilla.org/security/advisories/mfsa2023-31/
reference_id mfsa2023-31
reference_type
scores
0
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-22T14:37:04Z/
url https://www.mozilla.org/security/advisories/mfsa2023-31/
10
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2023-32
reference_id mfsa2023-32
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2023-32
11
reference_url https://www.mozilla.org/security/advisories/mfsa2023-32/
reference_id mfsa2023-32
reference_type
scores
0
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-22T14:37:04Z/
url https://www.mozilla.org/security/advisories/mfsa2023-32/
12
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2023-33
reference_id mfsa2023-33
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2023-33
13
reference_url https://www.mozilla.org/security/advisories/mfsa2023-33/
reference_id mfsa2023-33
reference_type
scores
0
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-22T14:37:04Z/
url https://www.mozilla.org/security/advisories/mfsa2023-33/
14
reference_url https://bugzilla.mozilla.org/show_bug.cgi?id=1840777
reference_id show_bug.cgi?id=1840777
reference_type
scores
0
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-22T14:37:04Z/
url https://bugzilla.mozilla.org/show_bug.cgi?id=1840777
fixed_packages
0
url pkg:deb/debian/firefox@150.0-1?distro=sid
purl pkg:deb/debian/firefox@150.0-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@150.0-1%3Fdistro=sid
1
url pkg:deb/debian/firefox@0?distro=sid
purl pkg:deb/debian/firefox@0?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@0%3Fdistro=sid
2
url pkg:deb/debian/firefox@149.0-1?distro=sid
purl pkg:deb/debian/firefox@149.0-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0-1%3Fdistro=sid
3
url pkg:deb/debian/firefox@149.0.2-1?distro=sid
purl pkg:deb/debian/firefox@149.0.2-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0.2-1%3Fdistro=sid
aliases CVE-2023-4054
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-tfny-yt17-mffx
208
url VCID-tjp3-ck7p-5qg3
vulnerability_id VCID-tjp3-ck7p-5qg3
summary An attacker could have leveraged the Windows Error Reporter to run arbitrary code on the system escaping the sandbox. *Note:* This issue only affected Windows operating systems. Other operating systems are unaffected.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-2605.json
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-2605.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2024-2605
reference_id
reference_type
scores
0
value 0.0032
scoring_system epss
scoring_elements 0.55105
published_at 2026-04-21T12:55:00Z
1
value 0.0032
scoring_system epss
scoring_elements 0.55125
published_at 2026-04-18T12:55:00Z
2
value 0.0032
scoring_system epss
scoring_elements 0.5506
published_at 2026-04-02T12:55:00Z
3
value 0.0032
scoring_system epss
scoring_elements 0.5511
published_at 2026-04-09T12:55:00Z
4
value 0.0032
scoring_system epss
scoring_elements 0.55061
published_at 2026-04-07T12:55:00Z
5
value 0.0032
scoring_system epss
scoring_elements 0.55085
published_at 2026-04-04T12:55:00Z
6
value 0.0032
scoring_system epss
scoring_elements 0.55084
published_at 2026-04-13T12:55:00Z
7
value 0.0032
scoring_system epss
scoring_elements 0.55102
published_at 2026-04-12T12:55:00Z
8
value 0.0032
scoring_system epss
scoring_elements 0.55122
published_at 2026-04-16T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2024-2605
2
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
3
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2270659
reference_id 2270659
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2270659
4
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2024-12
reference_id mfsa2024-12
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2024-12
5
reference_url https://www.mozilla.org/security/advisories/mfsa2024-12/
reference_id mfsa2024-12
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-03-19T14:48:39Z/
url https://www.mozilla.org/security/advisories/mfsa2024-12/
6
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2024-13
reference_id mfsa2024-13
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2024-13
7
reference_url https://www.mozilla.org/security/advisories/mfsa2024-13/
reference_id mfsa2024-13
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-03-19T14:48:39Z/
url https://www.mozilla.org/security/advisories/mfsa2024-13/
8
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2024-14
reference_id mfsa2024-14
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2024-14
9
reference_url https://www.mozilla.org/security/advisories/mfsa2024-14/
reference_id mfsa2024-14
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-03-19T14:48:39Z/
url https://www.mozilla.org/security/advisories/mfsa2024-14/
10
reference_url https://bugzilla.mozilla.org/show_bug.cgi?id=1872920
reference_id show_bug.cgi?id=1872920
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-03-19T14:48:39Z/
url https://bugzilla.mozilla.org/show_bug.cgi?id=1872920
fixed_packages
0
url pkg:deb/debian/firefox@150.0-1?distro=sid
purl pkg:deb/debian/firefox@150.0-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@150.0-1%3Fdistro=sid
1
url pkg:deb/debian/firefox@0?distro=sid
purl pkg:deb/debian/firefox@0?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@0%3Fdistro=sid
2
url pkg:deb/debian/firefox@149.0-1?distro=sid
purl pkg:deb/debian/firefox@149.0-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0-1%3Fdistro=sid
3
url pkg:deb/debian/firefox@149.0.2-1?distro=sid
purl pkg:deb/debian/firefox@149.0.2-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0.2-1%3Fdistro=sid
aliases CVE-2024-2605
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-tjp3-ck7p-5qg3
209
url VCID-tnxh-tgsm-tuex
vulnerability_id VCID-tnxh-tgsm-tuex
summary A race condition could have allowed bypassing the fullscreen notification which could have lead to a fullscreen window spoof being unnoticed.*This bug only affects Firefox for Windows. Other operating systems are unaffected.*
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-22746.json
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-22746.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2022-22746
reference_id
reference_type
scores
0
value 0.0012
scoring_system epss
scoring_elements 0.30958
published_at 2026-04-21T12:55:00Z
1
value 0.0012
scoring_system epss
scoring_elements 0.30992
published_at 2026-04-18T12:55:00Z
2
value 0.0012
scoring_system epss
scoring_elements 0.31111
published_at 2026-04-02T12:55:00Z
3
value 0.0012
scoring_system epss
scoring_elements 0.31009
published_at 2026-04-16T12:55:00Z
4
value 0.0012
scoring_system epss
scoring_elements 0.30979
published_at 2026-04-13T12:55:00Z
5
value 0.0012
scoring_system epss
scoring_elements 0.31024
published_at 2026-04-12T12:55:00Z
6
value 0.0012
scoring_system epss
scoring_elements 0.31068
published_at 2026-04-11T12:55:00Z
7
value 0.0012
scoring_system epss
scoring_elements 0.31062
published_at 2026-04-09T12:55:00Z
8
value 0.0012
scoring_system epss
scoring_elements 0.31033
published_at 2026-04-08T12:55:00Z
9
value 0.0012
scoring_system epss
scoring_elements 0.31158
published_at 2026-04-04T12:55:00Z
10
value 0.0012
scoring_system epss
scoring_elements 0.30976
published_at 2026-04-07T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2022-22746
2
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2039560
reference_id 2039560
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2039560
3
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2022-01
reference_id mfsa2022-01
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2022-01
4
reference_url https://www.mozilla.org/security/advisories/mfsa2022-01/
reference_id mfsa2022-01
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-16T14:59:19Z/
url https://www.mozilla.org/security/advisories/mfsa2022-01/
5
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2022-02
reference_id mfsa2022-02
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2022-02
6
reference_url https://www.mozilla.org/security/advisories/mfsa2022-02/
reference_id mfsa2022-02
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-16T14:59:19Z/
url https://www.mozilla.org/security/advisories/mfsa2022-02/
7
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2022-03
reference_id mfsa2022-03
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2022-03
8
reference_url https://www.mozilla.org/security/advisories/mfsa2022-03/
reference_id mfsa2022-03
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-16T14:59:19Z/
url https://www.mozilla.org/security/advisories/mfsa2022-03/
9
reference_url https://bugzilla.mozilla.org/show_bug.cgi?id=1735071
reference_id show_bug.cgi?id=1735071
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-16T14:59:19Z/
url https://bugzilla.mozilla.org/show_bug.cgi?id=1735071
fixed_packages
0
url pkg:deb/debian/firefox@150.0-1?distro=sid
purl pkg:deb/debian/firefox@150.0-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@150.0-1%3Fdistro=sid
1
url pkg:deb/debian/firefox@0?distro=sid
purl pkg:deb/debian/firefox@0?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@0%3Fdistro=sid
2
url pkg:deb/debian/firefox@149.0-1?distro=sid
purl pkg:deb/debian/firefox@149.0-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0-1%3Fdistro=sid
3
url pkg:deb/debian/firefox@149.0.2-1?distro=sid
purl pkg:deb/debian/firefox@149.0.2-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0.2-1%3Fdistro=sid
aliases CVE-2022-22746
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-tnxh-tgsm-tuex
210
url VCID-tqw3-3sw6-zqd3
vulnerability_id VCID-tqw3-3sw6-zqd3
summary When the Windows DLL "webauthn.dll" was missing from the Operating System, and a malicious one was placed in a folder in the user's %PATH%, Firefox may have loaded the DLL, leading to arbitrary code execution. *Note: This issue only affects the Windows operating system; other operating systems are unaffected.*
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-12423.json
reference_id
reference_type
scores
0
value 7.8
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-12423.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2020-12423
reference_id
reference_type
scores
0
value 0.0028
scoring_system epss
scoring_elements 0.51439
published_at 2026-04-21T12:55:00Z
1
value 0.0028
scoring_system epss
scoring_elements 0.51452
published_at 2026-04-16T12:55:00Z
2
value 0.0028
scoring_system epss
scoring_elements 0.5146
published_at 2026-04-18T12:55:00Z
3
value 0.0028
scoring_system epss
scoring_elements 0.51315
published_at 2026-04-01T12:55:00Z
4
value 0.0028
scoring_system epss
scoring_elements 0.51362
published_at 2026-04-02T12:55:00Z
5
value 0.0028
scoring_system epss
scoring_elements 0.51389
published_at 2026-04-04T12:55:00Z
6
value 0.0028
scoring_system epss
scoring_elements 0.51348
published_at 2026-04-07T12:55:00Z
7
value 0.0028
scoring_system epss
scoring_elements 0.51403
published_at 2026-04-08T12:55:00Z
8
value 0.0028
scoring_system epss
scoring_elements 0.51401
published_at 2026-04-09T12:55:00Z
9
value 0.0028
scoring_system epss
scoring_elements 0.51444
published_at 2026-04-11T12:55:00Z
10
value 0.0028
scoring_system epss
scoring_elements 0.51423
published_at 2026-04-12T12:55:00Z
11
value 0.0028
scoring_system epss
scoring_elements 0.51409
published_at 2026-04-13T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2020-12423
2
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1872536
reference_id 1872536
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1872536
3
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2020-24
reference_id mfsa2020-24
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2020-24
4
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2020-29
reference_id mfsa2020-29
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2020-29
fixed_packages
0
url pkg:deb/debian/firefox@150.0-1?distro=sid
purl pkg:deb/debian/firefox@150.0-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@150.0-1%3Fdistro=sid
1
url pkg:deb/debian/firefox@0?distro=sid
purl pkg:deb/debian/firefox@0?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@0%3Fdistro=sid
2
url pkg:deb/debian/firefox@149.0-1?distro=sid
purl pkg:deb/debian/firefox@149.0-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0-1%3Fdistro=sid
3
url pkg:deb/debian/firefox@149.0.2-1?distro=sid
purl pkg:deb/debian/firefox@149.0.2-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0.2-1%3Fdistro=sid
aliases CVE-2020-12423
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-tqw3-3sw6-zqd3
211
url VCID-tsw2-ujgt-t7g2
vulnerability_id VCID-tsw2-ujgt-t7g2
summary Multiple vulnerabilities have been discovered in Mozilla Firefox, the worst of which could result in arbitrary code execution.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-0752.json
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-0752.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2024-0752
reference_id
reference_type
scores
0
value 0.00121
scoring_system epss
scoring_elements 0.31001
published_at 2026-04-21T12:55:00Z
1
value 0.00121
scoring_system epss
scoring_elements 0.31109
published_at 2026-04-11T12:55:00Z
2
value 0.00121
scoring_system epss
scoring_elements 0.31065
published_at 2026-04-12T12:55:00Z
3
value 0.00121
scoring_system epss
scoring_elements 0.3102
published_at 2026-04-13T12:55:00Z
4
value 0.00121
scoring_system epss
scoring_elements 0.31052
published_at 2026-04-16T12:55:00Z
5
value 0.00121
scoring_system epss
scoring_elements 0.31033
published_at 2026-04-18T12:55:00Z
6
value 0.00121
scoring_system epss
scoring_elements 0.31151
published_at 2026-04-02T12:55:00Z
7
value 0.00121
scoring_system epss
scoring_elements 0.31198
published_at 2026-04-04T12:55:00Z
8
value 0.00121
scoring_system epss
scoring_elements 0.31017
published_at 2026-04-07T12:55:00Z
9
value 0.00121
scoring_system epss
scoring_elements 0.31073
published_at 2026-04-08T12:55:00Z
10
value 0.00121
scoring_system epss
scoring_elements 0.31102
published_at 2026-04-09T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2024-0752
2
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2260019
reference_id 2260019
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2260019
3
reference_url https://security.gentoo.org/glsa/202402-26
reference_id GLSA-202402-26
reference_type
scores
url https://security.gentoo.org/glsa/202402-26
4
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2024-01
reference_id mfsa2024-01
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2024-01
5
reference_url https://www.mozilla.org/security/advisories/mfsa2024-01/
reference_id mfsa2024-01
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-01-23T14:54:02Z/
url https://www.mozilla.org/security/advisories/mfsa2024-01/
6
reference_url https://bugzilla.mozilla.org/show_bug.cgi?id=1866840
reference_id show_bug.cgi?id=1866840
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-01-23T14:54:02Z/
url https://bugzilla.mozilla.org/show_bug.cgi?id=1866840
fixed_packages
0
url pkg:deb/debian/firefox@150.0-1?distro=sid
purl pkg:deb/debian/firefox@150.0-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@150.0-1%3Fdistro=sid
1
url pkg:deb/debian/firefox@0?distro=sid
purl pkg:deb/debian/firefox@0?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@0%3Fdistro=sid
2
url pkg:deb/debian/firefox@149.0-1?distro=sid
purl pkg:deb/debian/firefox@149.0-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0-1%3Fdistro=sid
3
url pkg:deb/debian/firefox@149.0.2-1?distro=sid
purl pkg:deb/debian/firefox@149.0.2-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0.2-1%3Fdistro=sid
aliases CVE-2024-0752
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-tsw2-ujgt-t7g2
212
url VCID-tuk6-1zg4-aqeb
vulnerability_id VCID-tuk6-1zg4-aqeb
summary Malicious sites can display a spoofed addressbar on a page when the existing location bar on the new page is scrolled out of view if an HTML editable page element is user selected. *Note: This attack only affects Firefox for Android. Other operating systems are not affected.*
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2017-5452
reference_id
reference_type
scores
0
value 0.00369
scoring_system epss
scoring_elements 0.58789
published_at 2026-04-21T12:55:00Z
1
value 0.00369
scoring_system epss
scoring_elements 0.58661
published_at 2026-04-01T12:55:00Z
2
value 0.00369
scoring_system epss
scoring_elements 0.58811
published_at 2026-04-18T12:55:00Z
3
value 0.00369
scoring_system epss
scoring_elements 0.58773
published_at 2026-04-13T12:55:00Z
4
value 0.00369
scoring_system epss
scoring_elements 0.58806
published_at 2026-04-16T12:55:00Z
5
value 0.00369
scoring_system epss
scoring_elements 0.58744
published_at 2026-04-02T12:55:00Z
6
value 0.00369
scoring_system epss
scoring_elements 0.58765
published_at 2026-04-04T12:55:00Z
7
value 0.00369
scoring_system epss
scoring_elements 0.58733
published_at 2026-04-07T12:55:00Z
8
value 0.00369
scoring_system epss
scoring_elements 0.58786
published_at 2026-04-08T12:55:00Z
9
value 0.00369
scoring_system epss
scoring_elements 0.58793
published_at 2026-04-12T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2017-5452
1
reference_url https://bugzilla.mozilla.org/show_bug.cgi?id=1344517
reference_id
reference_type
scores
url https://bugzilla.mozilla.org/show_bug.cgi?id=1344517
2
reference_url https://www.mozilla.org/security/advisories/mfsa2017-10/
reference_id
reference_type
scores
url https://www.mozilla.org/security/advisories/mfsa2017-10/
3
reference_url http://www.securityfocus.com/bid/97940
reference_id
reference_type
scores
url http://www.securityfocus.com/bid/97940
4
reference_url http://www.securitytracker.com/id/1038320
reference_id
reference_type
scores
url http://www.securitytracker.com/id/1038320
5
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*
reference_id cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*
6
reference_url https://nvd.nist.gov/vuln/detail/CVE-2017-5452
reference_id CVE-2017-5452
reference_type
scores
0
value 4.3
scoring_system cvssv2
scoring_elements AV:N/AC:M/Au:N/C:N/I:P/A:N
1
value 4.3
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N
url https://nvd.nist.gov/vuln/detail/CVE-2017-5452
7
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2017-10
reference_id mfsa2017-10
reference_type
scores
0
value critical
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2017-10
fixed_packages
0
url pkg:deb/debian/firefox@150.0-1?distro=sid
purl pkg:deb/debian/firefox@150.0-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@150.0-1%3Fdistro=sid
1
url pkg:deb/debian/firefox@0?distro=sid
purl pkg:deb/debian/firefox@0?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@0%3Fdistro=sid
2
url pkg:deb/debian/firefox@149.0-1?distro=sid
purl pkg:deb/debian/firefox@149.0-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0-1%3Fdistro=sid
3
url pkg:deb/debian/firefox@149.0.2-1?distro=sid
purl pkg:deb/debian/firefox@149.0.2-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0.2-1%3Fdistro=sid
aliases CVE-2017-5452
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-tuk6-1zg4-aqeb
213
url VCID-tyzw-dhhz-yqer
vulnerability_id VCID-tyzw-dhhz-yqer
summary Opening an external link to an HTTP website when Firefox iOS was previously closed and had an HTTPS tab open could in some cases result in the padlock icon showing an HTTPS indicator incorrectly
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2024-10004
reference_id
reference_type
scores
0
value 0.00321
scoring_system epss
scoring_elements 0.55228
published_at 2026-04-21T12:55:00Z
1
value 0.00321
scoring_system epss
scoring_elements 0.55246
published_at 2026-04-11T12:55:00Z
2
value 0.00321
scoring_system epss
scoring_elements 0.55226
published_at 2026-04-12T12:55:00Z
3
value 0.00321
scoring_system epss
scoring_elements 0.55207
published_at 2026-04-13T12:55:00Z
4
value 0.00321
scoring_system epss
scoring_elements 0.55245
published_at 2026-04-16T12:55:00Z
5
value 0.00321
scoring_system epss
scoring_elements 0.55249
published_at 2026-04-18T12:55:00Z
6
value 0.00321
scoring_system epss
scoring_elements 0.55185
published_at 2026-04-07T12:55:00Z
7
value 0.00321
scoring_system epss
scoring_elements 0.55208
published_at 2026-04-04T12:55:00Z
8
value 0.00321
scoring_system epss
scoring_elements 0.55234
published_at 2026-04-09T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2024-10004
1
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2024-54
reference_id mfsa2024-54
reference_type
scores
0
value none
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2024-54
2
reference_url https://www.mozilla.org/security/advisories/mfsa2024-54/
reference_id mfsa2024-54
reference_type
scores
0
value 9.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-10-16T19:18:14Z/
url https://www.mozilla.org/security/advisories/mfsa2024-54/
3
reference_url https://bugzilla.mozilla.org/show_bug.cgi?id=1904885
reference_id show_bug.cgi?id=1904885
reference_type
scores
0
value 9.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-10-16T19:18:14Z/
url https://bugzilla.mozilla.org/show_bug.cgi?id=1904885
