Package Instance
Lookup for vulnerable packages by Package URL.
GET /api/packages/73547?format=api
{ "url": "http://public2.vulnerablecode.io/api/packages/73547?format=api", "purl": "pkg:ebuild/mail-client/thunderbird-bin@102.10.0", "type": "ebuild", "namespace": "mail-client", "name": "thunderbird-bin", "version": "102.10.0", "qualifiers": {}, "subpath": "", "is_vulnerable": false, "next_non_vulnerable_version": "102.12", "latest_non_vulnerable_version": "128.9.0", "affected_by_vulnerabilities": [], "fixing_vulnerabilities": [ { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/33944?format=api", "vulnerability_id": "VCID-1vpc-vfey-qkb6", "summary": "Multiple vulnerabilities have been discovered in Mozilla Thunderbird, the worst of which could result in arbitrary code execution.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-25732.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-25732.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2023-25732", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00153", "scoring_system": "epss", "scoring_elements": "0.35922", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00153", "scoring_system": "epss", "scoring_elements": "0.35987", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00153", "scoring_system": "epss", "scoring_elements": "0.36067", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00153", "scoring_system": "epss", "scoring_elements": "0.35947", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00153", "scoring_system": "epss", "scoring_elements": "0.35972", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00153", "scoring_system": "epss", "scoring_elements": "0.3601", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00153", "scoring_system": "epss", "scoring_elements": "0.36004", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00153", "scoring_system": "epss", "scoring_elements": "0.35981", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00153", "scoring_system": "epss", "scoring_elements": "0.36097", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00153", "scoring_system": "epss", "scoring_elements": "0.35931", "published_at": "2026-04-07T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2023-25732" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-46871", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-46871" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-46877", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-46877" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0430", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0430" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0616", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0616" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0767", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0767" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-23598", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-23598" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-23601", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-23601" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-23602", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-23602" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-23603", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-23603" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-23605", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-23605" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25728", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25728" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25729", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25729" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25730", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25730" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25732", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25732" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25735", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25735" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25737", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25737" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25739", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25739" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25742", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25742" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25744", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25744" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25746", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25746" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2170383", "reference_id": "2170383", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2170383" }, { "reference_url": "https://security.gentoo.org/glsa/202305-35", "reference_id": "GLSA-202305-35", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202305-35" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-05", "reference_id": "mfsa2023-05", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-05" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2023-05/", "reference_id": "mfsa2023-05", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2025-01-09T21:12:13Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2023-05/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-06", "reference_id": "mfsa2023-06", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-06" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2023-06/", "reference_id": "mfsa2023-06", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2025-01-09T21:12:13Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2023-06/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-07", "reference_id": "mfsa2023-07", "reference_type": "", "scores": [ { "value": "low", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-07" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2023-07/", "reference_id": "mfsa2023-07", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2025-01-09T21:12:13Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2023-07/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:0805", "reference_id": "RHSA-2023:0805", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:0805" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:0806", "reference_id": "RHSA-2023:0806", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:0806" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:0807", "reference_id": "RHSA-2023:0807", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:0807" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:0808", "reference_id": "RHSA-2023:0808", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:0808" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:0809", "reference_id": "RHSA-2023:0809", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:0809" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:0810", "reference_id": "RHSA-2023:0810", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:0810" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:0811", "reference_id": "RHSA-2023:0811", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:0811" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:0812", "reference_id": "RHSA-2023:0812", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:0812" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:0817", "reference_id": "RHSA-2023:0817", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:0817" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:0818", "reference_id": "RHSA-2023:0818", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:0818" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:0819", "reference_id": "RHSA-2023:0819", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:0819" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:0820", "reference_id": "RHSA-2023:0820", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:0820" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:0821", "reference_id": "RHSA-2023:0821", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:0821" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:0822", "reference_id": "RHSA-2023:0822", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:0822" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:0823", "reference_id": "RHSA-2023:0823", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:0823" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:0824", "reference_id": "RHSA-2023:0824", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:0824" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1804564", "reference_id": "show_bug.cgi?id=1804564", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2025-01-09T21:12:13Z/" } ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1804564" }, { "reference_url": "https://usn.ubuntu.com/5880-1/", "reference_id": "USN-5880-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5880-1/" }, { "reference_url": "https://usn.ubuntu.com/5943-1/", "reference_id": "USN-5943-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5943-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/73547?format=api", "purl": "pkg:ebuild/mail-client/thunderbird-bin@102.10.0", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/mail-client/thunderbird-bin@102.10.0" } ], "aliases": [ "CVE-2023-25732" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-1vpc-vfey-qkb6" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/33947?format=api", "vulnerability_id": "VCID-2648-ggwp-cyfv", "summary": "Multiple vulnerabilities have been discovered in Mozilla Thunderbird, the worst of which could result in arbitrary code execution.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-25735.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-25735.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2023-25735", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00166", "scoring_system": "epss", "scoring_elements": "0.3767", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00166", "scoring_system": "epss", "scoring_elements": "0.37731", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00166", "scoring_system": "epss", "scoring_elements": "0.37783", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00166", "scoring_system": "epss", "scoring_elements": "0.37751", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00166", "scoring_system": "epss", "scoring_elements": "0.37703", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00166", "scoring_system": "epss", "scoring_elements": "0.37729", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00166", "scoring_system": "epss", "scoring_elements": "0.37765", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00166", "scoring_system": "epss", "scoring_elements": "0.3775", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00166", "scoring_system": "epss", "scoring_elements": "0.37737", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00166", "scoring_system": "epss", "scoring_elements": "0.37809", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00166", "scoring_system": "epss", "scoring_elements": "0.37687", "published_at": "2026-04-07T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2023-25735" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-46871", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-46871" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-46877", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-46877" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0430", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0430" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0616", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0616" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0767", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0767" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-23598", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-23598" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-23601", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-23601" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-23602", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-23602" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-23603", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-23603" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-23605", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-23605" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25728", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25728" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25729", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25729" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25730", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25730" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25732", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25732" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25735", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25735" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25737", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25737" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25739", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25739" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25742", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25742" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25744", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25744" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25746", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25746" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2170378", "reference_id": "2170378", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2170378" }, { "reference_url": "https://security.gentoo.org/glsa/202305-35", "reference_id": "GLSA-202305-35", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202305-35" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-05", "reference_id": "mfsa2023-05", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-05" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2023-05/", "reference_id": "mfsa2023-05", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2025-01-09T20:59:20Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2023-05/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-06", "reference_id": "mfsa2023-06", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-06" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2023-06/", "reference_id": "mfsa2023-06", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2025-01-09T20:59:20Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2023-06/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-07", "reference_id": "mfsa2023-07", "reference_type": "", "scores": [ { "value": "low", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-07" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2023-07/", "reference_id": "mfsa2023-07", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2025-01-09T20:59:20Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2023-07/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:0805", "reference_id": "RHSA-2023:0805", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:0805" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:0806", "reference_id": "RHSA-2023:0806", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:0806" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:0807", "reference_id": "RHSA-2023:0807", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:0807" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:0808", "reference_id": "RHSA-2023:0808", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:0808" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:0809", "reference_id": "RHSA-2023:0809", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:0809" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:0810", "reference_id": "RHSA-2023:0810", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:0810" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:0811", "reference_id": "RHSA-2023:0811", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:0811" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:0812", "reference_id": "RHSA-2023:0812", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:0812" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:0817", "reference_id": "RHSA-2023:0817", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:0817" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:0818", "reference_id": "RHSA-2023:0818", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:0818" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:0819", "reference_id": "RHSA-2023:0819", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:0819" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:0820", "reference_id": "RHSA-2023:0820", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:0820" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:0821", "reference_id": "RHSA-2023:0821", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:0821" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:0822", "reference_id": "RHSA-2023:0822", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:0822" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:0823", "reference_id": "RHSA-2023:0823", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:0823" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:0824", "reference_id": "RHSA-2023:0824", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:0824" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1810711", "reference_id": "show_bug.cgi?id=1810711", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2025-01-09T20:59:20Z/" } ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1810711" }, { "reference_url": "https://usn.ubuntu.com/5880-1/", "reference_id": "USN-5880-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5880-1/" }, { "reference_url": "https://usn.ubuntu.com/5943-1/", "reference_id": "USN-5943-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5943-1/" }, { "reference_url": "https://usn.ubuntu.com/6120-1/", "reference_id": "USN-6120-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6120-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/73547?format=api", "purl": "pkg:ebuild/mail-client/thunderbird-bin@102.10.0", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/mail-client/thunderbird-bin@102.10.0" } ], "aliases": [ "CVE-2023-25735" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-2648-ggwp-cyfv" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/18044?format=api", "vulnerability_id": "VCID-5hzf-gdbj-8ud8", "summary": "Double Free\nThere exists a use after free/double free in libwebp. An attacker can use the ApplyFiltersAndEncode() function and loop through to free best.bw and assign best = trial pointer. The second loop will then return 0 because of an Out of memory error in VP8 encoder, the pointer is still assigned to trial and the AddressSanitizer will attempt a double free.