fixed_packages
0
url pkg:deb/debian/firefox@150.0-1?distro=sid
purl pkg:deb/debian/firefox@150.0-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@150.0-1%3Fdistro=sid
1
url pkg:deb/debian/firefox@0?distro=sid
purl pkg:deb/debian/firefox@0?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@0%3Fdistro=sid
2
url pkg:deb/debian/firefox@149.0-1?distro=sid
purl pkg:deb/debian/firefox@149.0-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0-1%3Fdistro=sid
3
url pkg:deb/debian/firefox@149.0.2-1?distro=sid
purl pkg:deb/debian/firefox@149.0.2-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0.2-1%3Fdistro=sid
aliases CVE-2024-10004
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-tyzw-dhhz-yqer
214
url VCID-u5n5-6h82-tqhw
vulnerability_id VCID-u5n5-6h82-tqhw
summary Multiple vulnerabilities have been discovered in Mozilla Thunderbird, the worst of which could result in arbitrary code execution.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-25734.json
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-25734.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2023-25734
reference_id
reference_type
scores
0
value 0.00179
scoring_system epss
scoring_elements 0.39428
published_at 2026-04-21T12:55:00Z
1
value 0.00179
scoring_system epss
scoring_elements 0.39513
published_at 2026-04-18T12:55:00Z
2
value 0.00179
scoring_system epss
scoring_elements 0.39526
published_at 2026-04-02T12:55:00Z
3
value 0.00179
scoring_system epss
scoring_elements 0.39541
published_at 2026-04-16T12:55:00Z
4
value 0.00179
scoring_system epss
scoring_elements 0.39491
published_at 2026-04-13T12:55:00Z
5
value 0.00179
scoring_system epss
scoring_elements 0.39508
published_at 2026-04-12T12:55:00Z
6
value 0.00179
scoring_system epss
scoring_elements 0.39546
published_at 2026-04-11T12:55:00Z
7
value 0.00179
scoring_system epss
scoring_elements 0.39535
published_at 2026-04-09T12:55:00Z
8
value 0.00179
scoring_system epss
scoring_elements 0.39519
published_at 2026-04-08T12:55:00Z
9
value 0.00179
scoring_system epss
scoring_elements 0.39465
published_at 2026-04-07T12:55:00Z
10
value 0.00179
scoring_system epss
scoring_elements 0.39549
published_at 2026-04-04T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2023-25734
2
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2170384
reference_id 2170384
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2170384
3
reference_url https://security.gentoo.org/glsa/202305-35
reference_id GLSA-202305-35
reference_type
scores
url https://security.gentoo.org/glsa/202305-35
4
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2023-05
reference_id mfsa2023-05
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2023-05
5
reference_url https://www.mozilla.org/security/advisories/mfsa2023-05/
reference_id mfsa2023-05
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N
1
value Track*
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2025-01-09T20:59:56Z/
url https://www.mozilla.org/security/advisories/mfsa2023-05/
6
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2023-06
reference_id mfsa2023-06
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2023-06
7
reference_url https://www.mozilla.org/security/advisories/mfsa2023-06/
reference_id mfsa2023-06
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N
1
value Track*
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2025-01-09T20:59:56Z/
url https://www.mozilla.org/security/advisories/mfsa2023-06/
8
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2023-07
reference_id mfsa2023-07
reference_type
scores
0
value low
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2023-07
9
reference_url https://www.mozilla.org/security/advisories/mfsa2023-07/
reference_id mfsa2023-07
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N
1
value Track*
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2025-01-09T20:59:56Z/
url https://www.mozilla.org/security/advisories/mfsa2023-07/
10
reference_url https://bugzilla.mozilla.org/show_bug.cgi?id=1784451
reference_id show_bug.cgi?id=1784451
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N
1
value Track*
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2025-01-09T20:59:56Z/
url https://bugzilla.mozilla.org/show_bug.cgi?id=1784451
11
reference_url https://bugzilla.mozilla.org/show_bug.cgi?id=1809923
reference_id show_bug.cgi?id=1809923
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N
1
value Track*
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2025-01-09T20:59:56Z/
url https://bugzilla.mozilla.org/show_bug.cgi?id=1809923
12
reference_url https://bugzilla.mozilla.org/show_bug.cgi?id=1810143
reference_id show_bug.cgi?id=1810143
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N
1
value Track*
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2025-01-09T20:59:56Z/
url https://bugzilla.mozilla.org/show_bug.cgi?id=1810143
13
reference_url https://bugzilla.mozilla.org/show_bug.cgi?id=1812338
reference_id show_bug.cgi?id=1812338
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N
1
value Track*
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2025-01-09T20:59:56Z/
url https://bugzilla.mozilla.org/show_bug.cgi?id=1812338
fixed_packages
0
url pkg:deb/debian/firefox@150.0-1?distro=sid
purl pkg:deb/debian/firefox@150.0-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@150.0-1%3Fdistro=sid
1
url pkg:deb/debian/firefox@0?distro=sid
purl pkg:deb/debian/firefox@0?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@0%3Fdistro=sid
2
url pkg:deb/debian/firefox@149.0-1?distro=sid
purl pkg:deb/debian/firefox@149.0-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0-1%3Fdistro=sid
3
url pkg:deb/debian/firefox@149.0.2-1?distro=sid
purl pkg:deb/debian/firefox@149.0.2-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0.2-1%3Fdistro=sid
aliases CVE-2023-25734
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-u5n5-6h82-tqhw
215
url VCID-ubmh-fmpu-fuff
vulnerability_id VCID-ubmh-fmpu-fuff
summary Password autofill was enabled without user interaction on insecure websites on Firefox for Android. This was corrected to require user interaction with the page before a user's password would be entered by the browser's autofill functionality.*This bug only affects Firefox for Android. Other operating systems are unaffected.*
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2021-29973
reference_id
reference_type
scores
0
value 0.0034
scoring_system epss
scoring_elements 0.56769
published_at 2026-04-18T12:55:00Z
1
value 0.0034
scoring_system epss
scoring_elements 0.56625
published_at 2026-04-01T12:55:00Z
2
value 0.0034
scoring_system epss
scoring_elements 0.56762
published_at 2026-04-12T12:55:00Z
3
value 0.0034
scoring_system epss
scoring_elements 0.5674
published_at 2026-04-13T12:55:00Z
4
value 0.0034
scoring_system epss
scoring_elements 0.56721
published_at 2026-04-02T12:55:00Z
5
value 0.0034
scoring_system epss
scoring_elements 0.56742
published_at 2026-04-21T12:55:00Z
6
value 0.0034
scoring_system epss
scoring_elements 0.5672
published_at 2026-04-07T12:55:00Z
7
value 0.0034
scoring_system epss
scoring_elements 0.56771
published_at 2026-04-16T12:55:00Z
8
value 0.0034
scoring_system epss
scoring_elements 0.56776
published_at 2026-04-09T12:55:00Z
9
value 0.0034
scoring_system epss
scoring_elements 0.56784
published_at 2026-04-11T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2021-29973
1
reference_url https://security.archlinux.org/AVG-2149
reference_id AVG-2149
reference_type
scores
0
value High
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-2149
2
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2021-28
reference_id mfsa2021-28
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2021-28
fixed_packages
0
url pkg:deb/debian/firefox@150.0-1?distro=sid
purl pkg:deb/debian/firefox@150.0-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@150.0-1%3Fdistro=sid
1
url pkg:deb/debian/firefox@0?distro=sid
purl pkg:deb/debian/firefox@0?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@0%3Fdistro=sid
2
url pkg:deb/debian/firefox@149.0-1?distro=sid
purl pkg:deb/debian/firefox@149.0-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0-1%3Fdistro=sid
3
url pkg:deb/debian/firefox@149.0.2-1?distro=sid
purl pkg:deb/debian/firefox@149.0.2-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0.2-1%3Fdistro=sid
aliases CVE-2021-29973
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-ubmh-fmpu-fuff
216
url VCID-umhx-zswu-kkbt
vulnerability_id VCID-umhx-zswu-kkbt
summary 
Multiple vulnerabilities have been found in Mozilla Firefox and
    Thunderbird the worst of which could lead to the execution of arbitrary
    code.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2016-5293
reference_id
reference_type
scores
0
value 0.00071
scoring_system epss
scoring_elements 0.21786
published_at 2026-04-21T12:55:00Z
1
value 0.00071
scoring_system epss
scoring_elements 0.2187
published_at 2026-04-12T12:55:00Z
2
value 0.00071
scoring_system epss
scoring_elements 0.21813
published_at 2026-04-13T12:55:00Z
3
value 0.00071
scoring_system epss
scoring_elements 0.21816
published_at 2026-04-16T12:55:00Z
4
value 0.00071
scoring_system epss
scoring_elements 0.21822
published_at 2026-04-18T12:55:00Z
5
value 0.00071
scoring_system epss
scoring_elements 0.21782
published_at 2026-04-01T12:55:00Z
6
value 0.00071
scoring_system epss
scoring_elements 0.21947
published_at 2026-04-02T12:55:00Z
7
value 0.00071
scoring_system epss
scoring_elements 0.22001
published_at 2026-04-04T12:55:00Z
8
value 0.00071
scoring_system epss
scoring_elements 0.21766
published_at 2026-04-07T12:55:00Z
9
value 0.00071
scoring_system epss
scoring_elements 0.21843
published_at 2026-04-08T12:55:00Z
10
value 0.00071
scoring_system epss
scoring_elements 0.21899
published_at 2026-04-09T12:55:00Z
11
value 0.00071
scoring_system epss
scoring_elements 0.21911
published_at 2026-04-11T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2016-5293
1
reference_url https://bugzilla.mozilla.org/show_bug.cgi?id=1246945
reference_id
reference_type
scores
url https://bugzilla.mozilla.org/show_bug.cgi?id=1246945
2
reference_url https://www.mozilla.org/security/advisories/mfsa2016-89/
reference_id
reference_type
scores
url https://www.mozilla.org/security/advisories/mfsa2016-89/
3
reference_url https://www.mozilla.org/security/advisories/mfsa2016-90/
reference_id
reference_type
scores
url https://www.mozilla.org/security/advisories/mfsa2016-90/
4
reference_url http://www.securityfocus.com/bid/94336
reference_id
reference_type
scores
url http://www.securityfocus.com/bid/94336
5
reference_url http://www.securitytracker.com/id/1037298
reference_id
reference_type
scores
url http://www.securitytracker.com/id/1037298
6
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*
reference_id cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*
7
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*
reference_id cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*
8
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*
reference_id cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*
9
reference_url https://nvd.nist.gov/vuln/detail/CVE-2016-5293
reference_id CVE-2016-5293
reference_type
scores
0
value 2.1
scoring_system cvssv2
scoring_elements AV:L/AC:L/Au:N/C:N/I:P/A:N
1
value 5.5
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N
url https://nvd.nist.gov/vuln/detail/CVE-2016-5293
10
reference_url https://security.gentoo.org/glsa/201701-15
reference_id GLSA-201701-15
reference_type
scores
url https://security.gentoo.org/glsa/201701-15
11
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2016-89
reference_id mfsa2016-89
reference_type
scores
0
value critical
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2016-89
12
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2016-90
reference_id mfsa2016-90
reference_type
scores
0
value critical
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2016-90
fixed_packages
0
url pkg:deb/debian/firefox@150.0-1?distro=sid
purl pkg:deb/debian/firefox@150.0-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@150.0-1%3Fdistro=sid
1
url pkg:deb/debian/firefox@0?distro=sid
purl pkg:deb/debian/firefox@0?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@0%3Fdistro=sid
2
url pkg:deb/debian/firefox@149.0-1?distro=sid
purl pkg:deb/debian/firefox@149.0-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0-1%3Fdistro=sid
3
url pkg:deb/debian/firefox@149.0.2-1?distro=sid
purl pkg:deb/debian/firefox@149.0.2-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0.2-1%3Fdistro=sid
aliases CVE-2016-5293
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-umhx-zswu-kkbt
217
url VCID-umpr-e6yd-nqcd
vulnerability_id VCID-umpr-e6yd-nqcd
summary A previously installed malicious Android application with same signature-level permissions as Firefox can intercept AuthTokens meant for Firefox only. *Note: This issue only affects Firefox for Android. Other versions and operating systems are unaffected.*
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2016-5299
reference_id
reference_type
scores
0
value 0.00822
scoring_system epss
scoring_elements 0.74455
published_at 2026-04-21T12:55:00Z
1
value 0.00822
scoring_system epss
scoring_elements 0.74371
published_at 2026-04-01T12:55:00Z
2
value 0.00822
scoring_system epss
scoring_elements 0.74419
published_at 2026-04-13T12:55:00Z
3
value 0.00822
scoring_system epss
scoring_elements 0.74456
published_at 2026-04-16T12:55:00Z
4
value 0.00822
scoring_system epss
scoring_elements 0.74464
published_at 2026-04-18T12:55:00Z
5
value 0.00822
scoring_system epss
scoring_elements 0.74375
published_at 2026-04-02T12:55:00Z
6
value 0.00822
scoring_system epss
scoring_elements 0.74402
published_at 2026-04-04T12:55:00Z
7
value 0.00822
scoring_system epss
scoring_elements 0.74377
published_at 2026-04-07T12:55:00Z
8
value 0.00822
scoring_system epss
scoring_elements 0.74409
published_at 2026-04-08T12:55:00Z
9
value 0.00822
scoring_system epss
scoring_elements 0.74426
published_at 2026-04-09T12:55:00Z
10
value 0.00822
scoring_system epss
scoring_elements 0.74447
published_at 2026-04-11T12:55:00Z
11
value 0.00822
scoring_system epss
scoring_elements 0.74427
published_at 2026-04-12T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2016-5299
1
reference_url https://bugzilla.mozilla.org/show_bug.cgi?id=1245791
reference_id
reference_type
scores
url https://bugzilla.mozilla.org/show_bug.cgi?id=1245791
2
reference_url https://www.mozilla.org/security/advisories/mfsa2016-89/
reference_id
reference_type
scores
url https://www.mozilla.org/security/advisories/mfsa2016-89/
3
reference_url http://www.securityfocus.com/bid/94337
reference_id
reference_type
scores
url http://www.securityfocus.com/bid/94337
4
reference_url http://www.securitytracker.com/id/1037298
reference_id
reference_type
scores
url http://www.securitytracker.com/id/1037298
5
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*
reference_id cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*
6
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:google:android:-:*:*:*:*:*:*:*
reference_id cpe:2.3:o:google:android:-:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:google:android:-:*:*:*:*:*:*:*
7
reference_url https://nvd.nist.gov/vuln/detail/CVE-2016-5299
reference_id CVE-2016-5299
reference_type
scores
0
value 5.0
scoring_system cvssv2
scoring_elements AV:N/AC:L/Au:N/C:P/I:N/A:N
1
value 7.5
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
url https://nvd.nist.gov/vuln/detail/CVE-2016-5299
8
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2016-89
reference_id mfsa2016-89
reference_type
scores
0
value critical
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2016-89
fixed_packages
0
url pkg:deb/debian/firefox@150.0-1?distro=sid
purl pkg:deb/debian/firefox@150.0-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@150.0-1%3Fdistro=sid
1
url pkg:deb/debian/firefox@0?distro=sid
purl pkg:deb/debian/firefox@0?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@0%3Fdistro=sid
2
url pkg:deb/debian/firefox@149.0-1?distro=sid
purl pkg:deb/debian/firefox@149.0-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0-1%3Fdistro=sid
3
url pkg:deb/debian/firefox@149.0.2-1?distro=sid
purl pkg:deb/debian/firefox@149.0.2-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0.2-1%3Fdistro=sid
aliases CVE-2016-5299
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-umpr-e6yd-nqcd
218
url VCID-up2q-hqdu-u3a7
vulnerability_id VCID-up2q-hqdu-u3a7
summary Different techniques existed to obscure the fullscreen notification in Firefox and Focus for Android. These could have led to potential user confusion and spoofing attacks.*This bug only affects Firefox and Focus for Android. Other versions of Firefox are unaffected.*
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2023-29534
reference_id
reference_type
scores
0
value 0.00497
scoring_system epss
scoring_elements 0.65873
published_at 2026-04-12T12:55:00Z
1
value 0.00497
scoring_system epss
scoring_elements 0.65808
published_at 2026-04-02T12:55:00Z
2
value 0.00497
scoring_system epss
scoring_elements 0.65843
published_at 2026-04-13T12:55:00Z
3
value 0.00497
scoring_system epss
scoring_elements 0.65838
published_at 2026-04-04T12:55:00Z
4
value 0.00497
scoring_system epss
scoring_elements 0.65803
published_at 2026-04-07T12:55:00Z
5
value 0.00497
scoring_system epss
scoring_elements 0.65856
published_at 2026-04-08T12:55:00Z
6
value 0.00497
scoring_system epss
scoring_elements 0.65867
published_at 2026-04-09T12:55:00Z
7
value 0.00497
scoring_system epss
scoring_elements 0.65886
published_at 2026-04-11T12:55:00Z
8
value 0.0053
scoring_system epss
scoring_elements 0.67264
published_at 2026-04-16T12:55:00Z
9
value 0.0053
scoring_system epss
scoring_elements 0.67257
published_at 2026-04-21T12:55:00Z
10
value 0.0053
scoring_system epss
scoring_elements 0.67277
published_at 2026-04-18T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2023-29534
1
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2023-13
reference_id mfsa2023-13
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2023-13
2
reference_url https://www.mozilla.org/security/advisories/mfsa2023-13/
reference_id mfsa2023-13
reference_type
scores
0
value 9.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-12-11T16:02:37Z/
url https://www.mozilla.org/security/advisories/mfsa2023-13/
3
reference_url https://bugzilla.mozilla.org/show_bug.cgi?id=1816007
reference_id show_bug.cgi?id=1816007
reference_type
scores
0
value 9.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-12-11T16:02:37Z/
url https://bugzilla.mozilla.org/show_bug.cgi?id=1816007
4
reference_url https://bugzilla.mozilla.org/show_bug.cgi?id=1816059
reference_id show_bug.cgi?id=1816059
reference_type
scores
0
value 9.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-12-11T16:02:37Z/
url https://bugzilla.mozilla.org/show_bug.cgi?id=1816059
5
reference_url https://bugzilla.mozilla.org/show_bug.cgi?id=1821155
reference_id show_bug.cgi?id=1821155
reference_type
scores
0
value 9.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-12-11T16:02:37Z/
url https://bugzilla.mozilla.org/show_bug.cgi?id=1821155
6
reference_url https://bugzilla.mozilla.org/show_bug.cgi?id=1821576
reference_id show_bug.cgi?id=1821576
reference_type
scores
0
value 9.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-12-11T16:02:37Z/
url https://bugzilla.mozilla.org/show_bug.cgi?id=1821576
7
reference_url https://bugzilla.mozilla.org/show_bug.cgi?id=1821906
reference_id show_bug.cgi?id=1821906
reference_type
scores
0
value 9.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-12-11T16:02:37Z/
url https://bugzilla.mozilla.org/show_bug.cgi?id=1821906
8
reference_url https://bugzilla.mozilla.org/show_bug.cgi?id=1822298
reference_id show_bug.cgi?id=1822298
reference_type
scores
0
value 9.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-12-11T16:02:37Z/
url https://bugzilla.mozilla.org/show_bug.cgi?id=1822298
9
reference_url https://bugzilla.mozilla.org/show_bug.cgi?id=1822305
reference_id show_bug.cgi?id=1822305
reference_type
scores
0
value 9.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-12-11T16:02:37Z/
url https://bugzilla.mozilla.org/show_bug.cgi?id=1822305
fixed_packages
0
url pkg:deb/debian/firefox@150.0-1?distro=sid
purl pkg:deb/debian/firefox@150.0-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@150.0-1%3Fdistro=sid
1
url pkg:deb/debian/firefox@0?distro=sid
purl pkg:deb/debian/firefox@0?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@0%3Fdistro=sid
2
url pkg:deb/debian/firefox@149.0-1?distro=sid
purl pkg:deb/debian/firefox@149.0-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0-1%3Fdistro=sid
3
url pkg:deb/debian/firefox@149.0.2-1?distro=sid
purl pkg:deb/debian/firefox@149.0.2-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0.2-1%3Fdistro=sid
aliases CVE-2023-29534
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-up2q-hqdu-u3a7
219
url VCID-urpr-qse2-7kcf
vulnerability_id VCID-urpr-qse2-7kcf
summary Searching for a single word from the address bar caused an mDNS request to be sent on the local network searching for a hostname consisting of that string; resulting in an information leak.*Note: This issue only affected Windows operating systems. Other operating systems are unaffected.*
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-26966.json
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-26966.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2020-26966
reference_id
reference_type
scores
0
value 0.00444
scoring_system epss
scoring_elements 0.63407
published_at 2026-04-21T12:55:00Z
1
value 0.00444
scoring_system epss
scoring_elements 0.63439
published_at 2026-04-11T12:55:00Z
2
value 0.00444
scoring_system epss
scoring_elements 0.63386
published_at 2026-04-13T12:55:00Z
3
value 0.00444
scoring_system epss
scoring_elements 0.63421
published_at 2026-04-16T12:55:00Z
4
value 0.00444
scoring_system epss
scoring_elements 0.63428
published_at 2026-04-18T12:55:00Z
5
value 0.00444
scoring_system epss
scoring_elements 0.633
published_at 2026-04-01T12:55:00Z
6
value 0.00444
scoring_system epss
scoring_elements 0.6336
published_at 2026-04-02T12:55:00Z
7
value 0.00444
scoring_system epss
scoring_elements 0.63387
published_at 2026-04-04T12:55:00Z
8
value 0.00444
scoring_system epss
scoring_elements 0.63352
published_at 2026-04-07T12:55:00Z
9
value 0.00444
scoring_system epss
scoring_elements 0.63404
published_at 2026-04-08T12:55:00Z
10
value 0.00444
scoring_system epss
scoring_elements 0.63422
published_at 2026-04-12T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2020-26966
2
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
3
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1898740
reference_id 1898740
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1898740
4
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2020-50
reference_id mfsa2020-50
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2020-50
5
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2020-51
reference_id mfsa2020-51
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2020-51
6
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2020-52
reference_id mfsa2020-52
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2020-52
fixed_packages
0
url pkg:deb/debian/firefox@150.0-1?distro=sid
purl pkg:deb/debian/firefox@150.0-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@150.0-1%3Fdistro=sid
1
url pkg:deb/debian/firefox@0?distro=sid
purl pkg:deb/debian/firefox@0?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@0%3Fdistro=sid
2
url pkg:deb/debian/firefox@149.0-1?distro=sid
purl pkg:deb/debian/firefox@149.0-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0-1%3Fdistro=sid
3
url pkg:deb/debian/firefox@149.0.2-1?distro=sid
purl pkg:deb/debian/firefox@149.0.2-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0.2-1%3Fdistro=sid
aliases CVE-2020-26966
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-urpr-qse2-7kcf
220
url VCID-usy5-jp7x-f7cv
vulnerability_id VCID-usy5-jp7x-f7cv
summary Heap buffer overflow in the Audio/Video: Playback component in Firefox for Android. This vulnerability affects Firefox < 148.0.2.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-3845
reference_id
reference_type
scores
0
value 0.00042
scoring_system epss
scoring_elements 0.13086
published_at 2026-04-04T12:55:00Z
1
value 0.00042
scoring_system epss
scoring_elements 0.13033
published_at 2026-04-02T12:55:00Z
2
value 0.00042
scoring_system epss
scoring_elements 0.13015
published_at 2026-04-09T12:55:00Z
3
value 0.00042
scoring_system epss
scoring_elements 0.12964
published_at 2026-04-08T12:55:00Z
4
value 0.00042
scoring_system epss
scoring_elements 0.12886
published_at 2026-04-07T12:55:00Z
5
value 0.00046
scoring_system epss
scoring_elements 0.14123
published_at 2026-04-21T12:55:00Z
6
value 0.00046
scoring_system epss
scoring_elements 0.14252
published_at 2026-04-11T12:55:00Z
7
value 0.00046
scoring_system epss
scoring_elements 0.14213
published_at 2026-04-12T12:55:00Z
8
value 0.00046
scoring_system epss
scoring_elements 0.14157
published_at 2026-04-13T12:55:00Z
9
value 0.00046
scoring_system epss
scoring_elements 0.14047
published_at 2026-04-16T12:55:00Z
10
value 0.00046
scoring_system epss
scoring_elements 0.14046
published_at 2026-04-18T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-3845
1
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-19
reference_id mfsa2026-19
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-19
2
reference_url https://www.mozilla.org/security/advisories/mfsa2026-19/
reference_id mfsa2026-19
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-03-10T15:32:16Z/
url https://www.mozilla.org/security/advisories/mfsa2026-19/
3
reference_url https://bugzilla.mozilla.org/show_bug.cgi?id=2020174
reference_id show_bug.cgi?id=2020174
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-03-10T15:32:16Z/
url https://bugzilla.mozilla.org/show_bug.cgi?id=2020174
fixed_packages
0
url pkg:deb/debian/firefox@150.0-1?distro=sid
purl pkg:deb/debian/firefox@150.0-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@150.0-1%3Fdistro=sid
1
url pkg:deb/debian/firefox@0?distro=sid
purl pkg:deb/debian/firefox@0?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@0%3Fdistro=sid
2
url pkg:deb/debian/firefox@149.0-1?distro=sid
purl pkg:deb/debian/firefox@149.0-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0-1%3Fdistro=sid
3
url pkg:deb/debian/firefox@149.0.2-1?distro=sid
purl pkg:deb/debian/firefox@149.0.2-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0.2-1%3Fdistro=sid
aliases CVE-2026-3845
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-usy5-jp7x-f7cv
221
url VCID-uuc6-a3xx-6khk
vulnerability_id VCID-uuc6-a3xx-6khk
summary Firefox will accept any registered Program ID as an external protocol handler and offer to launch this local application when given a matching URL on Windows operating systems. This should only happen if the program has specifically registered itself as a "URL Handler" in the Windows registry. *Note: This issue only affects Windows operating systems. Other operating systems are unaffected.*
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-9801.json
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-9801.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2019-9801
reference_id
reference_type
scores
0
value 0.00368
scoring_system epss
scoring_elements 0.58775
published_at 2026-04-21T12:55:00Z
1
value 0.00368
scoring_system epss
scoring_elements 0.58759
published_at 2026-04-13T12:55:00Z
2
value 0.00368
scoring_system epss
scoring_elements 0.58792
published_at 2026-04-16T12:55:00Z
3
value 0.00368
scoring_system epss
scoring_elements 0.58797
published_at 2026-04-18T12:55:00Z
4
value 0.00368
scoring_system epss
scoring_elements 0.58647
published_at 2026-04-01T12:55:00Z
5
value 0.00368
scoring_system epss
scoring_elements 0.58731
published_at 2026-04-02T12:55:00Z
6
value 0.00368
scoring_system epss
scoring_elements 0.58752
published_at 2026-04-04T12:55:00Z
7
value 0.00368
scoring_system epss
scoring_elements 0.5872
published_at 2026-04-07T12:55:00Z
8
value 0.00368
scoring_system epss
scoring_elements 0.58772
published_at 2026-04-08T12:55:00Z
9
value 0.00368
scoring_system epss
scoring_elements 0.58779
published_at 2026-04-12T12:55:00Z
10
value 0.00368
scoring_system epss
scoring_elements 0.58798
published_at 2026-04-11T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2019-9801
2
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1690682
reference_id 1690682
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1690682
3
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2019-07
reference_id mfsa2019-07
reference_type
scores
0
value critical
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2019-07
4
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2019-08
reference_id mfsa2019-08
reference_type
scores
0
value critical
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2019-08
5
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2019-11
reference_id mfsa2019-11
reference_type
scores
0
value critical
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2019-11
fixed_packages
0
url pkg:deb/debian/firefox@150.0-1?distro=sid
purl pkg:deb/debian/firefox@150.0-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@150.0-1%3Fdistro=sid
1
url pkg:deb/debian/firefox@0?distro=sid
purl pkg:deb/debian/firefox@0?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@0%3Fdistro=sid
2
url pkg:deb/debian/firefox@149.0-1?distro=sid
purl pkg:deb/debian/firefox@149.0-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0-1%3Fdistro=sid
3
url pkg:deb/debian/firefox@149.0.2-1?distro=sid
purl pkg:deb/debian/firefox@149.0.2-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0.2-1%3Fdistro=sid
aliases CVE-2019-9801
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-uuc6-a3xx-6khk
222
url VCID-uwae-2tu5-syb5
vulnerability_id VCID-uwae-2tu5-syb5
summary A specially crafted filename containing a large number of encoded newline characters could obscure the file's extension when displayed in the download dialog.*This bug only affects Thunderbird for Android. Other versions of Thunderbird are unaffected.*
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-4086.json
reference_id
reference_type
scores
0
value 5.4
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-4086.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2025-4086
reference_id
reference_type
scores
0
value 0.00242
scoring_system epss
scoring_elements 0.47435
published_at 2026-04-12T12:55:00Z
1
value 0.00242
scoring_system epss
scoring_elements 0.47385
published_at 2026-04-07T12:55:00Z
2
value 0.00242
scoring_system epss
scoring_elements 0.4744
published_at 2026-04-08T12:55:00Z
3
value 0.00242
scoring_system epss
scoring_elements 0.47437
published_at 2026-04-09T12:55:00Z
4
value 0.00242
scoring_system epss
scoring_elements 0.4746
published_at 2026-04-11T12:55:00Z
5
value 0.00242
scoring_system epss
scoring_elements 0.47415
published_at 2026-04-02T12:55:00Z
6
value 0.00242
scoring_system epss
scoring_elements 0.47445
published_at 2026-04-21T12:55:00Z
7
value 0.00242
scoring_system epss
scoring_elements 0.47493
published_at 2026-04-18T12:55:00Z
8
value 0.00242
scoring_system epss
scoring_elements 0.47501
published_at 2026-04-16T12:55:00Z
9
value 0.00242
scoring_system epss
scoring_elements 0.47441
published_at 2026-04-13T12:55:00Z
10
value 0.00242
scoring_system epss
scoring_elements 0.47436
published_at 2026-04-04T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2025-4086
2
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
3
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2362914
reference_id 2362914
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2362914
4
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2025-28
reference_id mfsa2025-28
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2025-28
5
reference_url https://www.mozilla.org/security/advisories/mfsa2025-28/
reference_id mfsa2025-28
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-29T15:53:35Z/
url https://www.mozilla.org/security/advisories/mfsa2025-28/
6
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2025-31
reference_id mfsa2025-31
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2025-31
7
reference_url https://www.mozilla.org/security/advisories/mfsa2025-31/
reference_id mfsa2025-31
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-29T15:53:35Z/
url https://www.mozilla.org/security/advisories/mfsa2025-31/
8
reference_url https://bugzilla.mozilla.org/show_bug.cgi?id=1945705
reference_id show_bug.cgi?id=1945705
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-29T15:53:35Z/
url https://bugzilla.mozilla.org/show_bug.cgi?id=1945705
fixed_packages
0
url pkg:deb/debian/firefox@150.0-1?distro=sid
purl pkg:deb/debian/firefox@150.0-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@150.0-1%3Fdistro=sid
1
url pkg:deb/debian/firefox@0?distro=sid
purl pkg:deb/debian/firefox@0?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@0%3Fdistro=sid
2
url pkg:deb/debian/firefox@149.0-1?distro=sid
purl pkg:deb/debian/firefox@149.0-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0-1%3Fdistro=sid
3
url pkg:deb/debian/firefox@149.0.2-1?distro=sid
purl pkg:deb/debian/firefox@149.0.2-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0.2-1%3Fdistro=sid
aliases CVE-2025-4086
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-uwae-2tu5-syb5
223
url VCID-v5s1-ev2g-4ue1
vulnerability_id VCID-v5s1-ev2g-4ue1
summary When a user scans a QR Code with the QR Code Scanner feature, the user is not prompted before being navigated to the page specified in the code. This may surprise the user and potentially direct them to unwanted content.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2024-0953
reference_id
reference_type
scores
0
value 0.00178
scoring_system epss
scoring_elements 0.393
published_at 2026-04-21T12:55:00Z
1
value 0.00178
scoring_system epss
scoring_elements 0.39421
published_at 2026-04-11T12:55:00Z
2
value 0.00178
scoring_system epss
scoring_elements 0.39382
published_at 2026-04-12T12:55:00Z
3
value 0.00178
scoring_system epss
scoring_elements 0.39363
published_at 2026-04-13T12:55:00Z
4
value 0.00178
scoring_system epss
scoring_elements 0.39415
published_at 2026-04-16T12:55:00Z
5
value 0.00178
scoring_system epss
scoring_elements 0.39387
published_at 2026-04-18T12:55:00Z
6
value 0.00178
scoring_system epss
scoring_elements 0.39399
published_at 2026-04-02T12:55:00Z
7
value 0.00178
scoring_system epss
scoring_elements 0.39423
published_at 2026-04-04T12:55:00Z
8
value 0.00178
scoring_system epss
scoring_elements 0.39337
published_at 2026-04-07T12:55:00Z
9
value 0.00178
scoring_system epss
scoring_elements 0.39393
published_at 2026-04-08T12:55:00Z
10
value 0.00178
scoring_system epss
scoring_elements 0.3941
published_at 2026-04-09T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2024-0953
1
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2024-36
reference_id mfsa2024-36
reference_type
scores
0
value none
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2024-36
2
reference_url https://www.mozilla.org/security/advisories/mfsa2024-36/
reference_id mfsa2024-36
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-05T20:24:03Z/
url https://www.mozilla.org/security/advisories/mfsa2024-36/
3
reference_url https://bugzilla.mozilla.org/show_bug.cgi?id=1837916
reference_id show_bug.cgi?id=1837916
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-05T20:24:03Z/
url https://bugzilla.mozilla.org/show_bug.cgi?id=1837916
fixed_packages
0
url pkg:deb/debian/firefox@150.0-1?distro=sid
purl pkg:deb/debian/firefox@150.0-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@150.0-1%3Fdistro=sid
1
url pkg:deb/debian/firefox@0?distro=sid
purl pkg:deb/debian/firefox@0?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@0%3Fdistro=sid
2
url pkg:deb/debian/firefox@149.0-1?distro=sid
purl pkg:deb/debian/firefox@149.0-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0-1%3Fdistro=sid
3
url pkg:deb/debian/firefox@149.0.2-1?distro=sid
purl pkg:deb/debian/firefox@149.0.2-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0.2-1%3Fdistro=sid
aliases CVE-2024-0953
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-v5s1-ev2g-4ue1
224
url VCID-v9ua-1tey-cyaa
vulnerability_id VCID-v9ua-1tey-cyaa
summary Multiple vulnerabilities have been discovered in Mozilla Thunderbird, the worst of which could result in arbitrary code execution.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-46875.json
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-46875.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2022-46875
reference_id
reference_type
scores
0
value 0.00142
scoring_system epss
scoring_elements 0.34404
published_at 2026-04-21T12:55:00Z
1
value 0.00142
scoring_system epss
scoring_elements 0.34442
published_at 2026-04-18T12:55:00Z
2
value 0.00142
scoring_system epss
scoring_elements 0.34517
published_at 2026-04-02T12:55:00Z
3
value 0.00142
scoring_system epss
scoring_elements 0.34457
published_at 2026-04-16T12:55:00Z
4
value 0.00142
scoring_system epss
scoring_elements 0.34422
published_at 2026-04-13T12:55:00Z
5
value 0.00142
scoring_system epss
scoring_elements 0.34446
published_at 2026-04-12T12:55:00Z
6
value 0.00142
scoring_system epss
scoring_elements 0.34485
published_at 2026-04-11T12:55:00Z
7
value 0.00142
scoring_system epss
scoring_elements 0.34483
published_at 2026-04-09T12:55:00Z
8
value 0.00142
scoring_system epss
scoring_elements 0.34454
published_at 2026-04-08T12:55:00Z
9
value 0.00142
scoring_system epss
scoring_elements 0.34412
published_at 2026-04-07T12:55:00Z
10
value 0.00142
scoring_system epss
scoring_elements 0.34545
published_at 2026-04-04T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2022-46875
2
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2153451
reference_id 2153451
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2153451
3
reference_url https://security.gentoo.org/glsa/202305-06
reference_id GLSA-202305-06
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-15T13:56:00Z/
url https://security.gentoo.org/glsa/202305-06
4
reference_url https://security.gentoo.org/glsa/202305-13
reference_id GLSA-202305-13
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-15T13:56:00Z/
url https://security.gentoo.org/glsa/202305-13
5
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2022-51
reference_id mfsa2022-51
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2022-51
6
reference_url https://www.mozilla.org/security/advisories/mfsa2022-51/
reference_id mfsa2022-51
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-15T13:56:00Z/
url https://www.mozilla.org/security/advisories/mfsa2022-51/
7
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2022-52
reference_id mfsa2022-52
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2022-52
8
reference_url https://www.mozilla.org/security/advisories/mfsa2022-52/
reference_id mfsa2022-52
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-15T13:56:00Z/
url https://www.mozilla.org/security/advisories/mfsa2022-52/
9
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2022-53
reference_id mfsa2022-53
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2022-53
10
reference_url https://www.mozilla.org/security/advisories/mfsa2022-53/
reference_id mfsa2022-53
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-15T13:56:00Z/
url https://www.mozilla.org/security/advisories/mfsa2022-53/
11
reference_url https://bugzilla.mozilla.org/show_bug.cgi?id=1786188
reference_id show_bug.cgi?id=1786188
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-15T13:56:00Z/
url https://bugzilla.mozilla.org/show_bug.cgi?id=1786188
fixed_packages
0
url pkg:deb/debian/firefox@150.0-1?distro=sid
purl pkg:deb/debian/firefox@150.0-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@150.0-1%3Fdistro=sid
1
url pkg:deb/debian/firefox@0?distro=sid
purl pkg:deb/debian/firefox@0?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@0%3Fdistro=sid
2
url pkg:deb/debian/firefox@149.0-1?distro=sid
purl pkg:deb/debian/firefox@149.0-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0-1%3Fdistro=sid
3
url pkg:deb/debian/firefox@149.0.2-1?distro=sid
purl pkg:deb/debian/firefox@149.0.2-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0.2-1%3Fdistro=sid
aliases CVE-2022-46875
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-v9ua-1tey-cyaa
225
url VCID-vpku-cgw2-gubt
vulnerability_id VCID-vpku-cgw2-gubt
summary Firefox Android allowed immediate interaction with permission prompts. This could be used for tapjacking.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2024-6605
reference_id
reference_type
scores
0
value 0.00564
scoring_system epss
scoring_elements 0.68405
published_at 2026-04-21T12:55:00Z
1
value 0.00564
scoring_system epss
scoring_elements 0.68394
published_at 2026-04-09T12:55:00Z
2
value 0.00564
scoring_system epss
scoring_elements 0.68421
published_at 2026-04-11T12:55:00Z
3
value 0.00564
scoring_system epss
scoring_elements 0.68408
published_at 2026-04-12T12:55:00Z
4
value 0.00564
scoring_system epss
scoring_elements 0.68376
published_at 2026-04-13T12:55:00Z
5
value 0.00564
scoring_system epss
scoring_elements 0.68414
published_at 2026-04-16T12:55:00Z
6
value 0.00564
scoring_system epss
scoring_elements 0.68427
published_at 2026-04-18T12:55:00Z
7
value 0.00564
scoring_system epss
scoring_elements 0.6833
published_at 2026-04-02T12:55:00Z
8
value 0.00564
scoring_system epss
scoring_elements 0.68349
published_at 2026-04-04T12:55:00Z
9
value 0.00564
scoring_system epss
scoring_elements 0.68326
published_at 2026-04-07T12:55:00Z
10
value 0.00564
scoring_system epss
scoring_elements 0.68377
published_at 2026-04-08T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2024-6605
1
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
2
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2024-29
reference_id mfsa2024-29
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2024-29
3