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-1999.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-1999.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2023-1999", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00362", "scoring_system": "epss", "scoring_elements": "0.5832", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00362", "scoring_system": "epss", "scoring_elements": "0.58323", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00376", "scoring_system": "epss", "scoring_elements": "0.59224", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00376", "scoring_system": "epss", "scoring_elements": "0.59242", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00376", "scoring_system": "epss", "scoring_elements": "0.59222", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00376", "scoring_system": "epss", "scoring_elements": "0.59209", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00376", "scoring_system": "epss", "scoring_elements": "0.59158", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00376", "scoring_system": "epss", "scoring_elements": "0.59194", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00376", "scoring_system": "epss", "scoring_elements": "0.59206", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00376", "scoring_system": "epss", "scoring_elements": "0.5917", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00392", "scoring_system": "epss", "scoring_elements": "0.60246", "published_at": "2026-04-21T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2023-1999" }, { "reference_url": "https://chromium.googlesource.com/webm/libwebp", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-26T19:14:09Z/" } ], "url": "https://chromium.googlesource.com/webm/libwebp" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0547", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0547" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1945", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1945" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1999", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1999" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-28427", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-28427" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29479", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29479" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29533", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29533" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29535", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29535" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29536", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29536" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29539", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29539" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29541", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29541" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29548", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29548" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29550", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29550" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1035371", "reference_id": "1035371", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1035371" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2186102", "reference_id": "2186102", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2186102" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2023-1999", "reference_id": "CVE-2023-1999", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-1999" }, { "reference_url": "https://security.gentoo.org/glsa/202305-35", "reference_id": "GLSA-202305-35", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202305-35" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-13", "reference_id": "mfsa2023-13", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-13" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-14", "reference_id": "mfsa2023-14", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-14" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-15", "reference_id": "mfsa2023-15", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-15" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1785", "reference_id": "RHSA-2023:1785", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1785" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1786", "reference_id": "RHSA-2023:1786", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1786" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1787", "reference_id": "RHSA-2023:1787", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1787" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1788", "reference_id": "RHSA-2023:1788", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1788" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1789", "reference_id": "RHSA-2023:1789", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1789" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1790", "reference_id": "RHSA-2023:1790", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1790" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1791", "reference_id": "RHSA-2023:1791", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1791" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1792", "reference_id": "RHSA-2023:1792", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1792" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1802", "reference_id": "RHSA-2023:1802", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1802" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1803", "reference_id": "RHSA-2023:1803", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1803" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1804", "reference_id": "RHSA-2023:1804", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1804" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1805", "reference_id": "RHSA-2023:1805", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1805" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1806", "reference_id": "RHSA-2023:1806", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1806" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1809", "reference_id": "RHSA-2023:1809", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1809" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1810", "reference_id": "RHSA-2023:1810", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1810" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1811", "reference_id": "RHSA-2023:1811", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1811" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:2072", "reference_id": "RHSA-2023:2072", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:2072" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:2073", "reference_id": "RHSA-2023:2073", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:2073" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:2075", "reference_id": "RHSA-2023:2075", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:2075" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:2076", "reference_id": "RHSA-2023:2076", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:2076" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:2077", "reference_id": "RHSA-2023:2077", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:2077" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:2078", "reference_id": "RHSA-2023:2078", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:2078" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:2084", "reference_id": "RHSA-2023:2084", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:2084" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:2085", "reference_id": "RHSA-2023:2085", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:2085" }, { "reference_url": "https://usn.ubuntu.com/6078-1/", "reference_id": "USN-6078-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6078-1/" }, { "reference_url": "https://usn.ubuntu.com/6078-2/", "reference_id": "USN-6078-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6078-2/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/73547?format=api", "purl": "pkg:ebuild/mail-client/thunderbird-bin@102.10.0", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/mail-client/thunderbird-bin@102.10.0" } ], "aliases": [ "CVE-2023-1999" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-5hzf-gdbj-8ud8" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/33939?format=api", "vulnerability_id": "VCID-73wu-d7y3-7bge", "summary": "Multiple vulnerabilities have been discovered in Mozilla Thunderbird, the worst of which could result in arbitrary code execution.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-1945.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-1945.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2023-1945", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00106", "scoring_system": "epss", "scoring_elements": "0.28664", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00138", "scoring_system": "epss", "scoring_elements": "0.33976", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00138", "scoring_system": "epss", "scoring_elements": "0.33868", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00138", "scoring_system": "epss", "scoring_elements": "0.33892", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00138", "scoring_system": "epss", "scoring_elements": "0.33934", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00138", "scoring_system": "epss", "scoring_elements": "0.33936", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00138", "scoring_system": "epss", "scoring_elements": "0.34007", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00138", "scoring_system": "epss", "scoring_elements": "0.33906", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00138", "scoring_system": "epss", "scoring_elements": "0.33861", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00138", "scoring_system": "epss", "scoring_elements": "0.33904", "published_at": "2026-04-08T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2023-1945" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0547", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0547" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1945", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1945" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1999", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1999" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-28427", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-28427" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29479", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29479" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29533", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29533" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29535", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29535" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29536", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29536" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29539", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29539" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29541", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29541" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29548", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29548" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29550", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29550" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2186109", "reference_id": "2186109", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2186109" }, { "reference_url": "https://security.gentoo.org/glsa/202305-35", "reference_id": "GLSA-202305-35", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202305-35" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-14", "reference_id": "mfsa2023-14", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-14" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2023-14/", "reference_id": "mfsa2023-14", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-09T16:55:03Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2023-14/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-15", "reference_id": "mfsa2023-15", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-15" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2023-15/", "reference_id": "mfsa2023-15", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-09T16:55:03Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2023-15/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1785", "reference_id": "RHSA-2023:1785", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1785" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1786", "reference_id": "RHSA-2023:1786", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1786" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1787", "reference_id": "RHSA-2023:1787", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1787" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1788", "reference_id": "RHSA-2023:1788", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1788" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1789", "reference_id": "RHSA-2023:1789", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1789" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1790", "reference_id": "RHSA-2023:1790", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1790" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1791", "reference_id": "RHSA-2023:1791", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1791" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1792", "reference_id": "RHSA-2023:1792", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1792" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1802", "reference_id": "RHSA-2023:1802", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1802" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1803", "reference_id": "RHSA-2023:1803", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1803" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1804", "reference_id": "RHSA-2023:1804", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1804" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1805", "reference_id": "RHSA-2023:1805", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1805" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1806", "reference_id": "RHSA-2023:1806", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1806" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1809", "reference_id": "RHSA-2023:1809", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1809" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1810", "reference_id": "RHSA-2023:1810", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1810" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1811", "reference_id": "RHSA-2023:1811", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1811" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1777588", "reference_id": "show_bug.cgi?id=1777588", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-09T16:55:03Z/" } ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1777588" }, { "reference_url": "https://usn.ubuntu.com/6015-1/", "reference_id": "USN-6015-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6015-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/73547?format=api", "purl": "pkg:ebuild/mail-client/thunderbird-bin@102.10.0", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/mail-client/thunderbird-bin@102.10.0" } ], "aliases": [ "CVE-2023-1945" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-73wu-d7y3-7bge" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/33940?format=api", "vulnerability_id": "VCID-77u8-v9gs-sfca", "summary": "Multiple vulnerabilities have been discovered in Mozilla Thunderbird, the worst of which could result in arbitrary code execution.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-25728.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-25728.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2023-25728", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00191", "scoring_system": "epss", "scoring_elements": "0.40946", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00191", "scoring_system": "epss", "scoring_elements": "0.41023", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00191", "scoring_system": "epss", "scoring_elements": "0.41028", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00191", "scoring_system": "epss", "scoring_elements": "0.41052", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00191", "scoring_system": "epss", "scoring_elements": "0.4101", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00191", "scoring_system": "epss", "scoring_elements": "0.41026", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00191", "scoring_system": "epss", "scoring_elements": "0.41061", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00191", "scoring_system": "epss", "scoring_elements": "0.41043", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00191", "scoring_system": "epss", "scoring_elements": "0.41036", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00191", "scoring_system": "epss", "scoring_elements": "0.4106", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00191", "scoring_system": "epss", "scoring_elements": "0.40987", "published_at": "2026-04-07T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2023-25728" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-46871", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-46871" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-46877", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-46877" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0430", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0430" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0616", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0616" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0767", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0767" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-23598", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-23598" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-23601", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-23601" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-23602", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-23602" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-23603", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-23603" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-23605", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-23605" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25728", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25728" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25729", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25729" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25730", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25730" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25732", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25732" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25735", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25735" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25737", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25737" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25739", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25739" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25742", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25742" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25744", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25744" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25746", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25746" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2170374", "reference_id": "2170374", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2170374" }, { "reference_url": "https://security.gentoo.org/glsa/202305-35", "reference_id": "GLSA-202305-35", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202305-35" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-05", "reference_id": "mfsa2023-05", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-05" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2023-05/", "reference_id": "mfsa2023-05", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-10T17:40:01Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2023-05/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-06", "reference_id": "mfsa2023-06", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-06" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2023-06/", "reference_id": "mfsa2023-06", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-10T17:40:01Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2023-06/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-07", "reference_id": "mfsa2023-07", "reference_type": "", "scores": [ { "value": "low", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-07" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2023-07/", "reference_id": "mfsa2023-07", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-10T17:40:01Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2023-07/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:0805", "reference_id": "RHSA-2023:0805", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:0805" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:0806", "reference_id": "RHSA-2023:0806", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:0806" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:0807", "reference_id": "RHSA-2023:0807", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:0807" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:0808", "reference_id": "RHSA-2023:0808", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:0808" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:0809", "reference_id": "RHSA-2023:0809", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:0809" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:0810", "reference_id": "RHSA-2023:0810", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:0810" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:0811", "reference_id": "RHSA-2023:0811", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:0811" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:0812", "reference_id": "RHSA-2023:0812", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:0812" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:0817", "reference_id": "RHSA-2023:0817", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:0817" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:0818", "reference_id": "RHSA-2023:0818", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:0818" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:0819", "reference_id": "RHSA-2023:0819", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:0819" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:0820", "reference_id": "RHSA-2023:0820", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:0820" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:0821", "reference_id": "RHSA-2023:0821", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:0821" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:0822", "reference_id": "RHSA-2023:0822", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:0822" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:0823", "reference_id": "RHSA-2023:0823", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:0823" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:0824", "reference_id": "RHSA-2023:0824", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:0824" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1790345", "reference_id": "show_bug.cgi?id=1790345", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-10T17:40:01Z/" } ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1790345" }, { "reference_url": "https://usn.ubuntu.com/5880-1/", "reference_id": "USN-5880-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5880-1/" }, { "reference_url": "https://usn.ubuntu.com/5943-1/", "reference_id": "USN-5943-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5943-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/73547?format=api", "purl": "pkg:ebuild/mail-client/thunderbird-bin@102.10.0", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/mail-client/thunderbird-bin@102.10.0" } ], "aliases": [ "CVE-2023-25728" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-77u8-v9gs-sfca" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/33975?format=api", "vulnerability_id": "VCID-7b8k-mgs3-cud5", "summary": "Multiple vulnerabilities have been discovered in Mozilla Thunderbird, the worst of which could result in arbitrary code execution.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-29550.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-29550.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2023-29550", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0019", "scoring_system": "epss", "scoring_elements": "0.40866", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.0019", "scoring_system": "epss", "scoring_elements": "0.40835", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.0019", "scoring_system": "epss", "scoring_elements": "0.40908", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.0019", "scoring_system": "epss", "scoring_elements": "0.4088", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.0019", "scoring_system": "epss", "scoring_elements": "0.40896", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.0019", "scoring_system": "epss", "scoring_elements": "0.40853", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.0019", "scoring_system": "epss", "scoring_elements": "0.40872", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.0019", "scoring_system": "epss", "scoring_elements": "0.40907", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.0019", "scoring_system": "epss", "scoring_elements": "0.40891", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.0019", "scoring_system": "epss", "scoring_elements": "0.40884", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00198", "scoring_system": "epss", "scoring_elements": "0.41763", "published_at": "2026-04-21T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2023-29550" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0547", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0547" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1945", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1945" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1999", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1999" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-28427", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-28427" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29479", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29479" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29533", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29533" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29535", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29535" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29536", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29536" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29539", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29539" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29541", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29541" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29548", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29548" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29550", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29550" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2186111", "reference_id": "2186111", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2186111" }, { "reference_url": "https://bugzilla.mozilla.org/buglist.cgi?bug_id=1720594%2C1812498%2C1814217%2C1818357%2C1751945%2C1818762%2C1819493%2C1820389%2C1820602%2C1821448%2C1822413%2C1824828", "reference_id": "buglist.cgi?bug_id=1720594%2C1812498%2C1814217%2C1818357%2C1751945%2C1818762%2C1819493%2C1820389%2C1820602%2C1821448%2C1822413%2C1824828", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-01-10T19:20:01Z/" } ], "url": "https://bugzilla.mozilla.org/buglist.cgi?bug_id=1720594%2C1812498%2C1814217%2C1818357%2C1751945%2C1818762%2C1819493%2C1820389%2C1820602%2C1821448%2C1822413%2C1824828" }, { "reference_url": "https://security.gentoo.org/glsa/202305-35", "reference_id": "GLSA-202305-35", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202305-35" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-13", "reference_id": "mfsa2023-13", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-13" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2023-13/", "reference_id": "mfsa2023-13", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-01-10T19:20:01Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2023-13/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-14", "reference_id": "mfsa2023-14", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-14" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2023-14/", "reference_id": "mfsa2023-14", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-01-10T19:20:01Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2023-14/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-15", "reference_id": "mfsa2023-15", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-15" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2023-15/", "reference_id": "mfsa2023-15", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-01-10T19:20:01Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2023-15/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1785", "reference_id": "RHSA-2023:1785", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1785" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1786", "reference_id": "RHSA-2023:1786", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1786" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1787", "reference_id": "RHSA-2023:1787", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1787" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1788", "reference_id": "RHSA-2023:1788", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1788" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1789", "reference_id": "RHSA-2023:1789", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1789" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1790", "reference_id": "RHSA-2023:1790", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1790" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1791", "reference_id": "RHSA-2023:1791", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1791" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1792", "reference_id": "RHSA-2023:1792", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1792" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1802", "reference_id": "RHSA-2023:1802", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1802" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1803", "reference_id": "RHSA-2023:1803", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1803" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1804", "reference_id": "RHSA-2023:1804", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1804" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1805", "reference_id": "RHSA-2023:1805", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1805" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1806", "reference_id": "RHSA-2023:1806", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1806" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1809", "reference_id": "RHSA-2023:1809", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1809" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1810", "reference_id": "RHSA-2023:1810", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1810" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1811", "reference_id": "RHSA-2023:1811", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1811" }, { "reference_url": "https://usn.ubuntu.com/6010-1/", "reference_id": "USN-6010-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6010-1/" }, { "reference_url": "https://usn.ubuntu.com/6015-1/", "reference_id": "USN-6015-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6015-1/" }, { "reference_url": "https://usn.ubuntu.com/6120-1/", "reference_id": "USN-6120-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6120-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/73547?format=api", "purl": "pkg:ebuild/mail-client/thunderbird-bin@102.10.0", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/mail-client/thunderbird-bin@102.10.0" } ], "aliases": [ "CVE-2023-29550" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-7b8k-mgs3-cud5" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/33962?format=api", "vulnerability_id": "VCID-9e85-bdkj-zyf3", "summary": "Multiple vulnerabilities have been discovered in Mozilla Thunderbird, the worst of which could result in arbitrary code execution.