reference_url https://www.mozilla.org/security/advisories/mfsa2024-29/
reference_id mfsa2024-29
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-07-17T14:36:12Z/
url https://www.mozilla.org/security/advisories/mfsa2024-29/
4
reference_url https://bugzilla.mozilla.org/show_bug.cgi?id=1836786
reference_id show_bug.cgi?id=1836786
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-07-17T14:36:12Z/
url https://bugzilla.mozilla.org/show_bug.cgi?id=1836786
fixed_packages
0
url pkg:deb/debian/firefox@150.0-1?distro=sid
purl pkg:deb/debian/firefox@150.0-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@150.0-1%3Fdistro=sid
1
url pkg:deb/debian/firefox@0?distro=sid
purl pkg:deb/debian/firefox@0?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@0%3Fdistro=sid
2
url pkg:deb/debian/firefox@149.0-1?distro=sid
purl pkg:deb/debian/firefox@149.0-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0-1%3Fdistro=sid
3
url pkg:deb/debian/firefox@149.0.2-1?distro=sid
purl pkg:deb/debian/firefox@149.0.2-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0.2-1%3Fdistro=sid
aliases CVE-2024-6605
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-vpku-cgw2-gubt
226
url VCID-vrps-vpn4-nkbf
vulnerability_id VCID-vrps-vpn4-nkbf
summary A hyperlink using the res: protocol can be used to open local files at a known location in Internet Explorer if a user approves execution when prompted. *Note: this issue only occurs on Windows. Other operating systems are unaffected.*
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2019-11700
reference_id
reference_type
scores
0
value 0.00383
scoring_system epss
scoring_elements 0.59661
published_at 2026-04-21T12:55:00Z
1
value 0.00383
scoring_system epss
scoring_elements 0.5952
published_at 2026-04-01T12:55:00Z
2
value 0.00383
scoring_system epss
scoring_elements 0.5967
published_at 2026-04-16T12:55:00Z
3
value 0.00383
scoring_system epss
scoring_elements 0.59678
published_at 2026-04-18T12:55:00Z
4
value 0.00383
scoring_system epss
scoring_elements 0.59593
published_at 2026-04-02T12:55:00Z
5
value 0.00383
scoring_system epss
scoring_elements 0.59618
published_at 2026-04-04T12:55:00Z
6
value 0.00383
scoring_system epss
scoring_elements 0.59588
published_at 2026-04-07T12:55:00Z
7
value 0.00383
scoring_system epss
scoring_elements 0.5964
published_at 2026-04-08T12:55:00Z
8
value 0.00383
scoring_system epss
scoring_elements 0.59653
published_at 2026-04-09T12:55:00Z
9
value 0.00383
scoring_system epss
scoring_elements 0.59673
published_at 2026-04-11T12:55:00Z
10
value 0.00383
scoring_system epss
scoring_elements 0.59656
published_at 2026-04-12T12:55:00Z
11
value 0.00383
scoring_system epss
scoring_elements 0.59637
published_at 2026-04-13T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2019-11700
1
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
2
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2019-13
reference_id mfsa2019-13
reference_type
scores
0
value critical
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2019-13
fixed_packages
0
url pkg:deb/debian/firefox@150.0-1?distro=sid
purl pkg:deb/debian/firefox@150.0-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@150.0-1%3Fdistro=sid
1
url pkg:deb/debian/firefox@0?distro=sid
purl pkg:deb/debian/firefox@0?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@0%3Fdistro=sid
2
url pkg:deb/debian/firefox@149.0-1?distro=sid
purl pkg:deb/debian/firefox@149.0-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0-1%3Fdistro=sid
3
url pkg:deb/debian/firefox@149.0.2-1?distro=sid
purl pkg:deb/debian/firefox@149.0.2-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0.2-1%3Fdistro=sid
aliases CVE-2019-11700
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-vrps-vpn4-nkbf
227
url VCID-vsyy-wtk7-cbbt
vulnerability_id VCID-vsyy-wtk7-cbbt
summary Firefox for Android could get stuck in fullscreen mode and not exit it even after normal interactions that should cause it to exit. *Note: This issue only affected Firefox for Android. Other operating systems are unaffected.*
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2021-29983
reference_id
reference_type
scores
0
value 0.00294
scoring_system epss
scoring_elements 0.52738
published_at 2026-04-21T12:55:00Z
1
value 0.00294
scoring_system epss
scoring_elements 0.5261
published_at 2026-04-01T12:55:00Z
2
value 0.00294
scoring_system epss
scoring_elements 0.52747
published_at 2026-04-16T12:55:00Z
3
value 0.00294
scoring_system epss
scoring_elements 0.52754
published_at 2026-04-18T12:55:00Z
4
value 0.00294
scoring_system epss
scoring_elements 0.52653
published_at 2026-04-02T12:55:00Z
5
value 0.00294
scoring_system epss
scoring_elements 0.52679
published_at 2026-04-04T12:55:00Z
6
value 0.00294
scoring_system epss
scoring_elements 0.52645
published_at 2026-04-07T12:55:00Z
7
value 0.00294
scoring_system epss
scoring_elements 0.52696
published_at 2026-04-08T12:55:00Z
8
value 0.00294
scoring_system epss
scoring_elements 0.5269
published_at 2026-04-09T12:55:00Z
9
value 0.00294
scoring_system epss
scoring_elements 0.5274
published_at 2026-04-11T12:55:00Z
10
value 0.00294
scoring_system epss
scoring_elements 0.52723
published_at 2026-04-12T12:55:00Z
11
value 0.00294
scoring_system epss
scoring_elements 0.52708
published_at 2026-04-13T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2021-29983
1
reference_url https://security.archlinux.org/AVG-2271
reference_id AVG-2271
reference_type
scores
0
value High
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-2271
2
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2021-33
reference_id mfsa2021-33
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2021-33
fixed_packages
0
url pkg:deb/debian/firefox@150.0-1?distro=sid
purl pkg:deb/debian/firefox@150.0-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@150.0-1%3Fdistro=sid
1
url pkg:deb/debian/firefox@0?distro=sid
purl pkg:deb/debian/firefox@0?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@0%3Fdistro=sid
2
url pkg:deb/debian/firefox@149.0-1?distro=sid
purl pkg:deb/debian/firefox@149.0-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0-1%3Fdistro=sid
3
url pkg:deb/debian/firefox@149.0.2-1?distro=sid
purl pkg:deb/debian/firefox@149.0.2-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0.2-1%3Fdistro=sid
aliases CVE-2021-29983
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-vsyy-wtk7-cbbt
228
url VCID-vun4-z8ju-gbbc
vulnerability_id VCID-vun4-z8ju-gbbc
summary If Firefox is installed to a user-writable directory, the Mozilla Maintenance Service would execute updater.exe from the install location with administrative privileges. Although the Mozilla Maintenance Service does ensure that updater.exe is signed by Mozilla, the version could have been rolled back to a previous version which would have allowed exploitation of an older bug and arbitrary code execution with system privileges.*Note: This issue only affected Windows operating systems. Other operating systems are unaffected.*
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-15663.json
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-15663.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2020-15663
reference_id
reference_type
scores
0
value 0.01674
scoring_system epss
scoring_elements 0.82182
published_at 2026-04-21T12:55:00Z
1
value 0.01674
scoring_system epss
scoring_elements 0.8213
published_at 2026-04-08T12:55:00Z
2
value 0.01674
scoring_system epss
scoring_elements 0.82137
published_at 2026-04-09T12:55:00Z
3
value 0.01674
scoring_system epss
scoring_elements 0.82156
published_at 2026-04-11T12:55:00Z
4
value 0.01674
scoring_system epss
scoring_elements 0.82147
published_at 2026-04-12T12:55:00Z
5
value 0.01674
scoring_system epss
scoring_elements 0.82141
published_at 2026-04-13T12:55:00Z
6
value 0.01674
scoring_system epss
scoring_elements 0.82179
published_at 2026-04-18T12:55:00Z
7
value 0.01674
scoring_system epss
scoring_elements 0.82074
published_at 2026-04-01T12:55:00Z
8
value 0.01674
scoring_system epss
scoring_elements 0.82086
published_at 2026-04-02T12:55:00Z
9
value 0.01674
scoring_system epss
scoring_elements 0.82107
published_at 2026-04-04T12:55:00Z
10
value 0.01674
scoring_system epss
scoring_elements 0.82103
published_at 2026-04-07T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2020-15663
2
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
3
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1872530
reference_id 1872530
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1872530
4
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2020-36
reference_id mfsa2020-36
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2020-36
5
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2020-37
reference_id mfsa2020-37
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2020-37
6
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2020-38
reference_id mfsa2020-38
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2020-38
7
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2020-40
reference_id mfsa2020-40
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2020-40
8
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2020-41
reference_id mfsa2020-41
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2020-41
fixed_packages
0
url pkg:deb/debian/firefox@150.0-1?distro=sid
purl pkg:deb/debian/firefox@150.0-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@150.0-1%3Fdistro=sid
1
url pkg:deb/debian/firefox@0?distro=sid
purl pkg:deb/debian/firefox@0?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@0%3Fdistro=sid
2
url pkg:deb/debian/firefox@149.0-1?distro=sid
purl pkg:deb/debian/firefox@149.0-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0-1%3Fdistro=sid
3
url pkg:deb/debian/firefox@149.0.2-1?distro=sid
purl pkg:deb/debian/firefox@149.0.2-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0.2-1%3Fdistro=sid
aliases CVE-2020-15663
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-vun4-z8ju-gbbc
229
url VCID-vw4n-4r41-ukbp
vulnerability_id VCID-vw4n-4r41-ukbp
summary Multiple vulnerabilities have been discovered in Mozilla Thunderbird, the worst of which could lead to remote code execution.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-5727.json
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-5727.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2023-5727
reference_id
reference_type
scores
0
value 0.00212
scoring_system epss
scoring_elements 0.43728
published_at 2026-04-21T12:55:00Z
1
value 0.00212
scoring_system epss
scoring_elements 0.43795
published_at 2026-04-18T12:55:00Z
2
value 0.00212
scoring_system epss
scoring_elements 0.43771
published_at 2026-04-09T12:55:00Z
3
value 0.00212
scoring_system epss
scoring_elements 0.43716
published_at 2026-04-07T12:55:00Z
4
value 0.00212
scoring_system epss
scoring_elements 0.43767
published_at 2026-04-08T12:55:00Z
5
value 0.00212
scoring_system epss
scoring_elements 0.43758
published_at 2026-04-12T12:55:00Z
6
value 0.00212
scoring_system epss
scoring_elements 0.43804
published_at 2026-04-16T12:55:00Z
7
value 0.00212
scoring_system epss
scoring_elements 0.43742
published_at 2026-04-13T12:55:00Z
8
value 0.00212
scoring_system epss
scoring_elements 0.43791
published_at 2026-04-11T12:55:00Z
9
value 0.00212
scoring_system epss
scoring_elements 0.43783
published_at 2026-04-04T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2023-5727
2
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
3
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2245902
reference_id 2245902
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2245902
4
reference_url https://security.gentoo.org/glsa/202402-25
reference_id GLSA-202402-25
reference_type
scores
url https://security.gentoo.org/glsa/202402-25
5
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2023-45
reference_id mfsa2023-45
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2023-45
6
reference_url https://www.mozilla.org/security/advisories/mfsa2023-45/
reference_id mfsa2023-45
reference_type
scores
0
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-11T18:47:05Z/
url https://www.mozilla.org/security/advisories/mfsa2023-45/
7
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2023-46
reference_id mfsa2023-46
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2023-46
8
reference_url https://www.mozilla.org/security/advisories/mfsa2023-46/
reference_id mfsa2023-46
reference_type
scores
0
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-11T18:47:05Z/
url https://www.mozilla.org/security/advisories/mfsa2023-46/
9
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2023-47
reference_id mfsa2023-47
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2023-47
10
reference_url https://www.mozilla.org/security/advisories/mfsa2023-47/
reference_id mfsa2023-47
reference_type
scores
0
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-11T18:47:05Z/
url https://www.mozilla.org/security/advisories/mfsa2023-47/
11
reference_url https://bugzilla.mozilla.org/show_bug.cgi?id=1847180
reference_id show_bug.cgi?id=1847180
reference_type
scores
0
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-11T18:47:05Z/
url https://bugzilla.mozilla.org/show_bug.cgi?id=1847180
fixed_packages
0
url pkg:deb/debian/firefox@150.0-1?distro=sid
purl pkg:deb/debian/firefox@150.0-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@150.0-1%3Fdistro=sid
1
url pkg:deb/debian/firefox@0?distro=sid
purl pkg:deb/debian/firefox@0?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@0%3Fdistro=sid
2
url pkg:deb/debian/firefox@149.0-1?distro=sid
purl pkg:deb/debian/firefox@149.0-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0-1%3Fdistro=sid
3
url pkg:deb/debian/firefox@149.0.2-1?distro=sid
purl pkg:deb/debian/firefox@149.0.2-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0.2-1%3Fdistro=sid
aliases CVE-2023-5727
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-vw4n-4r41-ukbp
230
url VCID-vy64-w5qh-duhp
vulnerability_id VCID-vy64-w5qh-duhp
summary Multiple vulnerabilities have been found in Mozilla Firefox, the worst of which could result in the arbitrary execution of code.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2022-22762
reference_id
reference_type
scores
0
value 0.00291
scoring_system epss
scoring_elements 0.52538
published_at 2026-04-21T12:55:00Z
1
value 0.00291
scoring_system epss
scoring_elements 0.52451
published_at 2026-04-02T12:55:00Z
2
value 0.00291
scoring_system epss
scoring_elements 0.52543
published_at 2026-04-11T12:55:00Z
3
value 0.00291
scoring_system epss
scoring_elements 0.52527
published_at 2026-04-12T12:55:00Z
4
value 0.00291
scoring_system epss
scoring_elements 0.5251
published_at 2026-04-13T12:55:00Z
5
value 0.00291
scoring_system epss
scoring_elements 0.52549
published_at 2026-04-16T12:55:00Z
6
value 0.00291
scoring_system epss
scoring_elements 0.52555
published_at 2026-04-18T12:55:00Z
7
value 0.00291
scoring_system epss
scoring_elements 0.52479
published_at 2026-04-04T12:55:00Z
8
value 0.00291
scoring_system epss
scoring_elements 0.52446
published_at 2026-04-07T12:55:00Z
9
value 0.00291
scoring_system epss
scoring_elements 0.52498
published_at 2026-04-08T12:55:00Z
10
value 0.00291
scoring_system epss
scoring_elements 0.52492
published_at 2026-04-09T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2022-22762
1
reference_url https://security.gentoo.org/glsa/202202-03
reference_id GLSA-202202-03
reference_type
scores
url https://security.gentoo.org/glsa/202202-03
2
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2022-04
reference_id mfsa2022-04
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2022-04
3
reference_url https://www.mozilla.org/security/advisories/mfsa2022-04/
reference_id mfsa2022-04
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-16T14:31:34Z/
url https://www.mozilla.org/security/advisories/mfsa2022-04/
4
reference_url https://bugzilla.mozilla.org/show_bug.cgi?id=1743931
reference_id show_bug.cgi?id=1743931
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-16T14:31:34Z/
url https://bugzilla.mozilla.org/show_bug.cgi?id=1743931
fixed_packages
0
url pkg:deb/debian/firefox@150.0-1?distro=sid
purl pkg:deb/debian/firefox@150.0-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@150.0-1%3Fdistro=sid
1
url pkg:deb/debian/firefox@0?distro=sid
purl pkg:deb/debian/firefox@0?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@0%3Fdistro=sid
2
url pkg:deb/debian/firefox@149.0-1?distro=sid
purl pkg:deb/debian/firefox@149.0-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0-1%3Fdistro=sid
3
url pkg:deb/debian/firefox@149.0.2-1?distro=sid
purl pkg:deb/debian/firefox@149.0.2-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0.2-1%3Fdistro=sid
aliases CVE-2022-22762
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-vy64-w5qh-duhp
231
url VCID-vzg5-b77s-g3ft
vulnerability_id VCID-vzg5-b77s-g3ft
summary Multiple vulnerabilities have been found in Mozilla Thunderbird, the worst of which could result in the arbitrary execution of code.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-34478.json
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-34478.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2022-34478
reference_id
reference_type
scores
0
value 0.00148
scoring_system epss
scoring_elements 0.3532
published_at 2026-04-21T12:55:00Z
1
value 0.00148
scoring_system epss
scoring_elements 0.35373
published_at 2026-04-18T12:55:00Z
2
value 0.00148
scoring_system epss
scoring_elements 0.35422
published_at 2026-04-02T12:55:00Z
3
value 0.00148
scoring_system epss
scoring_elements 0.35384
published_at 2026-04-16T12:55:00Z
4
value 0.00148
scoring_system epss
scoring_elements 0.35345
published_at 2026-04-13T12:55:00Z
5
value 0.00148
scoring_system epss
scoring_elements 0.35367
published_at 2026-04-12T12:55:00Z
6
value 0.00148
scoring_system epss
scoring_elements 0.35403
published_at 2026-04-11T12:55:00Z
7
value 0.00148
scoring_system epss
scoring_elements 0.35401
published_at 2026-04-09T12:55:00Z
8
value 0.00148
scoring_system epss
scoring_elements 0.35377
published_at 2026-04-08T12:55:00Z
9
value 0.00148
scoring_system epss
scoring_elements 0.35446
published_at 2026-04-04T12:55:00Z
10
value 0.00148
scoring_system epss
scoring_elements 0.3533
published_at 2026-04-07T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2022-34478
2
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2102167
reference_id 2102167
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2102167
3
reference_url https://security.gentoo.org/glsa/202208-08
reference_id GLSA-202208-08
reference_type
scores
url https://security.gentoo.org/glsa/202208-08
4
reference_url https://security.gentoo.org/glsa/202208-14
reference_id GLSA-202208-14
reference_type
scores
url https://security.gentoo.org/glsa/202208-14
5
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2022-24
reference_id mfsa2022-24
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2022-24
6
reference_url https://www.mozilla.org/security/advisories/mfsa2022-24/
reference_id mfsa2022-24
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-15T18:14:23Z/
url https://www.mozilla.org/security/advisories/mfsa2022-24/
7
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2022-25
reference_id mfsa2022-25
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2022-25
8
reference_url https://www.mozilla.org/security/advisories/mfsa2022-25/
reference_id mfsa2022-25
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-15T18:14:23Z/
url https://www.mozilla.org/security/advisories/mfsa2022-25/
9
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2022-26
reference_id mfsa2022-26
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2022-26
10
reference_url https://www.mozilla.org/security/advisories/mfsa2022-26/
reference_id mfsa2022-26
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-15T18:14:23Z/
url https://www.mozilla.org/security/advisories/mfsa2022-26/
11
reference_url https://bugzilla.mozilla.org/show_bug.cgi?id=1773717
reference_id show_bug.cgi?id=1773717
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-15T18:14:23Z/
url https://bugzilla.mozilla.org/show_bug.cgi?id=1773717
fixed_packages
0
url pkg:deb/debian/firefox@150.0-1?distro=sid
purl pkg:deb/debian/firefox@150.0-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@150.0-1%3Fdistro=sid
1
url pkg:deb/debian/firefox@0?distro=sid
purl pkg:deb/debian/firefox@0?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@0%3Fdistro=sid
2
url pkg:deb/debian/firefox@149.0-1?distro=sid
purl pkg:deb/debian/firefox@149.0-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0-1%3Fdistro=sid
3
url pkg:deb/debian/firefox@149.0.2-1?distro=sid
purl pkg:deb/debian/firefox@149.0.2-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0.2-1%3Fdistro=sid
aliases CVE-2022-34478
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-vzg5-b77s-g3ft
232
url VCID-vzkp-7dsz-kbee
vulnerability_id VCID-vzkp-7dsz-kbee
summary 
Multiple vulnerabilities have been found in Mozilla Firefox and
    Thunderbird the worst of which could lead to the execution of arbitrary
    code.