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-25751.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-25751.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2023-25751", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00115", "scoring_system": "epss", "scoring_elements": "0.30093", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00115", "scoring_system": "epss", "scoring_elements": "0.30193", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00115", "scoring_system": "epss", "scoring_elements": "0.30228", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00115", "scoring_system": "epss", "scoring_elements": "0.30232", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00115", "scoring_system": "epss", "scoring_elements": "0.30189", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00115", "scoring_system": "epss", "scoring_elements": "0.30142", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00115", "scoring_system": "epss", "scoring_elements": "0.30157", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00115", "scoring_system": "epss", "scoring_elements": "0.30138", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00115", "scoring_system": "epss", "scoring_elements": "0.30269", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00115", "scoring_system": "epss", "scoring_elements": "0.30319", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00115", "scoring_system": "epss", "scoring_elements": "0.30133", "published_at": "2026-04-07T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2023-25751" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25751", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25751" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25752", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25752" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-28162", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-28162" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-28164", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-28164" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-28176", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-28176" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2178458", "reference_id": "2178458", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2178458" }, { "reference_url": "https://security.gentoo.org/glsa/202305-35", "reference_id": "GLSA-202305-35", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202305-35" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-09", "reference_id": "mfsa2023-09", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-09" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2023-09/", "reference_id": "mfsa2023-09", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-09T16:09:17Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2023-09/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-10", "reference_id": "mfsa2023-10", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-10" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2023-10/", "reference_id": "mfsa2023-10", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-09T16:09:17Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2023-10/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-11", "reference_id": "mfsa2023-11", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-11" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2023-11/", "reference_id": "mfsa2023-11", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-09T16:09:17Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2023-11/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1333", "reference_id": "RHSA-2023:1333", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1333" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1336", "reference_id": "RHSA-2023:1336", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1336" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1337", "reference_id": "RHSA-2023:1337", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1337" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1364", "reference_id": "RHSA-2023:1364", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1364" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1367", "reference_id": "RHSA-2023:1367", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1367" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1401", "reference_id": "RHSA-2023:1401", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1401" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1402", "reference_id": "RHSA-2023:1402", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1402" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1403", "reference_id": "RHSA-2023:1403", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1403" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1404", "reference_id": "RHSA-2023:1404", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1404" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1407", "reference_id": "RHSA-2023:1407", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1407" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1442", "reference_id": "RHSA-2023:1442", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1442" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1443", "reference_id": "RHSA-2023:1443", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1443" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1444", "reference_id": "RHSA-2023:1444", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1444" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1445", "reference_id": "RHSA-2023:1445", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1445" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1472", "reference_id": "RHSA-2023:1472", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1472" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1479", "reference_id": "RHSA-2023:1479", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1479" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1814899", "reference_id": "show_bug.cgi?id=1814899", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-09T16:09:17Z/" } ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1814899" }, { "reference_url": "https://usn.ubuntu.com/5954-1/", "reference_id": "USN-5954-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5954-1/" }, { "reference_url": "https://usn.ubuntu.com/5972-1/", "reference_id": "USN-5972-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5972-1/" }, { "reference_url": "https://usn.ubuntu.com/6120-1/", "reference_id": "USN-6120-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6120-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/73547?format=api", "purl": "pkg:ebuild/mail-client/thunderbird-bin@102.10.0", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/mail-client/thunderbird-bin@102.10.0" } ], "aliases": [ "CVE-2023-25751" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-9e85-bdkj-zyf3" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/33974?format=api", "vulnerability_id": "VCID-a8gt-y9j7-zuhs", "summary": "Multiple vulnerabilities have been discovered in Mozilla Thunderbird, the worst of which could result in arbitrary code execution.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-29548.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.4", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:N/I:L/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-29548.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2023-29548", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00106", "scoring_system": "epss", "scoring_elements": "0.2861", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00138", "scoring_system": "epss", "scoring_elements": "0.3389", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00138", "scoring_system": "epss", "scoring_elements": "0.33783", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00138", "scoring_system": "epss", "scoring_elements": "0.33807", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00138", "scoring_system": "epss", "scoring_elements": "0.33849", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00138", "scoring_system": "epss", "scoring_elements": "0.33851", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00138", "scoring_system": "epss", "scoring_elements": "0.33817", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00138", "scoring_system": "epss", "scoring_elements": "0.33922", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00138", "scoring_system": "epss", "scoring_elements": "0.33775", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00138", "scoring_system": "epss", "scoring_elements": "0.33821", "published_at": "2026-04-16T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2023-29548" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0547", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0547" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1945", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1945" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1999", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1999" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-28427", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-28427" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29479", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29479" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29533", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29533" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29535", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29535" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29536", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29536" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29539", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29539" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29541", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29541" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29548", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29548" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29550", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29550" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2186110", "reference_id": "2186110", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2186110" }, { "reference_url": "https://security.gentoo.org/glsa/202305-35", "reference_id": "GLSA-202305-35", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202305-35" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-13", "reference_id": "mfsa2023-13", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-13" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2023-13/", "reference_id": "mfsa2023-13", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-10T19:16:05Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2023-13/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-14", "reference_id": "mfsa2023-14", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-14" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2023-14/", "reference_id": "mfsa2023-14", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-10T19:16:05Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2023-14/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-15", "reference_id": "mfsa2023-15", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-15" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2023-15/", "reference_id": "mfsa2023-15", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-10T19:16:05Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2023-15/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1785", "reference_id": "RHSA-2023:1785", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1785" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1786", "reference_id": "RHSA-2023:1786", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1786" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1787", "reference_id": "RHSA-2023:1787", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1787" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1788", "reference_id": "RHSA-2023:1788", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1788" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1789", "reference_id": "RHSA-2023:1789", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1789" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1790", "reference_id": "RHSA-2023:1790", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1790" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1791", "reference_id": "RHSA-2023:1791", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1791" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1792", "reference_id": "RHSA-2023:1792", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1792" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1802", "reference_id": "RHSA-2023:1802", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1802" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1803", "reference_id": "RHSA-2023:1803", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1803" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1804", "reference_id": "RHSA-2023:1804", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1804" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1805", "reference_id": "RHSA-2023:1805", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1805" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1806", "reference_id": "RHSA-2023:1806", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1806" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1809", "reference_id": "RHSA-2023:1809", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1809" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1810", "reference_id": "RHSA-2023:1810", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1810" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1811", "reference_id": "RHSA-2023:1811", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1811" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1822754", "reference_id": "show_bug.cgi?id=1822754", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-10T19:16:05Z/" } ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1822754" }, { "reference_url": "https://usn.ubuntu.com/6010-1/", "reference_id": "USN-6010-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6010-1/" }, { "reference_url": "https://usn.ubuntu.com/6015-1/", "reference_id": "USN-6015-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6015-1/" }, { "reference_url": "https://usn.ubuntu.com/6120-1/", "reference_id": "USN-6120-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6120-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/73547?format=api", "purl": "pkg:ebuild/mail-client/thunderbird-bin@102.10.0", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/mail-client/thunderbird-bin@102.10.0" } ], "aliases": [ "CVE-2023-29548" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-a8gt-y9j7-zuhs" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/33968?format=api", "vulnerability_id": "VCID-ag5p-n7es-v7gh", "summary": "Multiple vulnerabilities have been discovered in Mozilla Thunderbird, the worst of which could result in arbitrary code execution.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-28176.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-28176.