references
0
reference_url http://lists.opensuse.org/opensuse-updates/2016-05/msg00038.html
reference_id
reference_type
scores
url http://lists.opensuse.org/opensuse-updates/2016-05/msg00038.html
1
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-2810.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-2810.json
2
reference_url https://api.first.org/data/v1/epss?cve=CVE-2016-2810
reference_id
reference_type
scores
0
value 0.00272
scoring_system epss
scoring_elements 0.50649
published_at 2026-04-21T12:55:00Z
1
value 0.00272
scoring_system epss
scoring_elements 0.5053
published_at 2026-04-01T12:55:00Z
2
value 0.00272
scoring_system epss
scoring_elements 0.50637
published_at 2026-04-12T12:55:00Z
3
value 0.00272
scoring_system epss
scoring_elements 0.50623
published_at 2026-04-13T12:55:00Z
4
value 0.00272
scoring_system epss
scoring_elements 0.50664
published_at 2026-04-16T12:55:00Z
5
value 0.00272
scoring_system epss
scoring_elements 0.5067
published_at 2026-04-18T12:55:00Z
6
value 0.00272
scoring_system epss
scoring_elements 0.50586
published_at 2026-04-02T12:55:00Z
7
value 0.00272
scoring_system epss
scoring_elements 0.50614
published_at 2026-04-04T12:55:00Z
8
value 0.00272
scoring_system epss
scoring_elements 0.50567
published_at 2026-04-07T12:55:00Z
9
value 0.00272
scoring_system epss
scoring_elements 0.5062
published_at 2026-04-08T12:55:00Z
10
value 0.00272
scoring_system epss
scoring_elements 0.50617
published_at 2026-04-09T12:55:00Z
11
value 0.00272
scoring_system epss
scoring_elements 0.5066
published_at 2026-04-11T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2016-2810
3
reference_url https://bugzilla.mozilla.org/show_bug.cgi?id=1229681
reference_id
reference_type
scores
url https://bugzilla.mozilla.org/show_bug.cgi?id=1229681
4
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv2
scoring_elements AV:N/AC:M/Au:N/C:P/I:N/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
5
reference_url http://www.mozilla.org/security/announce/2016/mfsa2016-41.html
reference_id
reference_type
scores
url http://www.mozilla.org/security/announce/2016/mfsa2016-41.html
6
reference_url http://www.securitytracker.com/id/1035692
reference_id
reference_type
scores
url http://www.securitytracker.com/id/1035692
7
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1330274
reference_id 1330274
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1330274
8
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*
reference_id cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*
9
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:google:android:*:*:*:*:*:*:*:*
reference_id cpe:2.3:o:google:android:*:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:google:android:*:*:*:*:*:*:*:*
10
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2810
reference_id CVE-2016-2810
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2810
11
reference_url https://nvd.nist.gov/vuln/detail/CVE-2016-2810
reference_id CVE-2016-2810
reference_type
scores
0
value 4.3
scoring_system cvssv2
scoring_elements AV:N/AC:M/Au:N/C:P/I:N/A:N
1
value 5.0
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N
url https://nvd.nist.gov/vuln/detail/CVE-2016-2810
12
reference_url https://security.gentoo.org/glsa/201701-15
reference_id GLSA-201701-15
reference_type
scores
url https://security.gentoo.org/glsa/201701-15
13
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2016-41
reference_id mfsa2016-41
reference_type
scores
0
value none
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2016-41
fixed_packages
0
url pkg:deb/debian/firefox@150.0-1?distro=sid
purl pkg:deb/debian/firefox@150.0-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@150.0-1%3Fdistro=sid
1
url pkg:deb/debian/firefox@0?distro=sid
purl pkg:deb/debian/firefox@0?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@0%3Fdistro=sid
2
url pkg:deb/debian/firefox@149.0-1?distro=sid
purl pkg:deb/debian/firefox@149.0-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0-1%3Fdistro=sid
3
url pkg:deb/debian/firefox@149.0.2-1?distro=sid
purl pkg:deb/debian/firefox@149.0.2-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0.2-1%3Fdistro=sid
aliases CVE-2016-2810
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-vzkp-7dsz-kbee
233
url VCID-w74w-gxyf-4kg3
vulnerability_id VCID-w74w-gxyf-4kg3
summary When a download was initiated, the client did not check whether it was in normal or private browsing mode, which led to private mode cookies being shared in normal browsing mode.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2021-29958
reference_id
reference_type
scores
0
value 0.00186
scoring_system epss
scoring_elements 0.40391
published_at 2026-04-21T12:55:00Z
1
value 0.00186
scoring_system epss
scoring_elements 0.40389
published_at 2026-04-01T12:55:00Z
2
value 0.00186
scoring_system epss
scoring_elements 0.40476
published_at 2026-04-02T12:55:00Z
3
value 0.00186
scoring_system epss
scoring_elements 0.40502
published_at 2026-04-04T12:55:00Z
4
value 0.00186
scoring_system epss
scoring_elements 0.40425
published_at 2026-04-07T12:55:00Z
5
value 0.00186
scoring_system epss
scoring_elements 0.40475
published_at 2026-04-08T12:55:00Z
6
value 0.00186
scoring_system epss
scoring_elements 0.40486
published_at 2026-04-09T12:55:00Z
7
value 0.00186
scoring_system epss
scoring_elements 0.40507
published_at 2026-04-11T12:55:00Z
8
value 0.00186
scoring_system epss
scoring_elements 0.4047
published_at 2026-04-12T12:55:00Z
9
value 0.00186
scoring_system epss
scoring_elements 0.4045
published_at 2026-04-13T12:55:00Z
10
value 0.00186
scoring_system epss
scoring_elements 0.40498
published_at 2026-04-16T12:55:00Z
11
value 0.00186
scoring_system epss
scoring_elements 0.40466
published_at 2026-04-18T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2021-29958
1
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2021-25
reference_id mfsa2021-25
reference_type
scores
0
value none
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2021-25
fixed_packages
0
url pkg:deb/debian/firefox@150.0-1?distro=sid
purl pkg:deb/debian/firefox@150.0-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@150.0-1%3Fdistro=sid
1
url pkg:deb/debian/firefox@0?distro=sid
purl pkg:deb/debian/firefox@0?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@0%3Fdistro=sid
2
url pkg:deb/debian/firefox@149.0-1?distro=sid
purl pkg:deb/debian/firefox@149.0-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0-1%3Fdistro=sid
3
url pkg:deb/debian/firefox@149.0.2-1?distro=sid
purl pkg:deb/debian/firefox@149.0.2-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0.2-1%3Fdistro=sid
aliases CVE-2021-29958
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-w74w-gxyf-4kg3
234
url VCID-wa6g-22qn-j3g2
vulnerability_id VCID-wa6g-22qn-j3g2
summary In the address bar, Firefox for Android truncated the display of URLs from the end instead of prioritizing the origin.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2025-8041
reference_id
reference_type
scores
0
value 0.00036
scoring_system epss
scoring_elements 0.10719
published_at 2026-04-21T12:55:00Z
1
value 0.00036
scoring_system epss
scoring_elements 0.10699
published_at 2026-04-02T12:55:00Z
2
value 0.00036
scoring_system epss
scoring_elements 0.10771
published_at 2026-04-11T12:55:00Z
3
value 0.00036
scoring_system epss
scoring_elements 0.10739
published_at 2026-04-12T12:55:00Z
4
value 0.00036
scoring_system epss
scoring_elements 0.10715
published_at 2026-04-13T12:55:00Z
5
value 0.00036
scoring_system epss
scoring_elements 0.10579
published_at 2026-04-16T12:55:00Z
6
value 0.00036
scoring_system epss
scoring_elements 0.10593
published_at 2026-04-18T12:55:00Z
7
value 0.00036
scoring_system epss
scoring_elements 0.10763
published_at 2026-04-04T12:55:00Z
8
value 0.00036
scoring_system epss
scoring_elements 0.10624
published_at 2026-04-07T12:55:00Z
9
value 0.00036
scoring_system epss
scoring_elements 0.107
published_at 2026-04-08T12:55:00Z
10
value 0.00036
scoring_system epss
scoring_elements 0.10756
published_at 2026-04-09T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2025-8041
1
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2025-56
reference_id mfsa2025-56
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2025-56
2
reference_url https://www.mozilla.org/security/advisories/mfsa2025-56/
reference_id mfsa2025-56
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-08-20T14:03:49Z/
url https://www.mozilla.org/security/advisories/mfsa2025-56/
3
reference_url https://bugzilla.mozilla.org/show_bug.cgi?id=1670725
reference_id show_bug.cgi?id=1670725
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-08-20T14:03:49Z/
url https://bugzilla.mozilla.org/show_bug.cgi?id=1670725
fixed_packages
0
url pkg:deb/debian/firefox@150.0-1?distro=sid
purl pkg:deb/debian/firefox@150.0-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@150.0-1%3Fdistro=sid
1
url pkg:deb/debian/firefox@0?distro=sid
purl pkg:deb/debian/firefox@0?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@0%3Fdistro=sid
2
url pkg:deb/debian/firefox@149.0-1?distro=sid
purl pkg:deb/debian/firefox@149.0-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0-1%3Fdistro=sid
3
url pkg:deb/debian/firefox@149.0.2-1?distro=sid
purl pkg:deb/debian/firefox@149.0.2-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0.2-1%3Fdistro=sid
aliases CVE-2025-8041
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-wa6g-22qn-j3g2
235
url VCID-waz9-711c-u3a6
vulnerability_id VCID-waz9-711c-u3a6
summary Opening Javascript links in a new tab via long-press in the Firefox iOS client could result in a malicious script spoofing the URL of the new tab.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2025-23108
reference_id
reference_type
scores
0
value 0.00768
scoring_system epss
scoring_elements 0.73507
published_at 2026-04-11T12:55:00Z
1
value 0.00768
scoring_system epss
scoring_elements 0.73438
published_at 2026-04-02T12:55:00Z
2
value 0.00768
scoring_system epss
scoring_elements 0.73531
published_at 2026-04-18T12:55:00Z
3
value 0.00768
scoring_system epss
scoring_elements 0.73522
published_at 2026-04-16T12:55:00Z
4
value 0.00768
scoring_system epss
scoring_elements 0.7348
published_at 2026-04-13T12:55:00Z
5
value 0.00768
scoring_system epss
scoring_elements 0.73487
published_at 2026-04-12T12:55:00Z
6
value 0.00768
scoring_system epss
scoring_elements 0.7346
published_at 2026-04-04T12:55:00Z
7
value 0.00768
scoring_system epss
scoring_elements 0.73433
published_at 2026-04-07T12:55:00Z
8
value 0.00768
scoring_system epss
scoring_elements 0.7347
published_at 2026-04-08T12:55:00Z
9
value 0.00768
scoring_system epss
scoring_elements 0.73483
published_at 2026-04-09T12:55:00Z
10
value 0.00987
scoring_system epss
scoring_elements 0.76881
published_at 2026-04-21T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2025-23108
1
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2025-06
reference_id mfsa2025-06
reference_type
scores
0
value none
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2025-06
2
reference_url https://www.mozilla.org/security/advisories/mfsa2025-06/
reference_id mfsa2025-06
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-13T17:44:14Z/
url https://www.mozilla.org/security/advisories/mfsa2025-06/
3
reference_url https://bugzilla.mozilla.org/show_bug.cgi?id=1933172
reference_id show_bug.cgi?id=1933172
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-13T17:44:14Z/
url https://bugzilla.mozilla.org/show_bug.cgi?id=1933172
fixed_packages
0
url pkg:deb/debian/firefox@150.0-1?distro=sid
purl pkg:deb/debian/firefox@150.0-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@150.0-1%3Fdistro=sid
1
url pkg:deb/debian/firefox@0?distro=sid
purl pkg:deb/debian/firefox@0?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@0%3Fdistro=sid
2
url pkg:deb/debian/firefox@149.0-1?distro=sid
purl pkg:deb/debian/firefox@149.0-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0-1%3Fdistro=sid
3
url pkg:deb/debian/firefox@149.0.2-1?distro=sid
purl pkg:deb/debian/firefox@149.0.2-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0.2-1%3Fdistro=sid
aliases CVE-2025-23108
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-waz9-711c-u3a6
236
url VCID-wfkr-weku-fudt
vulnerability_id VCID-wfkr-weku-fudt
summary Logging-related command line parameters are not properly sanitized when Firefox is launched by another program, such as when a user clicks on malicious links in a chat application. This can be used to write a log file to an arbitrary location such as the Windows 'Startup' folder. *Note: this issue only affects Firefox on Windows operating systems.*
references
0
reference_url http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00011.html
reference_id
reference_type
scores
url http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00011.html
1
reference_url http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00017.html
reference_id
reference_type
scores
url http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00017.html
2
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-11751.json
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-11751.json
3
reference_url https://api.first.org/data/v1/epss?cve=CVE-2019-11751
reference_id
reference_type
scores
0
value 0.00501
scoring_system epss
scoring_elements 0.6602
published_at 2026-04-21T12:55:00Z
1
value 0.00501
scoring_system epss
scoring_elements 0.66027
published_at 2026-04-11T12:55:00Z
2
value 0.00501
scoring_system epss
scoring_elements 0.66014
published_at 2026-04-12T12:55:00Z
3
value 0.00501
scoring_system epss
scoring_elements 0.65984
published_at 2026-04-13T12:55:00Z
4
value 0.00501
scoring_system epss
scoring_elements 0.66019
published_at 2026-04-16T12:55:00Z
5
value 0.00501
scoring_system epss
scoring_elements 0.66033
published_at 2026-04-18T12:55:00Z
6
value 0.00501
scoring_system epss
scoring_elements 0.65908
published_at 2026-04-01T12:55:00Z
7
value 0.00501
scoring_system epss
scoring_elements 0.65949
published_at 2026-04-02T12:55:00Z
8
value 0.00501
scoring_system epss
scoring_elements 0.65979
published_at 2026-04-04T12:55:00Z
9
value 0.00501
scoring_system epss
scoring_elements 0.65945
published_at 2026-04-07T12:55:00Z
10
value 0.00501
scoring_system epss
scoring_elements 0.65996
published_at 2026-04-08T12:55:00Z
11
value 0.00501
scoring_system epss
scoring_elements 0.66008
published_at 2026-04-09T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2019-11751
4
reference_url https://bugzilla.mozilla.org/show_bug.cgi?id=1572838
reference_id
reference_type
scores
url https://bugzilla.mozilla.org/show_bug.cgi?id=1572838
5
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
6
reference_url https://www.mozilla.org/security/advisories/mfsa2019-25/
reference_id
reference_type
scores
url https://www.mozilla.org/security/advisories/mfsa2019-25/
7
reference_url https://www.mozilla.org/security/advisories/mfsa2019-26/
reference_id
reference_type
scores
url https://www.mozilla.org/security/advisories/mfsa2019-26/
8
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1748668
reference_id 1748668
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1748668
9
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*
reference_id cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*
10
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox_esr:*:*:*:*:*:*:*:*
reference_id cpe:2.3:a:mozilla:firefox_esr:*:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox_esr:*:*:*:*:*:*:*:*
11
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*
reference_id cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*
12
reference_url https://nvd.nist.gov/vuln/detail/CVE-2019-11751
reference_id CVE-2019-11751
reference_type
scores
0
value 6.8
scoring_system cvssv2
scoring_elements AV:N/AC:M/Au:N/C:P/I:P/A:P
1
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
url https://nvd.nist.gov/vuln/detail/CVE-2019-11751
13
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2019-25
reference_id mfsa2019-25
reference_type
scores
0
value critical
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2019-25
14
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2019-26
reference_id mfsa2019-26
reference_type
scores
0
value critical
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2019-26
fixed_packages
0
url pkg:deb/debian/firefox@150.0-1?distro=sid
purl pkg:deb/debian/firefox@150.0-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@150.0-1%3Fdistro=sid
1
url pkg:deb/debian/firefox@0?distro=sid
purl pkg:deb/debian/firefox@0?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@0%3Fdistro=sid
2
url pkg:deb/debian/firefox@149.0-1?distro=sid
purl pkg:deb/debian/firefox@149.0-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0-1%3Fdistro=sid
3
url pkg:deb/debian/firefox@149.0.2-1?distro=sid
purl pkg:deb/debian/firefox@149.0.2-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0.2-1%3Fdistro=sid
aliases CVE-2019-11751
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-wfkr-weku-fudt
237
url VCID-wfqy-u76t-ybgb
vulnerability_id VCID-wfqy-u76t-ybgb
summary 
Following the recent Chrome sandbox escape (CVE-2025-2783), various Firefox
developers identified a similar pattern in our IPC code. A compromised child
process could cause the parent process to return an unintentionally
powerful handle, leading to a sandbox escape.
The original vulnerability was being exploited in the wild.
*This only affects Firefox on Windows. Other operating systems are unaffected.*
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-2857.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-2857.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2025-2857
reference_id
reference_type
scores
0
value 0.00123
scoring_system epss
scoring_elements 0.31506
published_at 2026-04-21T12:55:00Z
1
value 0.00123
scoring_system epss
scoring_elements 0.31657
published_at 2026-04-02T12:55:00Z
2
value 0.00123
scoring_system epss
scoring_elements 0.31701
published_at 2026-04-04T12:55:00Z
3
value 0.00123
scoring_system epss
scoring_elements 0.31519
published_at 2026-04-07T12:55:00Z
4
value 0.00123
scoring_system epss
scoring_elements 0.31571
published_at 2026-04-08T12:55:00Z
5
value 0.00123
scoring_system epss
scoring_elements 0.31601
published_at 2026-04-09T12:55:00Z
6
value 0.00123
scoring_system epss
scoring_elements 0.31606
published_at 2026-04-11T12:55:00Z
7
value 0.00123
scoring_system epss
scoring_elements 0.31564
published_at 2026-04-12T12:55:00Z
8
value 0.00123
scoring_system epss
scoring_elements 0.31527
published_at 2026-04-13T12:55:00Z
9
value 0.00123
scoring_system epss
scoring_elements 0.31561
published_at 2026-04-16T12:55:00Z
10
value 0.00123
scoring_system epss
scoring_elements 0.31538
published_at 2026-04-18T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2025-2857
2
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2355327
reference_id 2355327
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2355327
3
reference_url https://www.cve.org/CVERecord?id=CVE-2025-2783
reference_id CVERecord?id=CVE-2025-2783
reference_type
scores
0
value 10
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-03-28T15:23:40Z/
url https://www.cve.org/CVERecord?id=CVE-2025-2783
4
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2025-19
reference_id mfsa2025-19
reference_type
scores
0
value critical
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2025-19
5
reference_url https://www.mozilla.org/security/advisories/mfsa2025-19/
reference_id mfsa2025-19
reference_type
scores
0
value 10
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-03-28T15:23:40Z/
url https://www.mozilla.org/security/advisories/mfsa2025-19/
6
reference_url https://bugzilla.mozilla.org/show_bug.cgi?id=1956398
reference_id show_bug.cgi?id=1956398
reference_type
scores
0
value 10
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-03-28T15:23:40Z/
url https://bugzilla.mozilla.org/show_bug.cgi?id=1956398
fixed_packages
0
url pkg:deb/debian/firefox@150.0-1?distro=sid
purl pkg:deb/debian/firefox@150.0-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@150.0-1%3Fdistro=sid
1
url pkg:deb/debian/firefox@0?distro=sid
purl pkg:deb/debian/firefox@0?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@0%3Fdistro=sid
2
url pkg:deb/debian/firefox@149.0-1?distro=sid
purl pkg:deb/debian/firefox@149.0-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0-1%3Fdistro=sid
3
url pkg:deb/debian/firefox@149.0.2-1?distro=sid
purl pkg:deb/debian/firefox@149.0.2-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0.2-1%3Fdistro=sid
aliases CVE-2025-2857
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-wfqy-u76t-ybgb
238
url VCID-wk26-kc1d-9qcy
vulnerability_id VCID-wk26-kc1d-9qcy
summary 
Firefox could be made to load attacker-supplied DLL files from the installation directory.
This required an attacker that is already capable of placing files in the installation directory.
*Note: This issue only affected Windows operating systems. Other operating systems are unaffected.*
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-15657.json
reference_id
reference_type
scores
0
value 7.3
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-15657.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2020-15657
reference_id
reference_type
scores
0
value 0.00199
scoring_system epss
scoring_elements 0.42035
published_at 2026-04-18T12:55:00Z
1
value 0.00199
scoring_system epss
scoring_elements 0.42037
published_at 2026-04-12T12:55:00Z
2
value 0.00199
scoring_system epss
scoring_elements 0.42013
published_at 2026-04-13T12:55:00Z
3
value 0.00199
scoring_system epss
scoring_elements 0.42062
published_at 2026-04-16T12:55:00Z
4
value 0.00199
scoring_system epss
scoring_elements 0.41965
published_at 2026-04-21T12:55:00Z
5
value 0.00199
scoring_system epss
scoring_elements 0.42026
published_at 2026-04-02T12:55:00Z
6
value 0.00199
scoring_system epss
scoring_elements 0.42055
published_at 2026-04-04T12:55:00Z
7
value 0.00199
scoring_system epss
scoring_elements 0.41992
published_at 2026-04-07T12:55:00Z
8
value 0.00199
scoring_system epss
scoring_elements 0.42042
published_at 2026-04-08T12:55:00Z
9
value 0.00199
scoring_system epss
scoring_elements 0.42054
published_at 2026-04-09T12:55:00Z
10
value 0.00199
scoring_system epss
scoring_elements 0.42076
published_at 2026-04-11T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2020-15657
2
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1861648
reference_id 1861648
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1861648
3
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2020-30
reference_id mfsa2020-30
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2020-30
4
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2020-32
reference_id mfsa2020-32
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2020-32
5
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2020-33
reference_id mfsa2020-33
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2020-33
fixed_packages
0
url pkg:deb/debian/firefox@150.0-1?distro=sid
purl pkg:deb/debian/firefox@150.0-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@150.0-1%3Fdistro=sid
1
url pkg:deb/debian/firefox@0?distro=sid
purl pkg:deb/debian/firefox@0?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@0%3Fdistro=sid
2
url pkg:deb/debian/firefox@149.0-1?distro=sid
purl pkg:deb/debian/firefox@149.0-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0-1%3Fdistro=sid
3
url pkg:deb/debian/firefox@149.0.2-1?distro=sid
purl pkg:deb/debian/firefox@149.0.2-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0.2-1%3Fdistro=sid
aliases CVE-2020-15657
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-wk26-kc1d-9qcy
239
url VCID-wxt9-u43n-2qhs
vulnerability_id VCID-wxt9-u43n-2qhs
summary When accepting a malicious intent from other installed apps, Firefox for Android accepted manifests from arbitrary file paths and allowed declaring webapp manifests for other origins. This could be used to gain fullscreen access for UI spoofing and could also lead to cross-origin attacks on targeted websites.*Note: This issue only affected Firefox for Android. Other operating systems are unaffected.*
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2020-26954
reference_id
reference_type
scores
0
value 0.00284
scoring_system epss
scoring_elements 0.5184
published_at 2026-04-21T12:55:00Z
1
value 0.00284
scoring_system epss
scoring_elements 0.51707
published_at 2026-04-01T12:55:00Z
2
value 0.00284
scoring_system epss
scoring_elements 0.51756
published_at 2026-04-02T12:55:00Z
3
value 0.00284
scoring_system epss
scoring_elements 0.51782
published_at 2026-04-04T12:55:00Z
4
value 0.00284
scoring_system epss
scoring_elements 0.51742
published_at 2026-04-07T12:55:00Z
5
value 0.00284
scoring_system epss
scoring_elements 0.51797
published_at 2026-04-08T12:55:00Z
6
value 0.00284
scoring_system epss
scoring_elements 0.51794
published_at 2026-04-09T12:55:00Z
7
value 0.00284
scoring_system epss
scoring_elements 0.51845
published_at 2026-04-11T12:55:00Z
8
value 0.00284
scoring_system epss
scoring_elements 0.51824
published_at 2026-04-12T12:55:00Z
9
value 0.00284
scoring_system epss
scoring_elements 0.51809
published_at 2026-04-13T12:55:00Z
10
value 0.00284
scoring_system epss
scoring_elements 0.51852
published_at 2026-04-16T12:55:00Z
11
value 0.00284
scoring_system epss
scoring_elements 0.51859
published_at 2026-04-18T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2020-26954
1
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2020-50
reference_id mfsa2020-50
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2020-50
fixed_packages
0
url pkg:deb/debian/firefox@150.0-1?distro=sid
purl pkg:deb/debian/firefox@150.0-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@150.0-1%3Fdistro=sid
1
url pkg:deb/debian/firefox@0?distro=sid
purl pkg:deb/debian/firefox@0?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@0%3Fdistro=sid
2
url pkg:deb/debian/firefox@149.0-1?distro=sid
purl pkg:deb/debian/firefox@149.0-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0-1%3Fdistro=sid
3
url pkg:deb/debian/firefox@149.0.2-1?distro=sid
purl pkg:deb/debian/firefox@149.0.2-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0.2-1%3Fdistro=sid
aliases CVE-2020-26954
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-wxt9-u43n-2qhs
240
url VCID-wxx1-uk1t-8khg
vulnerability_id VCID-wxx1-uk1t-8khg
summary When a URL was provided in a link querystring parameter, Firefox for Android would follow that URL instead of the correct URL, potentially leading to phishing attacks.*This bug only affects Firefox for Android. Other versions of Firefox are unaffected.*
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-6428.json
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-6428.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2025-6428
reference_id
reference_type
scores
0
value 0.00058
scoring_system epss
scoring_elements 0.18126
published_at 2026-04-09T12:55:00Z
1
value 0.00058
scoring_system epss
scoring_elements 0.18226
published_at 2026-04-02T12:55:00Z
2
value 0.00058
scoring_system epss
scoring_elements 0.18279
published_at 2026-04-04T12:55:00Z
3
value 0.00058
scoring_system epss
scoring_elements 0.1798
published_at 2026-04-07T12:55:00Z
4
value 0.00058
scoring_system epss
scoring_elements 0.18065
published_at 2026-04-08T12:55:00Z
5
value 0.00062
scoring_system epss
scoring_elements 0.19455
published_at 2026-04-12T12:55:00Z
6
value 0.00062
scoring_system epss
scoring_elements 0.19366
published_at 2026-04-18T12:55:00Z
7
value 0.00062
scoring_system epss
scoring_elements 0.19502
published_at 2026-04-11T12:55:00Z
8
value 0.00062
scoring_system epss
scoring_elements 0.19358
published_at 2026-04-16T12:55:00Z
9
value 0.00062
scoring_system epss
scoring_elements 0.19397
published_at 2026-04-13T12:55:00Z
10
value 0.00177
scoring_system epss
scoring_elements 0.3916
published_at 2026-04-21T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2025-6428
2
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
3
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2374568
reference_id 2374568
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2374568
4
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2025-51
reference_id mfsa2025-51
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2025-51
5
reference_url https://www.mozilla.org/security/advisories/mfsa2025-51/
reference_id mfsa2025-51
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-25T14:20:42Z/
url https://www.mozilla.org/security/advisories/mfsa2025-51/
6
reference_url https://bugzilla.mozilla.org/show_bug.cgi?id=1970151
reference_id show_bug.cgi?id=1970151
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-25T14:20:42Z/
url https://bugzilla.mozilla.org/show_bug.cgi?id=1970151
fixed_packages
0
url pkg:deb/debian/firefox@150.0-1?distro=sid
purl pkg:deb/debian/firefox@150.0-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@150.0-1%3Fdistro=sid
1
url pkg:deb/debian/firefox@0?distro=sid
purl pkg:deb/debian/firefox@0?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@0%3Fdistro=sid
2
url pkg:deb/debian/firefox@149.0-1?distro=sid
purl pkg:deb/debian/firefox@149.0-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0-1%3Fdistro=sid
3
url pkg:deb/debian/firefox@149.0.2-1?distro=sid
purl pkg:deb/debian/firefox@149.0.2-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0.2-1%3Fdistro=sid
aliases CVE-2025-6428
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-wxx1-uk1t-8khg
241
url VCID-wzxk-316c-xqcg
vulnerability_id VCID-wzxk-316c-xqcg
summary When downloading files on Windows, the % character was not escaped, which could have lead to a download incorrectly being saved to attacker-influenced paths that used variables such as %HOMEPATH% or %APPDATA%.*This bug only affects Firefox for Windows. Other operating systems are unaffected.*
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-31739.json
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-31739.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2022-31739
reference_id
reference_type
scores
0
value 0.00477
scoring_system epss
scoring_elements 0.64976
published_at 2026-04-21T12:55:00Z
1
value 0.00477
scoring_system epss
scoring_elements 0.64992
published_at 2026-04-18T12:55:00Z
2
value 0.00477
scoring_system epss
scoring_elements 0.64981
published_at 2026-04-16T12:55:00Z
3
value 0.00477
scoring_system epss
scoring_elements 0.6491
published_at 2026-04-02T12:55:00Z
4
value 0.00477
scoring_system epss
scoring_elements 0.64944
published_at 2026-04-13T12:55:00Z
5
value 0.00477
scoring_system epss
scoring_elements 0.64972
published_at 2026-04-12T12:55:00Z
6
value 0.00477
scoring_system epss
scoring_elements 0.64982
published_at 2026-04-11T12:55:00Z
7
value 0.00477
scoring_system epss
scoring_elements 0.64964
published_at 2026-04-09T12:55:00Z
8
value 0.00477
scoring_system epss
scoring_elements 0.6495
published_at 2026-04-08T12:55:00Z
9
value 0.00477
scoring_system epss
scoring_elements 0.64937
published_at 2026-04-04T12:55:00Z
10
value 0.00477
scoring_system epss
scoring_elements 0.649
published_at 2026-04-07T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2022-31739
2
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
3
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2092022
reference_id 2092022
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2092022
4
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2022-20
reference_id mfsa2022-20
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2022-20
5
reference_url https://www.mozilla.org/security/advisories/mfsa2022-20/
reference_id mfsa2022-20
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-16T13:52:42Z/
url https://www.mozilla.org/security/advisories/mfsa2022-20/
6
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2022-21
reference_id mfsa2022-21
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2022-21
7
reference_url https://www.mozilla.org/security/advisories/mfsa2022-21/
reference_id mfsa2022-21
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-16T13:52:42Z/
url https://www.mozilla.org/security/advisories/mfsa2022-21/
8
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2022-22
reference_id mfsa2022-22
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2022-22
9
reference_url https://www.mozilla.org/security/advisories/mfsa2022-22/
reference_id mfsa2022-22
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-16T13:52:42Z/
url https://www.mozilla.org/security/advisories/mfsa2022-22/
10
reference_url https://bugzilla.mozilla.org/show_bug.cgi?id=1765049
reference_id show_bug.cgi?id=1765049
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-16T13:52:42Z/
url https://bugzilla.mozilla.org/show_bug.cgi?id=1765049
fixed_packages
0
url pkg:deb/debian/firefox@150.0-1?distro=sid
purl pkg:deb/debian/firefox@150.0-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@150.0-1%3Fdistro=sid
1
url pkg:deb/debian/firefox@0?distro=sid
purl pkg:deb/debian/firefox@0?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@0%3Fdistro=sid
2
url pkg:deb/debian/firefox@149.0-1?distro=sid
purl pkg:deb/debian/firefox@149.0-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0-1%3Fdistro=sid
3
url pkg:deb/debian/firefox@149.0.2-1?distro=sid
purl pkg:deb/debian/firefox@149.0.2-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0.2-1%3Fdistro=sid
aliases CVE-2022-31739
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-wzxk-316c-xqcg
242
url VCID-x4v4-7y4q-mfbs
vulnerability_id VCID-x4v4-7y4q-mfbs
summary Multiple vulnerabilities have been found in Mozilla Firefox, the worst of which could lead to remote code execution.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2023-6868
reference_id
reference_type
scores
0
value 0.00128
scoring_system epss
scoring_elements 0.32131
published_at 2026-04-21T12:55:00Z
1
value 0.00128
scoring_system epss
scoring_elements 0.32275
published_at 2026-04-02T12:55:00Z
2
value 0.00128
scoring_system epss
scoring_elements 0.32312
published_at 2026-04-04T12:55:00Z
3
value 0.00128
scoring_system epss
scoring_elements 0.32136
published_at 2026-04-07T12:55:00Z
4
value 0.00128
scoring_system epss
scoring_elements 0.32186
published_at 2026-04-08T12:55:00Z
5
value 0.00128
scoring_system epss
scoring_elements 0.32213
published_at 2026-04-09T12:55:00Z
6
value 0.00128
scoring_system epss
scoring_elements 0.32215
published_at 2026-04-11T12:55:00Z
7
value 0.00128
scoring_system epss
scoring_elements 0.32177
published_at 2026-04-12T12:55:00Z
8
value 0.00128
scoring_system epss
scoring_elements 0.32144
published_at 2026-04-13T12:55:00Z
9
value 0.00128
scoring_system epss
scoring_elements 0.32178
published_at 2026-04-16T12:55:00Z
10
value 0.00128
scoring_system epss
scoring_elements 0.32157
published_at 2026-04-18T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2023-6868
1
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2023-56
reference_id mfsa2023-56
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2023-56
fixed_packages
0
url pkg:deb/debian/firefox@150.0-1?distro=sid
purl pkg:deb/debian/firefox@150.0-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@150.0-1%3Fdistro=sid
1
url pkg:deb/debian/firefox@0?distro=sid
purl pkg:deb/debian/firefox@0?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@0%3Fdistro=sid
2
url pkg:deb/debian/firefox@149.0-1?distro=sid
purl pkg:deb/debian/firefox@149.0-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0-1%3Fdistro=sid
3
url pkg:deb/debian/firefox@149.0.2-1?distro=sid
purl pkg:deb/debian/firefox@149.0.2-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0.2-1%3Fdistro=sid
aliases CVE-2023-6868
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-x4v4-7y4q-mfbs
243
url VCID-x4zd-xhwx-hqg3
vulnerability_id VCID-x4zd-xhwx-hqg3
summary A rogue webpage could override the injected WKUserScript used by the logins autofill, this exploit could result in leaking a password for the current domain.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2020-15661
reference_id
reference_type
scores
0
value 0.00212
scoring_system epss
scoring_elements 0.43746
published_at 2026-04-21T12:55:00Z
1
value 0.00212
scoring_system epss
scoring_elements 0.43721
published_at 2026-04-01T12:55:00Z
2
value 0.00212
scoring_system epss
scoring_elements 0.43776
published_at 2026-04-02T12:55:00Z
3
value 0.00212
scoring_system epss
scoring_elements 0.438
published_at 2026-04-04T12:55:00Z
4
value 0.00212
scoring_system epss
scoring_elements 0.43732
published_at 2026-04-07T12:55:00Z
5
value 0.00212
scoring_system epss
scoring_elements 0.43783
published_at 2026-04-08T12:55:00Z
6
value 0.00212
scoring_system epss
scoring_elements 0.43787
published_at 2026-04-09T12:55:00Z
7
value 0.00212
scoring_system epss
scoring_elements 0.43807
published_at 2026-04-11T12:55:00Z
8
value 0.00212
scoring_system epss
scoring_elements 0.43775
published_at 2026-04-12T12:55:00Z
9
value 0.00212
scoring_system epss
scoring_elements 0.43759
published_at 2026-04-13T12:55:00Z
10
value 0.00212
scoring_system epss
scoring_elements 0.43821
published_at 2026-04-16T12:55:00Z
11
value 0.00212
scoring_system epss
scoring_elements 0.43813
published_at 2026-04-18T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2020-15661
1
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2020-34
reference_id mfsa2020-34
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2020-34
fixed_packages
0
url pkg:deb/debian/firefox@150.0-1?distro=sid
purl pkg:deb/debian/firefox@150.0-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@150.0-1%3Fdistro=sid
1
url pkg:deb/debian/firefox@0?distro=sid
purl pkg:deb/debian/firefox@0?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@0%3Fdistro=sid
2
url pkg:deb/debian/firefox@149.0-1?distro=sid
purl pkg:deb/debian/firefox@149.0-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0-1%3Fdistro=sid
3
url pkg:deb/debian/firefox@149.0.2-1?distro=sid
purl pkg:deb/debian/firefox@149.0.2-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0.2-1%3Fdistro=sid
aliases CVE-2020-15661
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-x4zd-xhwx-hqg3
244
url VCID-x6h2-249d-nugj
vulnerability_id VCID-x6h2-249d-nugj
summary In certain scenarios a malicious website could attempt to display a fake location URL bar which could mislead users as to the actual website address
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2024-38313
reference_id
reference_type
scores
0
value 0.00392
scoring_system epss
scoring_elements 0.60237
published_at 2026-04-21T12:55:00Z
1
value 0.00392
scoring_system epss
scoring_elements 0.60234
published_at 2026-04-11T12:55:00Z
2
value 0.00392
scoring_system epss
scoring_elements 0.6022
published_at 2026-04-12T12:55:00Z
3
value 0.00392
scoring_system epss
scoring_elements 0.60202
published_at 2026-04-13T12:55:00Z
4
value 0.00392
scoring_system epss
scoring_elements 0.60242
published_at 2026-04-16T12:55:00Z
5
value 0.00392
scoring_system epss
scoring_elements 0.60249
published_at 2026-04-18T12:55:00Z
6
value 0.00392
scoring_system epss
scoring_elements 0.60154
published_at 2026-04-02T12:55:00Z
7
value 0.00392
scoring_system epss
scoring_elements 0.60179
published_at 2026-04-04T12:55:00Z
8
value 0.00392
scoring_system epss
scoring_elements 0.60149
published_at 2026-04-07T12:55:00Z
9
value 0.00392
scoring_system epss
scoring_elements 0.60198
published_at 2026-04-08T12:55:00Z
10
value 0.00392
scoring_system epss
scoring_elements 0.60212
published_at 2026-04-09T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2024-38313
1
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2024-27
reference_id mfsa2024-27
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2024-27
2
reference_url https://www.mozilla.org/security/advisories/mfsa2024-27/
reference_id mfsa2024-27
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-06-14T16:23:38Z/
url https://www.mozilla.org/security/advisories/mfsa2024-27/
3
reference_url https://bugzilla.mozilla.org/show_bug.cgi?id=1878489
reference_id show_bug.cgi?id=1878489
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-06-14T16:23:38Z/
url https://bugzilla.mozilla.org/show_bug.cgi?id=1878489
fixed_packages
0
url pkg:deb/debian/firefox@150.0-1?distro=sid
purl pkg:deb/debian/firefox@150.0-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@150.0-1%3Fdistro=sid
1
url pkg:deb/debian/firefox@0?distro=sid
purl pkg:deb/debian/firefox@0?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@0%3Fdistro=sid
2
url pkg:deb/debian/firefox@149.0-1?distro=sid
purl pkg:deb/debian/firefox@149.0-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0-1%3Fdistro=sid
3
url pkg:deb/debian/firefox@149.0.2-1?distro=sid
purl pkg:deb/debian/firefox@149.0.2-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0.2-1%3Fdistro=sid
aliases CVE-2024-38313
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-x6h2-249d-nugj
245
url VCID-xa7t-851a-efey
vulnerability_id VCID-xa7t-851a-efey
summary Multiple vulnerabilities have been found in Mozilla Firefox, the worst of which could result in the arbitrary execution of code.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2022-22758
reference_id
reference_type
scores
0
value 0.00152
scoring_system epss
scoring_elements 0.35775
published_at 2026-04-21T12:55:00Z
1
value 0.00152
scoring_system epss
scoring_elements 0.3592
published_at 2026-04-02T12:55:00Z
2
value 0.00152
scoring_system epss
scoring_elements 0.35861
published_at 2026-04-11T12:55:00Z
3
value 0.00152
scoring_system epss
scoring_elements 0.35821
published_at 2026-04-12T12:55:00Z
4
value 0.00152
scoring_system epss
scoring_elements 0.35798
published_at 2026-04-13T12:55:00Z
5
value 0.00152
scoring_system epss
scoring_elements 0.35837
published_at 2026-04-16T12:55:00Z
6
value 0.00152
scoring_system epss
scoring_elements 0.35825
published_at 2026-04-18T12:55:00Z
7
value 0.00152
scoring_system epss
scoring_elements 0.35951
published_at 2026-04-04T12:55:00Z
8
value 0.00152
scoring_system epss
scoring_elements 0.35781
published_at 2026-04-07T12:55:00Z
9
value 0.00152
scoring_system epss
scoring_elements 0.35832
published_at 2026-04-08T12:55:00Z
10
value 0.00152
scoring_system epss
scoring_elements 0.35854
published_at 2026-04-09T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2022-22758
1
reference_url https://security.gentoo.org/glsa/202202-03
reference_id GLSA-202202-03
reference_type
scores
url https://security.gentoo.org/glsa/202202-03
2
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2022-04
reference_id mfsa2022-04
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2022-04
3
reference_url https://www.mozilla.org/security/advisories/mfsa2022-04/
reference_id mfsa2022-04
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value Track*
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2025-04-16T14:26:36Z/
url https://www.mozilla.org/security/advisories/mfsa2022-04/
4
reference_url https://bugzilla.mozilla.org/show_bug.cgi?id=1728742
reference_id show_bug.cgi?id=1728742
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value Track*
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2025-04-16T14:26:36Z/
url https://bugzilla.mozilla.org/show_bug.cgi?id=1728742
fixed_packages
0
url pkg:deb/debian/firefox@150.0-1?distro=sid
purl pkg:deb/debian/firefox@150.0-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@150.0-1%3Fdistro=sid
1
url pkg:deb/debian/firefox@0?distro=sid
purl pkg:deb/debian/firefox@0?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@0%3Fdistro=sid
2
url pkg:deb/debian/firefox@149.0-1?distro=sid
purl pkg:deb/debian/firefox@149.0-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0-1%3Fdistro=sid
3
url pkg:deb/debian/firefox@149.0.2-1?distro=sid
purl pkg:deb/debian/firefox@149.0.2-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0.2-1%3Fdistro=sid
aliases CVE-2022-22758
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-xa7t-851a-efey
246
url VCID-xmnb-bf3j-hkgp
vulnerability_id VCID-xmnb-bf3j-hkgp
summary A location bar spoofing attack where the location bar of loaded page will be shown over the content of another tab due to a series of JavaScript events combined with fullscreen mode. *Note: This issue only affects Firefox for Android. Other operating systems are not affected.*
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2017-5394
reference_id
reference_type
scores
0
value 0.0014
scoring_system epss
scoring_elements 0.34145
published_at 2026-04-21T12:55:00Z
1
value 0.0014
scoring_system epss
scoring_elements 0.33916
published_at 2026-04-01T12:55:00Z
2
value 0.0014
scoring_system epss
scoring_elements 0.34182
published_at 2026-04-18T12:55:00Z
3
value 0.0014
scoring_system epss
scoring_elements 0.34158
published_at 2026-04-13T12:55:00Z
4
value 0.0014
scoring_system epss
scoring_elements 0.34194
published_at 2026-04-16T12:55:00Z
5
value 0.0014
scoring_system epss
scoring_elements 0.34256
published_at 2026-04-02T12:55:00Z
6
value 0.0014
scoring_system epss
scoring_elements 0.34289
published_at 2026-04-04T12:55:00Z
7
value 0.0014
scoring_system epss
scoring_elements 0.34152
published_at 2026-04-07T12:55:00Z
8
value 0.0014
scoring_system epss
scoring_elements 0.34195
published_at 2026-04-08T12:55:00Z
9
value 0.0014
scoring_system epss
scoring_elements 0.34224
published_at 2026-04-11T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2017-5394
1
reference_url https://bugzilla.mozilla.org/show_bug.cgi?id=1222798
reference_id
reference_type
scores
url https://bugzilla.mozilla.org/show_bug.cgi?id=1222798
2
reference_url https://www.mozilla.org/security/advisories/mfsa2017-01/