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2023-28176", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00156", "scoring_system": "epss", "scoring_elements": "0.36354", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00156", "scoring_system": "epss", "scoring_elements": "0.3641", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00156", "scoring_system": "epss", "scoring_elements": "0.36493", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00156", "scoring_system": "epss", "scoring_elements": "0.36427", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00156", "scoring_system": "epss", "scoring_elements": "0.36386", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00156", "scoring_system": "epss", "scoring_elements": "0.36408", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00156", "scoring_system": "epss", "scoring_elements": "0.36443", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00156", "scoring_system": "epss", "scoring_elements": "0.36435", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00156", "scoring_system": "epss", "scoring_elements": "0.36415", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00156", "scoring_system": "epss", "scoring_elements": "0.36527", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00156", "scoring_system": "epss", "scoring_elements": "0.36365", "published_at": "2026-04-07T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2023-28176" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25751", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25751" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25752", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25752" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-28162", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-28162" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-28164", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-28164" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-28176", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-28176" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2178472", "reference_id": "2178472", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2178472" }, { "reference_url": "https://bugzilla.mozilla.org/buglist.cgi?bug_id=1808352%2C1811637%2C1815904%2C1817442%2C1818674", "reference_id": "buglist.cgi?bug_id=1808352%2C1811637%2C1815904%2C1817442%2C1818674", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-01-08T20:25:03Z/" } ], "url": "https://bugzilla.mozilla.org/buglist.cgi?bug_id=1808352%2C1811637%2C1815904%2C1817442%2C1818674" }, { "reference_url": "https://security.gentoo.org/glsa/202305-35", "reference_id": "GLSA-202305-35", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202305-35" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-09", "reference_id": "mfsa2023-09", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-09" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2023-09/", "reference_id": "mfsa2023-09", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-01-08T20:25:03Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2023-09/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-10", "reference_id": "mfsa2023-10", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-10" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2023-10/", "reference_id": "mfsa2023-10", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-01-08T20:25:03Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2023-10/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-11", "reference_id": "mfsa2023-11", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-11" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2023-11/", "reference_id": "mfsa2023-11", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-01-08T20:25:03Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2023-11/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1333", "reference_id": "RHSA-2023:1333", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1333" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1336", "reference_id": "RHSA-2023:1336", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1336" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1337", "reference_id": "RHSA-2023:1337", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1337" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1364", "reference_id": "RHSA-2023:1364", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1364" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1367", "reference_id": "RHSA-2023:1367", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1367" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1401", "reference_id": "RHSA-2023:1401", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1401" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1402", "reference_id": "RHSA-2023:1402", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1402" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1403", "reference_id": "RHSA-2023:1403", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1403" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1404", "reference_id": "RHSA-2023:1404", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1404" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1407", "reference_id": "RHSA-2023:1407", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1407" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1442", "reference_id": "RHSA-2023:1442", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1442" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1443", "reference_id": "RHSA-2023:1443", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1443" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1444", "reference_id": "RHSA-2023:1444", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1444" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1445", "reference_id": "RHSA-2023:1445", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1445" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1472", "reference_id": "RHSA-2023:1472", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1472" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1479", "reference_id": "RHSA-2023:1479", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1479" }, { "reference_url": "https://usn.ubuntu.com/5954-1/", "reference_id": "USN-5954-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5954-1/" }, { "reference_url": "https://usn.ubuntu.com/5972-1/", "reference_id": "USN-5972-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5972-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/73547?format=api", "purl": "pkg:ebuild/mail-client/thunderbird-bin@102.10.0", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/mail-client/thunderbird-bin@102.10.0" } ], "aliases": [ "CVE-2023-28176" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-ag5p-n7es-v7gh" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/33941?format=api", "vulnerability_id": "VCID-ajzf-jj8y-3ue3", "summary": "Multiple vulnerabilities have been discovered in Mozilla Thunderbird, the worst of which could result in arbitrary code execution.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-25729.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-25729.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2023-25729", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00124", "scoring_system": "epss", "scoring_elements": "0.31517", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00124", "scoring_system": "epss", "scoring_elements": "0.31549", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00124", "scoring_system": "epss", "scoring_elements": "0.31667", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00124", "scoring_system": "epss", "scoring_elements": "0.31572", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00124", "scoring_system": "epss", "scoring_elements": "0.31538", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00124", "scoring_system": "epss", "scoring_elements": "0.31574", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00124", "scoring_system": "epss", "scoring_elements": "0.31616", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00124", "scoring_system": "epss", "scoring_elements": "0.31612", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00124", "scoring_system": "epss", "scoring_elements": "0.31582", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00124", "scoring_system": "epss", "scoring_elements": "0.31711", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00124", "scoring_system": "epss", "scoring_elements": "0.3153", "published_at": "2026-04-07T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2023-25729" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-46871", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-46871" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-46877", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-46877" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0430", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0430" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0616", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0616" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0767", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0767" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-23598", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-23598" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-23601", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-23601" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-23602", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-23602" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-23603", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-23603" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-23605", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-23605" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25728", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25728" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25729", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25729" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25730", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25730" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25732", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25732" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25735", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25735" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25737", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25737" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25739", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25739" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25742", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25742" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25744", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25744" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25746", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25746" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2170382", "reference_id": "2170382", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2170382" }, { "reference_url": "https://security.gentoo.org/glsa/202305-35", "reference_id": "GLSA-202305-35", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202305-35" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-05", "reference_id": "mfsa2023-05", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-05" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2023-05/", "reference_id": "mfsa2023-05", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2025-01-10T17:35:34Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2023-05/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-06", "reference_id": "mfsa2023-06", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-06" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2023-06/", "reference_id": "mfsa2023-06", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2025-01-10T17:35:34Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2023-06/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-07", "reference_id": "mfsa2023-07", "reference_type": "", "scores": [ { "value": "low", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-07" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2023-07/", "reference_id": "mfsa2023-07", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2025-01-10T17:35:34Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2023-07/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:0805", "reference_id": "RHSA-2023:0805", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:0805" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:0806", "reference_id": "RHSA-2023:0806", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:0806" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:0807", "reference_id": "RHSA-2023:0807", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:0807" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:0808", "reference_id": "RHSA-2023:0808", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:0808" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:0809", "reference_id": "RHSA-2023:0809", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:0809" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:0810", "reference_id": "RHSA-2023:0810", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:0810" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:0811", "reference_id": "RHSA-2023:0811", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:0811" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:0812", "reference_id": "RHSA-2023:0812", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:0812" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:0817", "reference_id": "RHSA-2023:0817", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:0817" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:0818", "reference_id": "RHSA-2023:0818", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:0818" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:0819", "reference_id": "RHSA-2023:0819", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:0819" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:0820", "reference_id": "RHSA-2023:0820", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:0820" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:0821", "reference_id": "RHSA-2023:0821", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:0821" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:0822", "reference_id": "RHSA-2023:0822", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:0822" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:0823", "reference_id": "RHSA-2023:0823", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:0823" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:0824", "reference_id": "RHSA-2023:0824", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:0824" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1792138", "reference_id": "show_bug.cgi?id=1792138", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2025-01-10T17:35:34Z/" } ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1792138" }, { "reference_url": "https://usn.ubuntu.com/5880-1/", "reference_id": "USN-5880-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5880-1/" }, { "reference_url": "https://usn.ubuntu.com/5943-1/", "reference_id": "USN-5943-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5943-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/73547?format=api", "purl": "pkg:ebuild/mail-client/thunderbird-bin@102.10.0", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/mail-client/thunderbird-bin@102.10.0" } ], "aliases": [ "CVE-2023-25729" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-ajzf-jj8y-3ue3" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/33972?format=api", "vulnerability_id": "VCID-as8g-vnyj-u7hk", "summary": "Multiple vulnerabilities have been discovered in Mozilla Thunderbird, the worst of which could result in arbitrary code execution.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-29539.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-29539.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2023-29539", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00209", "scoring_system": "epss", "scoring_elements": "0.43326", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00209", "scoring_system": "epss", "scoring_elements": "0.43305", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00209", "scoring_system": "epss", "scoring_elements": "0.43302", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00209", "scoring_system": "epss", "scoring_elements": "0.43273", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00209", "scoring_system": "epss", "scoring_elements": "0.43291", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00209", "scoring_system": "epss", "scoring_elements": "0.43239", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00221", "scoring_system": "epss", "scoring_elements": "0.44748", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00221", "scoring_system": "epss", "scoring_elements": "0.4477", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00221", "scoring_system": "epss", "scoring_elements": "0.44772", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00221", "scoring_system": "epss", "scoring_elements": "0.44825", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00221", "scoring_system": "epss", "scoring_elements": "0.44818", "published_at": "2026-04-18T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2023-29539" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0547", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0547" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1945", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1945" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1999", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1999" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-28427", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-28427" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29479", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29479" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29533", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29533" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29535", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29535" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29536", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29536" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29539", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29539" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29541", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29541" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29548", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29548" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29550", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29550" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2186105", "reference_id": "2186105", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2186105" }, { "reference_url": "https://security.gentoo.org/glsa/202305-35", "reference_id": "GLSA-202305-35", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202305-35" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-13", "reference_id": "mfsa2023-13", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-13" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2023-13/", "reference_id": "mfsa2023-13", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-01-09T15:43:44Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2023-13/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-14", "reference_id": "mfsa2023-14", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-14" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2023-14/", "reference_id": "mfsa2023-14", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-01-09T15:43:44Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2023-14/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-15", "reference_id": "mfsa2023-15", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-15" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2023-15/", "reference_id": "mfsa2023-15", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-01-09T15:43:44Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2023-15/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1785", "reference_id": "RHSA-2023:1785", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1785" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1786", "reference_id": "RHSA-2023:1786", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1786" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1787", "reference_id": "RHSA-2023:1787", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1787" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1788", "reference_id": "RHSA-2023:1788", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1788" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1789", "reference_id": "RHSA-2023:1789", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1789" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1790", "reference_id": "RHSA-2023:1790", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1790" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1791", "reference_id": "RHSA-2023:1791", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1791" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1792", "reference_id": "RHSA-2023:1792", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1792" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1802", "reference_id": "RHSA-2023:1802", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1802" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1803", "reference_id": "RHSA-2023:1803", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1803" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1804", "reference_id": "RHSA-2023:1804", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1804" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1805", "reference_id": "RHSA-2023:1805", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1805" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1806", "reference_id": "RHSA-2023:1806", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1806" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1809", "reference_id": "RHSA-2023:1809", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1809" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1810", "reference_id": "RHSA-2023:1810", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1810" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1811", "reference_id": "RHSA-2023:1811", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1811" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1784348", "reference_id": "show_bug.cgi?id=1784348", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-01-09T15:43:44Z/" } ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1784348" }, { "reference_url": "https://usn.ubuntu.com/6010-1/", "reference_id": "USN-6010-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6010-1/" }, { "reference_url": "https://usn.ubuntu.com/6015-1/", "reference_id": "USN-6015-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6015-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/73547?format=api", "purl": "pkg:ebuild/mail-client/thunderbird-bin@102.10.0", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/mail-client/thunderbird-bin@102.10.0" } ], "aliases": [ "CVE-2023-29539" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-as8g-vnyj-u7hk" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/33960?format=api", "vulnerability_id": "VCID-aufc-f7tk-h7hj", "summary": "Multiple vulnerabilities have been discovered in Mozilla Thunderbird, the worst of which could result in arbitrary code execution.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-25746.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-25746.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2023-25746", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00145", "scoring_system": "epss", "scoring_elements": "0.34846", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00145", "scoring_system": "epss", "scoring_elements": "0.34852", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00145", "scoring_system": "epss", "scoring_elements": "0.34897", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00145", "scoring_system": "epss", "scoring_elements": "0.34925", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00145", "scoring_system": "epss", "scoring_elements": "0.34929", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00145", "scoring_system": "epss", "scoring_elements": "0.34893", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00145", "scoring_system": "epss", "scoring_elements": "0.3487", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00145", "scoring_system": "epss", "scoring_elements": "0.34908", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00145", "scoring_system": "epss", "scoring_elements": "0.34891", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00145", "scoring_system": "epss", "scoring_elements": "0.34945", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00145", "scoring_system": "epss", "scoring_elements": "0.34971", "published_at": "2026-04-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2023-25746" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-46871", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-46871" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-46877", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-46877" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0430", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0430" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0616", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0616" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0767", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0767" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-23598", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-23598" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-23601", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-23601" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-23602", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-23602" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-23603", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-23603" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-23605", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-23605" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25728", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25728" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25729", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25729" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25730", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25730" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25732", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25732" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25735", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25735" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25737", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25737" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25739", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25739" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25742", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25742" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25744", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25744" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25746", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25746" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2170402", "reference_id": "2170402", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2170402" }, { "reference_url": "https://bugzilla.mozilla.org/buglist.cgi?bug_id=1544127%2C1762368", "reference_id": "buglist.cgi?bug_id=1544127%2C1762368", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-01-09T19:10:21Z/" } ], "url": "https://bugzilla.mozilla.org/buglist.cgi?bug_id=1544127%2C1762368" }, { "reference_url": "https://security.gentoo.org/glsa/202305-35", "reference_id": "GLSA-202305-35", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202305-35" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-06", "reference_id": "mfsa2023-06", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-06" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2023-06/", "reference_id": "mfsa2023-06", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-01-09T19:10:21Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2023-06/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-07", "reference_id": "mfsa2023-07", "reference_type": "", "scores": [ { "value": "low", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-07" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2023-07/", "reference_id": "mfsa2023-07", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-01-09T19:10:21Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2023-07/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:0805", "reference_id": "RHSA-2023:0805", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:0805" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:0806", "reference_id": "RHSA-2023:0806", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:0806" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:0807", "reference_id": "RHSA-2023:0807", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:0807" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:0808", "reference_id": "RHSA-2023:0808", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:0808" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:0809", "reference_id": "RHSA-2023:0809", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:0809" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:0810", "reference_id": "RHSA-2023:0810", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:0810" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:0811", "reference_id": "RHSA-2023:0811", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:0811" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:0812", "reference_id": "RHSA-2023:0812", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:0812" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:0817", "reference_id": "RHSA-2023:0817", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:0817" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:0818", "reference_id": "RHSA-2023:0818", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:0818" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:0819", "reference_id": "RHSA-2023:0819", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:0819" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:0820", "reference_id": "RHSA-2023:0820", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:0820" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:0821", "reference_id": "RHSA-2023:0821", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:0821" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:0822", "reference_id": "RHSA-2023:0822", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:0822" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:0823", "reference_id": "RHSA-2023:0823", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:0823" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:0824", "reference_id": "RHSA-2023:0824", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:0824" }, { "reference_url": "https://usn.ubuntu.com/5943-1/", "reference_id": "USN-5943-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5943-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/73547?format=api", "purl": "pkg:ebuild/mail-client/thunderbird-bin@102.10.0", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/mail-client/thunderbird-bin@102.10.0" } ], "aliases": [ "CVE-2023-25746" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-aufc-f7tk-h7hj" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/33973?format=api", "vulnerability_id": "VCID-bc7q-srps-sfd7", "summary": "Multiple vulnerabilities have been discovered in Mozilla Thunderbird, the worst of which could result in arbitrary code execution.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-29541.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-29541.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2023-29541", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.002", "scoring_system": "epss", "scoring_elements": "0.42108", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.002", "scoring_system": "epss", "scoring_elements": "0.42033", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.002", "scoring_system": "epss", "scoring_elements": "0.42095", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.002", "scoring_system": "epss", "scoring_elements": "0.42068", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.002", "scoring_system": "epss", "scoring_elements": "0.42057", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.002", "scoring_system": "epss", "scoring_elements": "0.42082", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.002", "scoring_system": "epss", "scoring_elements": "0.4212", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.002", "scoring_system": "epss", "scoring_elements": "0.42097", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.002", "scoring_system": "epss", "scoring_elements": "0.42085", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00208", "scoring_system": "epss", "scoring_elements": "0.43146", "published_at": "2026-04-21T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2023-29541" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0547", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0547" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1945", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1945" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1999", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1999" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-28427", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-28427" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29479", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29479" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29533", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29533" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29535", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29535" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29536", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29536" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29539", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29539" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29541", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29541" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29548", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29548" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29550", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29550" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2186106", "reference_id": "2186106", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2186106" }, { "reference_url": "https://security.gentoo.org/glsa/202305-35", "reference_id": "GLSA-202305-35", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202305-35" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-13", "reference_id": "mfsa2023-13", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-13" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2023-13/", "reference_id": "mfsa2023-13", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-10T19:08:52Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2023-13/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-14", "reference_id": "mfsa2023-14", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-14" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2023-14/", "reference_id": "mfsa2023-14", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-10T19:08:52Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2023-14/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-15", "reference_id": "mfsa2023-15", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-15" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2023-15/", "reference_id": "mfsa2023-15", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-10T19:08:52Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2023-15/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1785", "reference_id": "RHSA-2023:1785", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1785" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1786", "reference_id": "RHSA-2023:1786", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1786" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1787", "reference_id": "RHSA-2023:1787", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1787" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1788", "reference_id": "RHSA-2023:1788", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1788" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1789", "reference_id": "RHSA-2023:1789", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1789" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1790", "reference_id": "RHSA-2023:1790", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1790" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1791", "reference_id": "RHSA-2023:1791", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1791" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1792", "reference_id": "RHSA-2023:1792", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1792" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1802", "reference_id": "RHSA-2023:1802", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1802" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1803", "reference_id": "RHSA-2023:1803", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1803" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1804", "reference_id": "RHSA-2023:1804", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1804" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1805", "reference_id": "RHSA-2023:1805", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1805" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1806", "reference_id": "RHSA-2023:1806", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1806" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1809", "reference_id": "RHSA-2023:1809", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1809" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1810", "reference_id": "RHSA-2023:1810", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1810" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1811", "reference_id": "RHSA-2023:1811", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1811" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1810191", "reference_id": "show_bug.cgi?id=1810191", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-10T19:08:52Z/" } ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1810191" }, { "reference_url": "https://usn.ubuntu.com/6010-1/", "reference_id": "USN-6010-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6010-1/" }, { "reference_url": "https://usn.ubuntu.com/6015-1/", "reference_id": "USN-6015-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6015-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/73547?format=api", "purl": "pkg:ebuild/mail-client/thunderbird-bin@102.10.0", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/mail-client/thunderbird-bin@102.10.0" } ], "aliases": [ "CVE-2023-29541" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-bc7q-srps-sfd7" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/33937?format=api", "vulnerability_id": "VCID-cgvg-aj53-kkbp", "summary": "Multiple vulnerabilities have been discovered in Mozilla Thunderbird, the worst of which could result in arbitrary code execution.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-0767.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-0767.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2023-0767", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00249", "scoring_system": "epss", "scoring_elements": "0.48125", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.0027", "scoring_system": "epss", "scoring_elements": "0.50528", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.0027", "scoring_system": "epss", "scoring_elements": "0.50448", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.0027", "scoring_system": "epss", "scoring_elements": "0.50485", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.0027", "scoring_system": "epss", "scoring_elements": "0.505", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.0027", "scoring_system": "epss", "scoring_elements": "0.50523", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.0027", "scoring_system": "epss", "scoring_elements": "0.50533", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.0027", "scoring_system": "epss", "scoring_elements": "0.50484", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.0027", "scoring_system": "epss", "scoring_elements": "0.5043", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.0027", "scoring_system": "epss", "scoring_elements": "0.50477", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.0027", "scoring_system": "epss", "scoring_elements": "0.50481", "published_at": "2026-04-09T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2023-0767" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-46871", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-46871" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-46877", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-46877" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0430", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0430" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0616", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0616" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0767", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0767" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-23598", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-23598" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-23601", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-23601" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-23602", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-23602" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-23603", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-23603" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-23605", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-23605" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25728", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25728" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25729", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25729" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25730", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25730" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25732", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25732" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25735", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25735" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25737", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25737" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25739", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25739" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25742", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25742" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25744", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25744" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25746", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25746" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2170377", "reference_id": "2170377", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2170377" }, { "reference_url": "https://alas.aws.amazon.com/AL2/ALAS-2023-1992.html", "reference_id": "ALAS-2023-1992.html", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-23T13:27:56Z/" } ], "url": "https://alas.aws.amazon.com/AL2/ALAS-2023-1992.html" }, { "reference_url": "https://security.gentoo.org/glsa/202305-35", "reference_id": "GLSA-202305-35", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202305-35" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-05", "reference_id": "mfsa2023-05", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-05" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2023-05/", "reference_id": "mfsa2023-05", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-23T13:27:56Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2023-05/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-06", "reference_id": "mfsa2023-06", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-06" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2023-06/", "reference_id": "mfsa2023-06", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-23T13:27:56Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2023-06/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-07", "reference_id": "mfsa2023-07", "reference_type": "", "scores": [ { "value": "low", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-07" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2023-07/", "reference_id": "mfsa2023-07", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-23T13:27:56Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2023-07/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1252", "reference_id": "RHSA-2023:1252", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1252" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1332", "reference_id": "RHSA-2023:1332", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1332" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1365", "reference_id": "RHSA-2023:1365", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1365" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1366", "reference_id": "RHSA-2023:1366", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1366" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1368", "reference_id": "RHSA-2023:1368", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1368" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1369", "reference_id": "RHSA-2023:1369", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1369" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1370", "reference_id": "RHSA-2023:1370", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1370" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1406", "reference_id": "RHSA-2023:1406", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1406" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1436", "reference_id": "RHSA-2023:1436", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1436" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1442", "reference_id": "RHSA-2023:1442", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1442" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1443", "reference_id": "RHSA-2023:1443", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1443" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1444", "reference_id": "RHSA-2023:1444", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1444" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1445", "reference_id": "RHSA-2023:1445", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1445" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1472", "reference_id": "RHSA-2023:1472", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1472" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1479", "reference_id": "RHSA-2023:1479", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1479" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1677", "reference_id": "RHSA-2023:1677", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1677" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1804640", "reference_id": "show_bug.cgi?id=1804640", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-23T13:27:56Z/" } ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1804640" }, { "reference_url": "https://usn.ubuntu.com/5880-1/", "reference_id": "USN-5880-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5880-1/" }, { "reference_url": "https://usn.ubuntu.com/5892-1/", "reference_id": "USN-5892-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5892-1/" }, { "reference_url": "https://usn.ubuntu.com/5892-2/", "reference_id": "USN-5892-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5892-2/" }, { "reference_url": "https://usn.ubuntu.com/5943-1/", "reference_id": "USN-5943-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5943-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/73547?format=api", "purl": "pkg:ebuild/mail-client/thunderbird-bin@102.10.0", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/mail-client/thunderbird-bin@102.10.0" } ], "aliases": [ "CVE-2023-0767" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-cgvg-aj53-kkbp" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/33949?format=api", "vulnerability_id": "VCID-dveb-sthz-bkgu", "summary": "Multiple vulnerabilities have been discovered in Mozilla Thunderbird, the worst of which could result in arbitrary code execution.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-25738.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-25738.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2023-25738", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00163", "scoring_system": "epss", "scoring_elements": "0.37145", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00163", "scoring_system": "epss", "scoring_elements": "0.37201", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00163", "scoring_system": "epss", "scoring_elements": "0.37303", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00163", "scoring_system": "epss", "scoring_elements": "0.37218", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00163", "scoring_system": "epss", "scoring_elements": "0.37172", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00163", "scoring_system": "epss", "scoring_elements": "0.37199", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00163", "scoring_system": "epss", "scoring_elements": "0.37233", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00163", "scoring_system": "epss", "scoring_elements": "0.37223", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00163", "scoring_system": "epss", "scoring_elements": "0.37208", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00163", "scoring_system": "epss", "scoring_elements": "0.37329", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00163", "scoring_system": "epss", "scoring_elements": "0.37156", "published_at": "2026-04-07T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2023-25738" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2170380", "reference_id": "2170380", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2170380" }, { "reference_url": "https://security.gentoo.org/glsa/202305-35", "reference_id": "GLSA-202305-35", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202305-35" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-05", "reference_id": "mfsa2023-05", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-05" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2023-05/", "reference_id": "mfsa2023-05", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-09T20:08:20Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2023-05/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-06", "reference_id": "mfsa2023-06", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-06" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2023-06/", "reference_id": "mfsa2023-06", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-09T20:08:20Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2023-06/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-07", "reference_id": "mfsa2023-07", "reference_type": "", "scores": [ { "value": "low", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-07" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2023-07/", "reference_id": "mfsa2023-07", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-09T20:08:20Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2023-07/" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1811852", "reference_id": "show_bug.cgi?id=1811852", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-09T20:08:20Z/" } ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1811852" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/73547?format=api", "purl": "pkg:ebuild/mail-client/thunderbird-bin@102.10.0", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/mail-client/thunderbird-bin@102.10.0" } ], "aliases": [ "CVE-2023-25738" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-dveb-sthz-bkgu" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/33958?format=api", "vulnerability_id": "VCID-ez4g-384r-vueu", "summary": "Multiple vulnerabilities have been discovered in Mozilla Thunderbird, the worst of which could result in arbitrary code execution.