reference_id
reference_type
scores
url https://www.mozilla.org/security/advisories/mfsa2017-01/
3
reference_url http://www.securityfocus.com/bid/95763
reference_id
reference_type
scores
url http://www.securityfocus.com/bid/95763
4
reference_url http://www.securitytracker.com/id/1037693
reference_id
reference_type
scores
url http://www.securitytracker.com/id/1037693
5
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*
reference_id cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*
6
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:google:android:-:*:*:*:*:*:*:*
reference_id cpe:2.3:o:google:android:-:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:google:android:-:*:*:*:*:*:*:*
7
reference_url https://nvd.nist.gov/vuln/detail/CVE-2017-5394
reference_id CVE-2017-5394
reference_type
scores
0
value 6.8
scoring_system cvssv2
scoring_elements AV:N/AC:M/Au:N/C:P/I:P/A:P
1
value 8.8
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
url https://nvd.nist.gov/vuln/detail/CVE-2017-5394
8
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2017-01
reference_id mfsa2017-01
reference_type
scores
0
value critical
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2017-01
fixed_packages
0
url pkg:deb/debian/firefox@150.0-1?distro=sid
purl pkg:deb/debian/firefox@150.0-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@150.0-1%3Fdistro=sid
1
url pkg:deb/debian/firefox@0?distro=sid
purl pkg:deb/debian/firefox@0?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@0%3Fdistro=sid
2
url pkg:deb/debian/firefox@149.0-1?distro=sid
purl pkg:deb/debian/firefox@149.0-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0-1%3Fdistro=sid
3
url pkg:deb/debian/firefox@149.0.2-1?distro=sid
purl pkg:deb/debian/firefox@149.0.2-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0.2-1%3Fdistro=sid
aliases CVE-2017-5394
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-xmnb-bf3j-hkgp
247
url VCID-xxhb-q6ax-bbga
vulnerability_id VCID-xxhb-q6ax-bbga
summary The permission request prompt from the site in the background tab was overlaid on top of the site in the foreground tab.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2023-37455
reference_id
reference_type
scores
0
value 0.0019
scoring_system epss
scoring_elements 0.40969
published_at 2026-04-04T12:55:00Z
1
value 0.0019
scoring_system epss
scoring_elements 0.40942
published_at 2026-04-02T12:55:00Z
2
value 0.00238
scoring_system epss
scoring_elements 0.46909
published_at 2026-04-21T12:55:00Z
3
value 0.00238
scoring_system epss
scoring_elements 0.46907
published_at 2026-04-13T12:55:00Z
4
value 0.00238
scoring_system epss
scoring_elements 0.46964
published_at 2026-04-16T12:55:00Z
5
value 0.00238
scoring_system epss
scoring_elements 0.4696
published_at 2026-04-18T12:55:00Z
6
value 0.00238
scoring_system epss
scoring_elements 0.46851
published_at 2026-04-07T12:55:00Z
7
value 0.00238
scoring_system epss
scoring_elements 0.46905
published_at 2026-04-08T12:55:00Z
8
value 0.00238
scoring_system epss
scoring_elements 0.46904
published_at 2026-04-09T12:55:00Z
9
value 0.00238
scoring_system epss
scoring_elements 0.46927
published_at 2026-04-11T12:55:00Z
10
value 0.00238
scoring_system epss
scoring_elements 0.469
published_at 2026-04-12T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2023-37455
1
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2023-25
reference_id mfsa2023-25
reference_type
scores
0
value none
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2023-25
2
reference_url https://www.mozilla.org/security/advisories/mfsa2023-25/
reference_id mfsa2023-25
reference_type
scores
0
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-11-07T15:04:34Z/
url https://www.mozilla.org/security/advisories/mfsa2023-25/
3
reference_url https://bugzilla.mozilla.org/show_bug.cgi?id=1786934
reference_id show_bug.cgi?id=1786934
reference_type
scores
0
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-11-07T15:04:34Z/
url https://bugzilla.mozilla.org/show_bug.cgi?id=1786934
fixed_packages
0
url pkg:deb/debian/firefox@150.0-1?distro=sid
purl pkg:deb/debian/firefox@150.0-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@150.0-1%3Fdistro=sid
1
url pkg:deb/debian/firefox@0?distro=sid
purl pkg:deb/debian/firefox@0?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@0%3Fdistro=sid
2
url pkg:deb/debian/firefox@149.0-1?distro=sid
purl pkg:deb/debian/firefox@149.0-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0-1%3Fdistro=sid
3
url pkg:deb/debian/firefox@149.0.2-1?distro=sid
purl pkg:deb/debian/firefox@149.0.2-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0.2-1%3Fdistro=sid
aliases CVE-2023-37455
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-xxhb-q6ax-bbga
248
url VCID-y7rn-wb1d-vbdg
vulnerability_id VCID-y7rn-wb1d-vbdg
summary The "Mark of the Web" was not correctly saved on Windows when files with very long names were downloaded from the Internet. Without the Mark of the Web data, the security warning that Windows displays before running executables downloaded from the Internet is not shown. *Note: This attack only affects Windows operating systems. Other operating systems are unaffected.*
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2017-7765
reference_id
reference_type
scores
0
value 0.00493
scoring_system epss
scoring_elements 0.65711
published_at 2026-04-21T12:55:00Z
1
value 0.00493
scoring_system epss
scoring_elements 0.65723
published_at 2026-04-11T12:55:00Z
2
value 0.00493
scoring_system epss
scoring_elements 0.65709
published_at 2026-04-12T12:55:00Z
3
value 0.00493
scoring_system epss
scoring_elements 0.65679
published_at 2026-04-13T12:55:00Z
4
value 0.00493
scoring_system epss
scoring_elements 0.65714
published_at 2026-04-16T12:55:00Z
5
value 0.00493
scoring_system epss
scoring_elements 0.65727
published_at 2026-04-18T12:55:00Z
6
value 0.00493
scoring_system epss
scoring_elements 0.65595
published_at 2026-04-01T12:55:00Z
7
value 0.00493
scoring_system epss
scoring_elements 0.65644
published_at 2026-04-02T12:55:00Z
8
value 0.00493
scoring_system epss
scoring_elements 0.65673
published_at 2026-04-04T12:55:00Z
9
value 0.00493
scoring_system epss
scoring_elements 0.65638
published_at 2026-04-07T12:55:00Z
10
value 0.00493
scoring_system epss
scoring_elements 0.6569
published_at 2026-04-08T12:55:00Z
11
value 0.00493
scoring_system epss
scoring_elements 0.65702
published_at 2026-04-09T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2017-7765
1
reference_url https://bugzilla.mozilla.org/show_bug.cgi?id=1273265
reference_id
reference_type
scores
url https://bugzilla.mozilla.org/show_bug.cgi?id=1273265
2
reference_url https://www.mozilla.org/security/advisories/mfsa2017-15/
reference_id
reference_type
scores
url https://www.mozilla.org/security/advisories/mfsa2017-15/
3
reference_url https://www.mozilla.org/security/advisories/mfsa2017-16/
reference_id
reference_type
scores
url https://www.mozilla.org/security/advisories/mfsa2017-16/
4
reference_url https://www.mozilla.org/security/advisories/mfsa2017-17/
reference_id
reference_type
scores
url https://www.mozilla.org/security/advisories/mfsa2017-17/
5
reference_url http://www.securityfocus.com/bid/99057
reference_id
reference_type
scores
url http://www.securityfocus.com/bid/99057
6
reference_url http://www.securitytracker.com/id/1038689
reference_id
reference_type
scores
url http://www.securitytracker.com/id/1038689
7
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*
reference_id cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*
8
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*
reference_id cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*
9
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*
reference_id cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*
10
reference_url https://nvd.nist.gov/vuln/detail/CVE-2017-7765
reference_id CVE-2017-7765
reference_type
scores
0
value 5.0
scoring_system cvssv2
scoring_elements AV:N/AC:L/Au:N/C:N/I:P/A:N
1
value 7.5
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
url https://nvd.nist.gov/vuln/detail/CVE-2017-7765
11
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2017-15
reference_id mfsa2017-15
reference_type
scores
0
value critical
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2017-15
12
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2017-16
reference_id mfsa2017-16
reference_type
scores
0
value critical
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2017-16
13
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2017-17
reference_id mfsa2017-17
reference_type
scores
0
value critical
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2017-17
fixed_packages
0
url pkg:deb/debian/firefox@150.0-1?distro=sid
purl pkg:deb/debian/firefox@150.0-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@150.0-1%3Fdistro=sid
1
url pkg:deb/debian/firefox@0?distro=sid
purl pkg:deb/debian/firefox@0?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@0%3Fdistro=sid
2
url pkg:deb/debian/firefox@149.0-1?distro=sid
purl pkg:deb/debian/firefox@149.0-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0-1%3Fdistro=sid
3
url pkg:deb/debian/firefox@149.0.2-1?distro=sid
purl pkg:deb/debian/firefox@149.0.2-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0.2-1%3Fdistro=sid
aliases CVE-2017-7765
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-y7rn-wb1d-vbdg
249
url VCID-yfmg-82tr-gfec
vulnerability_id VCID-yfmg-82tr-gfec
summary The executable file warning was not presented when downloading .inetloc files, which, due to a flaw in Mac OS, can run commands on a user's computer.*Note: This issue only affected Mac OS operating systems. Other operating systems are unaffected.*
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-38510.json
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-38510.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2021-38510
reference_id
reference_type
scores
0
value 0.00467
scoring_system epss
scoring_elements 0.64398
published_at 2026-04-07T12:55:00Z
1
value 0.00467
scoring_system epss
scoring_elements 0.64446
published_at 2026-04-08T12:55:00Z
2
value 0.00467
scoring_system epss
scoring_elements 0.64472
published_at 2026-04-21T12:55:00Z
3
value 0.00467
scoring_system epss
scoring_elements 0.64467
published_at 2026-04-16T12:55:00Z
4
value 0.00467
scoring_system epss
scoring_elements 0.64433
published_at 2026-04-13T12:55:00Z
5
value 0.00467
scoring_system epss
scoring_elements 0.64474
published_at 2026-04-11T12:55:00Z
6
value 0.00467
scoring_system epss
scoring_elements 0.64462
published_at 2026-04-12T12:55:00Z
7
value 0.00467
scoring_system epss
scoring_elements 0.64479
published_at 2026-04-18T12:55:00Z
8
value 0.0047
scoring_system epss
scoring_elements 0.64564
published_at 2026-04-04T12:55:00Z
9
value 0.0047
scoring_system epss
scoring_elements 0.64482
published_at 2026-04-01T12:55:00Z
10
value 0.0047
scoring_system epss
scoring_elements 0.64535
published_at 2026-04-02T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2021-38510
2
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
3
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2019629
reference_id 2019629
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2019629
4
reference_url https://security.archlinux.org/AVG-2512
reference_id AVG-2512
reference_type
scores
0
value High
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-2512
5
reference_url https://security.archlinux.org/AVG-2519
reference_id AVG-2519
reference_type
scores
0
value High
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-2519
6
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2021-48
reference_id mfsa2021-48
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2021-48
7
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2021-49
reference_id mfsa2021-49
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2021-49
8
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2021-50
reference_id mfsa2021-50
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2021-50
fixed_packages
0
url pkg:deb/debian/firefox@150.0-1?distro=sid
purl pkg:deb/debian/firefox@150.0-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@150.0-1%3Fdistro=sid
1
url pkg:deb/debian/firefox@0?distro=sid
purl pkg:deb/debian/firefox@0?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@0%3Fdistro=sid
2
url pkg:deb/debian/firefox@149.0-1?distro=sid
purl pkg:deb/debian/firefox@149.0-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0-1%3Fdistro=sid
3
url pkg:deb/debian/firefox@149.0.2-1?distro=sid
purl pkg:deb/debian/firefox@149.0.2-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0.2-1%3Fdistro=sid
aliases CVE-2021-38510
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-yfmg-82tr-gfec
250
url VCID-yust-3g8v-muas
vulnerability_id VCID-yust-3g8v-muas
summary The executable file warning was not presented when downloading .xrm-ms files. *Note: This issue only affected Windows operating systems. Other operating systems are unaffected.*
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-3863.json
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-3863.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2024-3863
reference_id
reference_type
scores
0
value 0.00338
scoring_system epss
scoring_elements 0.56663
published_at 2026-04-21T12:55:00Z
1
value 0.00338
scoring_system epss
scoring_elements 0.56691
published_at 2026-04-18T12:55:00Z
2
value 0.00338
scoring_system epss
scoring_elements 0.56642
published_at 2026-04-02T12:55:00Z
3
value 0.00338
scoring_system epss
scoring_elements 0.56643
published_at 2026-04-07T12:55:00Z
4
value 0.00338
scoring_system epss
scoring_elements 0.56664
published_at 2026-04-04T12:55:00Z
5
value 0.00338
scoring_system epss
scoring_elements 0.56693
published_at 2026-04-16T12:55:00Z
6
value 0.00338
scoring_system epss
scoring_elements 0.56662
published_at 2026-04-13T12:55:00Z
7
value 0.00338
scoring_system epss
scoring_elements 0.56683
published_at 2026-04-12T12:55:00Z
8
value 0.00338
scoring_system epss
scoring_elements 0.56708
published_at 2026-04-11T12:55:00Z
9
value 0.00338
scoring_system epss
scoring_elements 0.56699
published_at 2026-04-09T12:55:00Z
10
value 0.00338
scoring_system epss
scoring_elements 0.56695
published_at 2026-04-08T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2024-3863
2
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:L
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
3
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2275554
reference_id 2275554
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2275554
4
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2024-18
reference_id mfsa2024-18
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2024-18
5
reference_url https://www.mozilla.org/security/advisories/mfsa2024-18/
reference_id mfsa2024-18
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-05-07T15:24:10Z/
url https://www.mozilla.org/security/advisories/mfsa2024-18/
6
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2024-19
reference_id mfsa2024-19
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2024-19
7
reference_url https://www.mozilla.org/security/advisories/mfsa2024-19/
reference_id mfsa2024-19
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-05-07T15:24:10Z/
url https://www.mozilla.org/security/advisories/mfsa2024-19/
8
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2024-20
reference_id mfsa2024-20
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2024-20
9
reference_url https://www.mozilla.org/security/advisories/mfsa2024-20/
reference_id mfsa2024-20
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-05-07T15:24:10Z/
url https://www.mozilla.org/security/advisories/mfsa2024-20/
10
reference_url https://bugzilla.mozilla.org/show_bug.cgi?id=1885855
reference_id show_bug.cgi?id=1885855
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-05-07T15:24:10Z/
url https://bugzilla.mozilla.org/show_bug.cgi?id=1885855
fixed_packages
0
url pkg:deb/debian/firefox@150.0-1?distro=sid
purl pkg:deb/debian/firefox@150.0-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@150.0-1%3Fdistro=sid
1
url pkg:deb/debian/firefox@0?distro=sid
purl pkg:deb/debian/firefox@0?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@0%3Fdistro=sid
2
url pkg:deb/debian/firefox@149.0-1?distro=sid
purl pkg:deb/debian/firefox@149.0-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0-1%3Fdistro=sid
3
url pkg:deb/debian/firefox@149.0.2-1?distro=sid
purl pkg:deb/debian/firefox@149.0.2-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0.2-1%3Fdistro=sid
aliases CVE-2024-3863
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-yust-3g8v-muas
251
url VCID-z86r-71n4-p7aj
vulnerability_id VCID-z86r-71n4-p7aj
summary 
Multiple vulnerabilities have been found in Mozilla Firefox and
    Thunderbird the worst of which could lead to the execution of arbitrary
    code.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2016-5267
reference_id
reference_type
scores
0
value 0.00369
scoring_system epss
scoring_elements 0.58791
published_at 2026-04-21T12:55:00Z
1
value 0.00369
scoring_system epss
scoring_elements 0.58663
published_at 2026-04-01T12:55:00Z
2
value 0.00369
scoring_system epss
scoring_elements 0.58813
published_at 2026-04-18T12:55:00Z
3
value 0.00369
scoring_system epss
scoring_elements 0.58775
published_at 2026-04-13T12:55:00Z
4
value 0.00369
scoring_system epss
scoring_elements 0.58808
published_at 2026-04-16T12:55:00Z
5
value 0.00369
scoring_system epss
scoring_elements 0.58747
published_at 2026-04-02T12:55:00Z
6
value 0.00369
scoring_system epss
scoring_elements 0.58768
published_at 2026-04-04T12:55:00Z
7
value 0.00369
scoring_system epss
scoring_elements 0.58735
published_at 2026-04-07T12:55:00Z
8
value 0.00369
scoring_system epss
scoring_elements 0.58788
published_at 2026-04-08T12:55:00Z
9
value 0.00369
scoring_system epss
scoring_elements 0.58795
published_at 2026-04-12T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2016-5267
1
reference_url https://bugzilla.mozilla.org/show_bug.cgi?id=1284372
reference_id
reference_type
scores
url https://bugzilla.mozilla.org/show_bug.cgi?id=1284372
2
reference_url http://www.mozilla.org/security/announce/2016/mfsa2016-82.html
reference_id
reference_type
scores
url http://www.mozilla.org/security/announce/2016/mfsa2016-82.html
3
reference_url http://www.securityfocus.com/bid/92260
reference_id
reference_type
scores
url http://www.securityfocus.com/bid/92260
4
reference_url http://www.securitytracker.com/id/1036508
reference_id
reference_type
scores
url http://www.securitytracker.com/id/1036508
5
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*
reference_id cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*
6
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:google:android:*:*:*:*:*:*:*:*
reference_id cpe:2.3:o:google:android:*:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:google:android:*:*:*:*:*:*:*:*
7
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5267
reference_id CVE-2016-5267
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5267
8
reference_url https://nvd.nist.gov/vuln/detail/CVE-2016-5267
reference_id CVE-2016-5267
reference_type
scores
0
value 4.3
scoring_system cvssv2
scoring_elements AV:N/AC:M/Au:N/C:N/I:P/A:N
1
value 5.3
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:H/A:N
url https://nvd.nist.gov/vuln/detail/CVE-2016-5267
9
reference_url https://security.gentoo.org/glsa/201701-15
reference_id GLSA-201701-15
reference_type
scores
url https://security.gentoo.org/glsa/201701-15
10
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2016-82
reference_id mfsa2016-82
reference_type
scores
0
value none
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2016-82
fixed_packages
0
url pkg:deb/debian/firefox@150.0-1?distro=sid
purl pkg:deb/debian/firefox@150.0-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@150.0-1%3Fdistro=sid
1
url pkg:deb/debian/firefox@0?distro=sid
purl pkg:deb/debian/firefox@0?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@0%3Fdistro=sid
2
url pkg:deb/debian/firefox@149.0-1?distro=sid
purl pkg:deb/debian/firefox@149.0-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0-1%3Fdistro=sid
3
url pkg:deb/debian/firefox@149.0.2-1?distro=sid
purl pkg:deb/debian/firefox@149.0.2-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0.2-1%3Fdistro=sid
aliases CVE-2016-5267
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-z86r-71n4-p7aj
252
url VCID-zb8g-djya-63hr
vulnerability_id VCID-zb8g-djya-63hr
summary Spoofing issue in the WebAuthn component in Firefox for Android. This vulnerability affects Firefox < 148 and Thunderbird < 148.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-2800.json
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-2800.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-2800
reference_id
reference_type
scores
0
value 0.00059
scoring_system epss
scoring_elements 0.1852
published_at 2026-04-21T12:55:00Z
1
value 0.00059
scoring_system epss
scoring_elements 0.18791
published_at 2026-04-04T12:55:00Z
2
value 0.00059
scoring_system epss
scoring_elements 0.18509
published_at 2026-04-07T12:55:00Z
3
value 0.00059
scoring_system epss
scoring_elements 0.18589
published_at 2026-04-08T12:55:00Z
4
value 0.00059
scoring_system epss
scoring_elements 0.18642
published_at 2026-04-09T12:55:00Z
5
value 0.00059
scoring_system epss
scoring_elements 0.18646
published_at 2026-04-11T12:55:00Z
6
value 0.00059
scoring_system epss
scoring_elements 0.18599
published_at 2026-04-12T12:55:00Z
7
value 0.00059
scoring_system epss
scoring_elements 0.18548
published_at 2026-04-13T12:55:00Z
8
value 0.00059
scoring_system epss
scoring_elements 0.1849
published_at 2026-04-16T12:55:00Z
9
value 0.00059
scoring_system epss
scoring_elements 0.18499
published_at 2026-04-18T12:55:00Z
10
value 0.00059
scoring_system epss
scoring_elements 0.18737
published_at 2026-04-02T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-2800
2
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
3
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2442299
reference_id 2442299
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2442299
4
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-13
reference_id mfsa2026-13
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-13
5
reference_url https://www.mozilla.org/security/advisories/mfsa2026-13/
reference_id mfsa2026-13
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-02-26T20:34:18Z/
url https://www.mozilla.org/security/advisories/mfsa2026-13/
6
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2026-16
reference_id mfsa2026-16
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2026-16
7
reference_url https://www.mozilla.org/security/advisories/mfsa2026-16/
reference_id mfsa2026-16
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-02-26T20:34:18Z/
url https://www.mozilla.org/security/advisories/mfsa2026-16/
8
reference_url https://bugzilla.mozilla.org/show_bug.cgi?id=1988145
reference_id show_bug.cgi?id=1988145
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-02-26T20:34:18Z/
url https://bugzilla.mozilla.org/show_bug.cgi?id=1988145
fixed_packages
0
url pkg:deb/debian/firefox@150.0-1?distro=sid
purl pkg:deb/debian/firefox@150.0-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@150.0-1%3Fdistro=sid
1
url pkg:deb/debian/firefox@0?distro=sid
purl pkg:deb/debian/firefox@0?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@0%3Fdistro=sid
2
url pkg:deb/debian/firefox@149.0-1?distro=sid
purl pkg:deb/debian/firefox@149.0-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0-1%3Fdistro=sid
3
url pkg:deb/debian/firefox@149.0.2-1?distro=sid
purl pkg:deb/debian/firefox@149.0.2-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0.2-1%3Fdistro=sid
aliases CVE-2026-2800
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-zb8g-djya-63hr
253
url VCID-zdbt-zhtq-xfhj
vulnerability_id VCID-zdbt-zhtq-xfhj
summary Insufficient escaping in the “Copy as cURL” feature could have been used to trick a user into executing unexpected code on Windows. This did not affect Firefox running on other operating systems.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-11713.json
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-11713.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2025-11713
reference_id
reference_type
scores
0
value 0.00038
scoring_system epss
scoring_elements 0.11255
published_at 2026-04-21T12:55:00Z
1
value 0.00038
scoring_system epss
scoring_elements 0.11124
published_at 2026-04-18T12:55:00Z
2
value 0.00038
scoring_system epss
scoring_elements 0.11122
published_at 2026-04-16T12:55:00Z
3
value 0.00038
scoring_system epss
scoring_elements 0.11313
published_at 2026-04-09T12:55:00Z
4
value 0.00038
scoring_system epss
scoring_elements 0.11259
published_at 2026-04-13T12:55:00Z
5
value 0.00038
scoring_system epss
scoring_elements 0.11178
published_at 2026-04-07T12:55:00Z
6
value 0.00038
scoring_system epss
scoring_elements 0.11258
published_at 2026-04-08T12:55:00Z
7
value 0.00038
scoring_system epss
scoring_elements 0.11374
published_at 2026-04-04T12:55:00Z
8
value 0.00038
scoring_system epss
scoring_elements 0.11286
published_at 2026-04-12T12:55:00Z
9
value 0.00038
scoring_system epss
scoring_elements 0.11319
published_at 2026-04-11T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2025-11713
2
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2403767
reference_id 2403767
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2403767
3
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2025-81
reference_id mfsa2025-81
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2025-81
4
reference_url https://www.mozilla.org/security/advisories/mfsa2025-81/
reference_id mfsa2025-81
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-10-21T03:55:18Z/
url https://www.mozilla.org/security/advisories/mfsa2025-81/
5
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2025-83
reference_id mfsa2025-83
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2025-83
6
reference_url https://www.mozilla.org/security/advisories/mfsa2025-83/
reference_id mfsa2025-83
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-10-21T03:55:18Z/
url https://www.mozilla.org/security/advisories/mfsa2025-83/
7
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2025-84
reference_id mfsa2025-84
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2025-84
8
reference_url https://www.mozilla.org/security/advisories/mfsa2025-84/
reference_id mfsa2025-84
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-10-21T03:55:18Z/
url https://www.mozilla.org/security/advisories/mfsa2025-84/
9
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2025-85
reference_id mfsa2025-85
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2025-85
10
reference_url https://www.mozilla.org/security/advisories/mfsa2025-85/
reference_id mfsa2025-85
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-10-21T03:55:18Z/
url https://www.mozilla.org/security/advisories/mfsa2025-85/
11
reference_url https://bugzilla.mozilla.org/show_bug.cgi?id=1986142
reference_id show_bug.cgi?id=1986142
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-10-21T03:55:18Z/
url https://bugzilla.mozilla.org/show_bug.cgi?id=1986142
12
reference_url https://usn.ubuntu.com/7991-1/
reference_id USN-7991-1
reference_type
scores
url https://usn.ubuntu.com/7991-1/
fixed_packages
0
url pkg:deb/debian/firefox@150.0-1?distro=sid
purl pkg:deb/debian/firefox@150.0-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@150.0-1%3Fdistro=sid
1
url pkg:deb/debian/firefox@0?distro=sid
purl pkg:deb/debian/firefox@0?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@0%3Fdistro=sid
2
url pkg:deb/debian/firefox@149.0-1?distro=sid
purl pkg:deb/debian/firefox@149.0-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0-1%3Fdistro=sid
3
url pkg:deb/debian/firefox@149.0.2-1?distro=sid
purl pkg:deb/debian/firefox@149.0.2-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0.2-1%3Fdistro=sid
aliases CVE-2025-11713
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-zdbt-zhtq-xfhj
254
url VCID-zgdf-pv3w-vqeb
vulnerability_id VCID-zgdf-pv3w-vqeb
summary A unicode RTL order character in the downloaded file name can be used to change the file's name during the download UI flow to change the file extension.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2020-15651
reference_id
reference_type
scores
0
value 0.00186
scoring_system epss
scoring_elements 0.40276
published_at 2026-04-21T12:55:00Z
1
value 0.00186
scoring_system epss
scoring_elements 0.40303
published_at 2026-04-01T12:55:00Z
2
value 0.00186
scoring_system epss
scoring_elements 0.40367
published_at 2026-04-02T12:55:00Z
3
value 0.00186
scoring_system epss
scoring_elements 0.40394
published_at 2026-04-04T12:55:00Z
4
value 0.00186
scoring_system epss
scoring_elements 0.40319
published_at 2026-04-07T12:55:00Z
5
value 0.00186
scoring_system epss
scoring_elements 0.4037
published_at 2026-04-08T12:55:00Z
6
value 0.00186
scoring_system epss
scoring_elements 0.40382
published_at 2026-04-16T12:55:00Z
7
value 0.00186
scoring_system epss
scoring_elements 0.40393
published_at 2026-04-11T12:55:00Z
8
value 0.00186
scoring_system epss
scoring_elements 0.40356
published_at 2026-04-12T12:55:00Z
9
value 0.00186
scoring_system epss
scoring_elements 0.40336
published_at 2026-04-13T12:55:00Z
10
value 0.00186
scoring_system epss
scoring_elements 0.40352
published_at 2026-04-18T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2020-15651
1
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2020-34
reference_id mfsa2020-34
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2020-34
fixed_packages
0
url pkg:deb/debian/firefox@150.0-1?distro=sid
purl pkg:deb/debian/firefox@150.0-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@150.0-1%3Fdistro=sid
1
url pkg:deb/debian/firefox@0?distro=sid
purl pkg:deb/debian/firefox@0?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@0%3Fdistro=sid
2
url pkg:deb/debian/firefox@149.0-1?distro=sid
purl pkg:deb/debian/firefox@149.0-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0-1%3Fdistro=sid
3
url pkg:deb/debian/firefox@149.0.2-1?distro=sid
purl pkg:deb/debian/firefox@149.0.2-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0.2-1%3Fdistro=sid
aliases CVE-2020-15651
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-zgdf-pv3w-vqeb
255
url VCID-zjn8-79ab-tqd3
vulnerability_id VCID-zjn8-79ab-tqd3
summary Multiple vulnerabilities have been discovered in Mozilla Thunderbird, the worst of which could lead to remote code execution.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-5726.json
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-5726.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2023-5726
reference_id
reference_type
scores
0
value 0.00173
scoring_system epss
scoring_elements 0.38657
published_at 2026-04-21T12:55:00Z
1
value 0.00173
scoring_system epss
scoring_elements 0.38703
published_at 2026-04-07T12:55:00Z
2
value 0.00173
scoring_system epss
scoring_elements 0.38753
published_at 2026-04-08T12:55:00Z
3
value 0.00173
scoring_system epss
scoring_elements 0.38764
published_at 2026-04-09T12:55:00Z
4
value 0.00173
scoring_system epss
scoring_elements 0.38776
published_at 2026-04-11T12:55:00Z
5
value 0.00173
scoring_system epss
scoring_elements 0.38739
published_at 2026-04-12T12:55:00Z
6
value 0.00173
scoring_system epss
scoring_elements 0.38712
published_at 2026-04-13T12:55:00Z
7
value 0.00173
scoring_system epss
scoring_elements 0.38758
published_at 2026-04-16T12:55:00Z
8
value 0.00173
scoring_system epss
scoring_elements 0.38736
published_at 2026-04-18T12:55:00Z
9
value 0.00173
scoring_system epss
scoring_elements 0.38752
published_at 2026-04-02T12:55:00Z
10
value 0.00173
scoring_system epss
scoring_elements 0.38774
published_at 2026-04-04T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2023-5726
2
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
3
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2245901
reference_id 2245901
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2245901
4
reference_url https://security.gentoo.org/glsa/202402-25
reference_id GLSA-202402-25
reference_type
scores
url https://security.gentoo.org/glsa/202402-25
5
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2023-45
reference_id mfsa2023-45
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2023-45
6
reference_url https://www.mozilla.org/security/advisories/mfsa2023-45/
reference_id mfsa2023-45
reference_type
scores
0
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-11T18:53:41Z/
url https://www.mozilla.org/security/advisories/mfsa2023-45/
7
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2023-46
reference_id mfsa2023-46
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2023-46
8
reference_url https://www.mozilla.org/security/advisories/mfsa2023-46/
reference_id mfsa2023-46
reference_type
scores
0
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-11T18:53:41Z/
url https://www.mozilla.org/security/advisories/mfsa2023-46/
9
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2023-47
reference_id mfsa2023-47
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2023-47
10
reference_url https://www.mozilla.org/security/advisories/mfsa2023-47/
reference_id mfsa2023-47
reference_type
scores
0
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-11T18:53:41Z/
url https://www.mozilla.org/security/advisories/mfsa2023-47/
11
reference_url https://bugzilla.mozilla.org/show_bug.cgi?id=1846205
reference_id show_bug.cgi?id=1846205
reference_type
scores
0
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-11T18:53:41Z/
url https://bugzilla.mozilla.org/show_bug.cgi?id=1846205
fixed_packages
0
url pkg:deb/debian/firefox@150.0-1?distro=sid
purl pkg:deb/debian/firefox@150.0-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@150.0-1%3Fdistro=sid
1
url pkg:deb/debian/firefox@0?distro=sid
purl pkg:deb/debian/firefox@0?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@0%3Fdistro=sid
2
url pkg:deb/debian/firefox@149.0-1?distro=sid
purl pkg:deb/debian/firefox@149.0-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0-1%3Fdistro=sid
3
url pkg:deb/debian/firefox@149.0.2-1?distro=sid
purl pkg:deb/debian/firefox@149.0.2-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0.2-1%3Fdistro=sid
aliases CVE-2023-5726
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-zjn8-79ab-tqd3
256
url VCID-zkss-5b75-e3c2
vulnerability_id VCID-zkss-5b75-e3c2
summary Cookie storage for non-HTML temporary documents was being shared incorrectly with normal browsing content, allowing information from private tabs to escape Incognito mode even after the user closed all tabs
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2025-10859
reference_id
reference_type
scores
0
value 0.00016
scoring_system epss
scoring_elements 0.03634
published_at 2026-04-21T12:55:00Z
1
value 0.00016
scoring_system epss
scoring_elements 0.03571
published_at 2026-04-02T12:55:00Z
2
value 0.00016
scoring_system epss
scoring_elements 0.03576
published_at 2026-04-11T12:55:00Z
3
value 0.00016
scoring_system epss
scoring_elements 0.03547
published_at 2026-04-12T12:55:00Z
4
value 0.00016
scoring_system epss
scoring_elements 0.03522
published_at 2026-04-13T12:55:00Z
5
value 0.00016
scoring_system epss
scoring_elements 0.03497
published_at 2026-04-16T12:55:00Z
6
value 0.00016
scoring_system epss
scoring_elements 0.03508
published_at 2026-04-18T12:55:00Z
7
value 0.00016
scoring_system epss
scoring_elements 0.03586
published_at 2026-04-04T12:55:00Z
8
value 0.00016
scoring_system epss
scoring_elements 0.03596
published_at 2026-04-07T12:55:00Z
9
value 0.00016
scoring_system epss
scoring_elements 0.03598
published_at 2026-04-08T12:55:00Z
10
value 0.00016
scoring_system epss
scoring_elements 0.0362
published_at 2026-04-09T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2025-10859
1
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2025-79
reference_id mfsa2025-79
reference_type
scores
0
value none
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2025-79
2
reference_url https://www.mozilla.org/security/advisories/mfsa2025-79/
reference_id mfsa2025-79
reference_type
scores
0
value 4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-09-30T13:38:47Z/
url https://www.mozilla.org/security/advisories/mfsa2025-79/
3
reference_url https://bugzilla.mozilla.org/show_bug.cgi?id=1684624
reference_id show_bug.cgi?id=1684624
reference_type
scores
0
value 4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-09-30T13:38:47Z/
url https://bugzilla.mozilla.org/show_bug.cgi?id=1684624
fixed_packages
0
url pkg:deb/debian/firefox@150.0-1?distro=sid
purl pkg:deb/debian/firefox@150.0-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@150.0-1%3Fdistro=sid
1
url pkg:deb/debian/firefox@0?distro=sid
purl pkg:deb/debian/firefox@0?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@0%3Fdistro=sid
2
url pkg:deb/debian/firefox@149.0-1?distro=sid
purl pkg:deb/debian/firefox@149.0-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0-1%3Fdistro=sid
3
url pkg:deb/debian/firefox@149.0.2-1?distro=sid
purl pkg:deb/debian/firefox@149.0.2-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0.2-1%3Fdistro=sid
aliases CVE-2025-10859
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-zkss-5b75-e3c2
257
url VCID-zv7m-qhq6-v3aw
vulnerability_id VCID-zv7m-qhq6-v3aw
summary On Windows systems, if non-null-terminated strings are copied into the crash reporter for some specific registry keys, stack memory data can be copied until a null is found. This can potentially contain private data from the local system. *Note: This attack only affects Windows operating systems. Other operating systems are not affected.*
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2017-7790
reference_id
reference_type
scores
0
value 0.00276
scoring_system epss
scoring_elements 0.5105
published_at 2026-04-21T12:55:00Z
1
value 0.00276
scoring_system epss
scoring_elements 0.50934
published_at 2026-04-01T12:55:00Z
2
value 0.00276
scoring_system epss
scoring_elements 0.51045
published_at 2026-04-12T12:55:00Z
3
value 0.00276
scoring_system epss
scoring_elements 0.51066
published_at 2026-04-16T12:55:00Z
4
value 0.00276
scoring_system epss
scoring_elements 0.51072
published_at 2026-04-18T12:55:00Z
5
value 0.00276
scoring_system epss
scoring_elements 0.50988
published_at 2026-04-02T12:55:00Z
6
value 0.00276
scoring_system epss
scoring_elements 0.51013
published_at 2026-04-04T12:55:00Z
7
value 0.00276
scoring_system epss
scoring_elements 0.50971
published_at 2026-04-07T12:55:00Z
8
value 0.00276
scoring_system epss
scoring_elements 0.51028
published_at 2026-04-13T12:55:00Z
9
value 0.00276
scoring_system epss
scoring_elements 0.51024
published_at 2026-04-09T12:55:00Z
10
value 0.00276
scoring_system epss
scoring_elements 0.51068
published_at 2026-04-11T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2017-7790
1
reference_url https://bugzilla.mozilla.org/show_bug.cgi?id=1350460
reference_id
reference_type
scores
url https://bugzilla.mozilla.org/show_bug.cgi?id=1350460
2
reference_url https://www.mozilla.org/security/advisories/mfsa2017-18/
reference_id
reference_type
scores
url https://www.mozilla.org/security/advisories/mfsa2017-18/
3
reference_url http://www.securitytracker.com/id/1039124
reference_id
reference_type
scores
url http://www.securitytracker.com/id/1039124
4
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*
reference_id cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*
5
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*
reference_id cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*
6
reference_url https://nvd.nist.gov/vuln/detail/CVE-2017-7790
reference_id CVE-2017-7790
reference_type
scores
0
value 5.0
scoring_system cvssv2
scoring_elements AV:N/AC:L/Au:N/C:P/I:N/A:N
1
value 7.5
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
url https://nvd.nist.gov/vuln/detail/CVE-2017-7790
7
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2017-18
reference_id mfsa2017-18
reference_type
scores
0
value critical
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2017-18
fixed_packages
0
url pkg:deb/debian/firefox@150.0-1?distro=sid
purl pkg:deb/debian/firefox@150.0-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@150.0-1%3Fdistro=sid
1
url pkg:deb/debian/firefox@0?distro=sid
purl pkg:deb/debian/firefox@0?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@0%3Fdistro=sid
2
url pkg:deb/debian/firefox@149.0-1?distro=sid
purl pkg:deb/debian/firefox@149.0-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0-1%3Fdistro=sid
3
url pkg:deb/debian/firefox@149.0.2-1?distro=sid
purl pkg:deb/debian/firefox@149.0.2-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0.2-1%3Fdistro=sid
aliases CVE-2017-7790
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-zv7m-qhq6-v3aw
258
url VCID-zvtk-5z63-k3dt
vulnerability_id VCID-zvtk-5z63-k3dt
summary Internal URLs are protected by a secret UUID key, which could have been leaked to web page through the Referrer header.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2022-31746
reference_id
reference_type
scores
0
value 0.0022
scoring_system epss
scoring_elements 0.44607
published_at 2026-04-21T12:55:00Z
1
value 0.0022
scoring_system epss
scoring_elements 0.44634
published_at 2026-04-02T12:55:00Z
2
value 0.0022
scoring_system epss
scoring_elements 0.44661
published_at 2026-04-11T12:55:00Z
3
value 0.0022
scoring_system epss
scoring_elements 0.4463
published_at 2026-04-12T12:55:00Z
4
value 0.0022
scoring_system epss
scoring_elements 0.44631
published_at 2026-04-13T12:55:00Z
5
value 0.0022
scoring_system epss
scoring_elements 0.44684
published_at 2026-04-16T12:55:00Z
6
value 0.0022
scoring_system epss
scoring_elements 0.44676
published_at 2026-04-18T12:55:00Z
7
value 0.0022
scoring_system epss
scoring_elements 0.44654
published_at 2026-04-04T12:55:00Z
8
value 0.0022
scoring_system epss
scoring_elements 0.44591
published_at 2026-04-07T12:55:00Z
9
value 0.0022
scoring_system epss
scoring_elements 0.44642
published_at 2026-04-08T12:55:00Z
10
value 0.0022
scoring_system epss
scoring_elements 0.44645
published_at 2026-04-09T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2022-31746
1
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2022-27
reference_id mfsa2022-27
reference_type
scores
0
value none
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2022-27
2
reference_url https://www.mozilla.org/security/advisories/mfsa2022-27/
reference_id mfsa2022-27
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-15T18:23:57Z/
url https://www.mozilla.org/security/advisories/mfsa2022-27/
3
reference_url https://bugzilla.mozilla.org/show_bug.cgi?id=1654416
reference_id show_bug.cgi?id=1654416
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-15T18:23:57Z/
url https://bugzilla.mozilla.org/show_bug.cgi?id=1654416
fixed_packages
0
url pkg:deb/debian/firefox@150.0-1?distro=sid
purl pkg:deb/debian/firefox@150.0-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@150.0-1%3Fdistro=sid
1
url pkg:deb/debian/firefox@0?distro=sid
purl pkg:deb/debian/firefox@0?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@0%3Fdistro=sid
2
url pkg:deb/debian/firefox@149.0-1?distro=sid
purl pkg:deb/debian/firefox@149.0-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0-1%3Fdistro=sid
3
url pkg:deb/debian/firefox@149.0.2-1?distro=sid
purl pkg:deb/debian/firefox@149.0.2-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0.2-1%3Fdistro=sid
aliases CVE-2022-31746
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-zvtk-5z63-k3dt
259
url VCID-zycf-ufab-8yfb
vulnerability_id VCID-zycf-ufab-8yfb
summary The Firefox installer allows Firefox to be installed to a custom user writable location, leaving it unprotected from manipulation by unprivileged users or malware. If the Mozilla Maintenance Service is manipulated to update this unprotected location and the updated maintenance service in the unprotected location has been altered, the altered maintenance service can run with elevated privileges during the update process due to a lack of integrity checks. This allows for privilege escalation if the executable has been replaced locally. *Note: This attack requires local system access and only affects Windows. Other operating systems are not affected.*
references
0
reference_url http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00011.html
reference_id
reference_type
scores
url http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00011.html
1
reference_url http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00017.html
reference_id
reference_type
scores
url http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00017.html
2
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-11753.json
reference_id
reference_type
scores
0
value 7.0
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-11753.json
3
reference_url https://api.first.org/data/v1/epss?cve=CVE-2019-11753
reference_id
reference_type
scores
0
value 0.00062
scoring_system epss
scoring_elements 0.19349
published_at 2026-04-21T12:55:00Z
1
value 0.00062
scoring_system epss
scoring_elements 0.19469
published_at 2026-04-09T12:55:00Z
2
value 0.00062
scoring_system epss
scoring_elements 0.19473
published_at 2026-04-11T12:55:00Z
3
value 0.00062
scoring_system epss
scoring_elements 0.19425
published_at 2026-04-12T12:55:00Z
4
value 0.00062
scoring_system epss
scoring_elements 0.19368
published_at 2026-04-13T12:55:00Z
5
value 0.00062
scoring_system epss
scoring_elements 0.19329
published_at 2026-04-16T12:55:00Z
6
value 0.00062
scoring_system epss
scoring_elements 0.19336
published_at 2026-04-18T12:55:00Z
7
value 0.00062
scoring_system epss
scoring_elements 0.19439
published_at 2026-04-01T12:55:00Z
8
value 0.00062
scoring_system epss
scoring_elements 0.19572
published_at 2026-04-02T12:55:00Z
9
value 0.00062
scoring_system epss
scoring_elements 0.19618
published_at 2026-04-04T12:55:00Z
10
value 0.00062
scoring_system epss
scoring_elements 0.19339
published_at 2026-04-07T12:55:00Z
11
value 0.00062
scoring_system epss
scoring_elements 0.19417
published_at 2026-04-08T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2019-11753
4
reference_url https://bugzilla.mozilla.org/show_bug.cgi?id=1574980
reference_id
reference_type
scores
url https://bugzilla.mozilla.org/show_bug.cgi?id=1574980
5
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
6
reference_url https://www.mozilla.org/security/advisories/mfsa2019-25/
reference_id
reference_type
scores
url https://www.mozilla.org/security/advisories/mfsa2019-25/
7
reference_url https://www.mozilla.org/security/advisories/mfsa2019-26/
reference_id
reference_type
scores
url https://www.mozilla.org/security/advisories/mfsa2019-26/
8
reference_url https://www.mozilla.org/security/advisories/mfsa2019-27/
reference_id
reference_type
scores
url https://www.mozilla.org/security/advisories/mfsa2019-27/
9
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1748659
reference_id 1748659
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1748659
10
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*
reference_id cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*
11
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox_esr:*:*:*:*:*:*:*:*
reference_id cpe:2.3:a:mozilla:firefox_esr:*:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox_esr:*:*:*:*:*:*:*:*
12
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*
reference_id cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*
13
reference_url https://nvd.nist.gov/vuln/detail/CVE-2019-11753
reference_id CVE-2019-11753
reference_type
scores
0
value 4.6
scoring_system cvssv2
scoring_elements AV:L/AC:L/Au:N/C:P/I:P/A:P
1
value 7.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
url https://nvd.nist.gov/vuln/detail/CVE-2019-11753
14
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2019-25
reference_id mfsa2019-25
reference_type
scores
0
value critical
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2019-25
15
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2019-26
reference_id mfsa2019-26
reference_type
scores
0
value critical
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2019-26
16
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2019-27
reference_id mfsa2019-27
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2019-27
fixed_packages
0
url pkg:deb/debian/firefox@150.0-1?distro=sid
purl pkg:deb/debian/firefox@150.0-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@150.0-1%3Fdistro=sid
1
url pkg:deb/debian/firefox@0?distro=sid
purl pkg:deb/debian/firefox@0?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@0%3Fdistro=sid
2
url pkg:deb/debian/firefox@149.0-1?distro=sid
purl pkg:deb/debian/firefox@149.0-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0-1%3Fdistro=sid
3
url pkg:deb/debian/firefox@149.0.2-1?distro=sid
purl pkg:deb/debian/firefox@149.0.2-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0.2-1%3Fdistro=sid
aliases CVE-2019-11753
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-zycf-ufab-8yfb
Risk_scorenull
Resource_urlhttp://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@0%3Fdistro=sid