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-25745.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-25745.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2023-25745", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00268", "scoring_system": "epss", "scoring_elements": "0.50277", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00268", "scoring_system": "epss", "scoring_elements": "0.50311", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00268", "scoring_system": "epss", "scoring_elements": "0.50328", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00268", "scoring_system": "epss", "scoring_elements": "0.50303", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00268", "scoring_system": "epss", "scoring_elements": "0.50291", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00268", "scoring_system": "epss", "scoring_elements": "0.50336", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00268", "scoring_system": "epss", "scoring_elements": "0.50337", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00268", "scoring_system": "epss", "scoring_elements": "0.50307", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00268", "scoring_system": "epss", "scoring_elements": "0.50255", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00268", "scoring_system": "epss", "scoring_elements": "0.50308", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00268", "scoring_system": "epss", "scoring_elements": "0.503", "published_at": "2026-04-09T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2023-25745" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2170392", "reference_id": "2170392", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2170392" }, { "reference_url": "https://bugzilla.mozilla.org/buglist.cgi?bug_id=1688592%2C1797186%2C1804998%2C1806521%2C1813284", "reference_id": "buglist.cgi?bug_id=1688592%2C1797186%2C1804998%2C1806521%2C1813284", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-01-09T19:44:37Z/" } ], "url": "https://bugzilla.mozilla.org/buglist.cgi?bug_id=1688592%2C1797186%2C1804998%2C1806521%2C1813284" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-05", "reference_id": "mfsa2023-05", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-05" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2023-05/", "reference_id": "mfsa2023-05", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-01-09T19:44:37Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2023-05/" }, { "reference_url": "https://usn.ubuntu.com/5880-1/", "reference_id": "USN-5880-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5880-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/73547?format=api", "purl": "pkg:ebuild/mail-client/thunderbird-bin@102.10.0", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/mail-client/thunderbird-bin@102.10.0" } ], "aliases": [ "CVE-2023-25745" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-ez4g-384r-vueu" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/16959?format=api", "vulnerability_id": "VCID-fs3v-8fsn-uygj", "summary": "Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution')\nmatrix-js-sdk is a Matrix messaging protocol Client-Server SDK for JavaScript. In versions prior to 24.0.0 events sent with special strings in key places can temporarily disrupt or impede the matrix-js-sdk from functioning properly, potentially impacting the consumer's ability to process data safely. Note that the matrix-js-sdk can appear to be operating normally but be excluding or corrupting runtime data presented to the consumer. This vulnerability is distinct from GHSA-rfv9-x7hh-xc32 which covers a similar issue. The issue has been patched in matrix-js-sdk 24.0.0 and users are advised to upgrade. There are no known workarounds for this vulnerability.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-28427.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-28427.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2023-28427", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00247", "scoring_system": "epss", "scoring_elements": "0.47954", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00359", "scoring_system": "epss", "scoring_elements": "0.58065", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00359", "scoring_system": "epss", "scoring_elements": "0.58061", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00359", "scoring_system": "epss", "scoring_elements": "0.58086", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00359", "scoring_system": "epss", "scoring_elements": "0.58092", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00359", "scoring_system": "epss", "scoring_elements": "0.58112", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00359", "scoring_system": "epss", "scoring_elements": "0.58135", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00359", "scoring_system": "epss", "scoring_elements": "0.58119", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00359", "scoring_system": "epss", "scoring_elements": "0.58116", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00435", "scoring_system": "epss", "scoring_elements": "0.62906", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00435", "scoring_system": "epss", "scoring_elements": "0.62913", "published_at": "2026-04-18T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2023-28427" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0547", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0547" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1945", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1945" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1999", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1999" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-28427", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-28427" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29479", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29479" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29533", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29533" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29535", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29535" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29536", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29536" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29539", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29539" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29541", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29541" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29548", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29548" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29550", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29550" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.2", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://github.com/matrix-org/matrix-js-sdk", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.2", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/matrix-org/matrix-js-sdk" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2023/04/msg00027.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.2", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-02-18T20:03:37Z/" } ], "url": "https://lists.debian.org/debian-lts-announce/2023/04/msg00027.html" }, { "reference_url": "https://matrix.org/blog/2023/03/28/security-releases-matrix-js-sdk-24-0-0-and-matrix-react-sdk-3-69-0", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.2", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-02-18T20:03:37Z/" } ], "url": "https://matrix.org/blog/2023/03/28/security-releases-matrix-js-sdk-24-0-0-and-matrix-react-sdk-3-69-0" }, { "reference_url": "https://security.gentoo.org/glsa/202305-36", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.2", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-02-18T20:03:37Z/" } ], "url": "https://security.gentoo.org/glsa/202305-36" }, { "reference_url": "https://www.debian.org/security/2023/dsa-5392", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.2", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-02-18T20:03:37Z/" } ], "url": "https://www.debian.org/security/2023/dsa-5392" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1033621", "reference_id": "1033621", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1033621" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2183278", "reference_id": "2183278", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2183278" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2023-28427", "reference_id": "CVE-2023-28427", "reference_type": "", "scores": [ { "value": "8.2", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-28427" }, { "reference_url": "https://github.com/advisories/GHSA-mwq8-fjpf-c2gr", "reference_id": "GHSA-mwq8-fjpf-c2gr", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-mwq8-fjpf-c2gr" }, { "reference_url": "https://github.com/matrix-org/matrix-js-sdk/security/advisories/GHSA-mwq8-fjpf-c2gr", "reference_id": "GHSA-mwq8-fjpf-c2gr", "reference_type": "", "scores": [ { "value": "8.2", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H" }, { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-02-18T20:03:37Z/" } ], "url": "https://github.com/matrix-org/matrix-js-sdk/security/advisories/GHSA-mwq8-fjpf-c2gr" }, { "reference_url": "https://github.com/matrix-org/matrix-js-sdk/security/advisories/GHSA-rfv9-x7hh-xc32", "reference_id": "GHSA-rfv9-x7hh-xc32", "reference_type": "", "scores": [ { "value": "8.2", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/matrix-org/matrix-js-sdk/security/advisories/GHSA-rfv9-x7hh-xc32" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-12", "reference_id": "mfsa2023-12", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-12" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1802", "reference_id": "RHSA-2023:1802", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1802" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1803", "reference_id": "RHSA-2023:1803", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1803" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1804", "reference_id": "RHSA-2023:1804", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1804" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1805", "reference_id": "RHSA-2023:1805", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1805" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1806", "reference_id": "RHSA-2023:1806", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1806" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1809", "reference_id": "RHSA-2023:1809", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1809" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1810", "reference_id": "RHSA-2023:1810", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1810" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1811", "reference_id": "RHSA-2023:1811", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1811" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/73547?format=api", "purl": "pkg:ebuild/mail-client/thunderbird-bin@102.10.0", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/mail-client/thunderbird-bin@102.10.0" } ], "aliases": [ "CVE-2023-28427", "GHSA-mwq8-fjpf-c2gr" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-fs3v-8fsn-uygj" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/33954?format=api", "vulnerability_id": "VCID-g1af-pkh5-xygt", "summary": "Multiple vulnerabilities have been discovered in Mozilla Thunderbird, the worst of which could result in arbitrary code execution.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-25742.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-25742.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2023-25742", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00106", "scoring_system": "epss", "scoring_elements": "0.28567", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00106", "scoring_system": "epss", "scoring_elements": "0.28672", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00106", "scoring_system": "epss", "scoring_elements": "0.28712", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00106", "scoring_system": "epss", "scoring_elements": "0.28714", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00106", "scoring_system": "epss", "scoring_elements": "0.28669", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00106", "scoring_system": "epss", "scoring_elements": "0.28622", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00106", "scoring_system": "epss", "scoring_elements": "0.28641", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00106", "scoring_system": "epss", "scoring_elements": "0.28616", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00106", "scoring_system": "epss", "scoring_elements": "0.28752", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00106", "scoring_system": "epss", "scoring_elements": "0.288", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00106", "scoring_system": "epss", "scoring_elements": "0.28607", "published_at": "2026-04-07T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2023-25742" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-46871", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-46871" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-46877", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-46877" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0430", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0430" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0616", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0616" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0767", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0767" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-23598", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-23598" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-23601", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-23601" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-23602", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-23602" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-23603", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-23603" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-23605", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-23605" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25728", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25728" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25729", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25729" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25730", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25730" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25732", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25732" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25735", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25735" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25737", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25737" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25739", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25739" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25742", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25742" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25744", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25744" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25746", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25746" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2170390", "reference_id": "2170390", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2170390" }, { "reference_url": "https://security.gentoo.org/glsa/202305-35", "reference_id": "GLSA-202305-35", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202305-35" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-05", "reference_id": "mfsa2023-05", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-05" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2023-05/", "reference_id": "mfsa2023-05", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-09T16:15:37Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2023-05/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-06", "reference_id": "mfsa2023-06", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-06" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2023-06/", "reference_id": "mfsa2023-06", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-09T16:15:37Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2023-06/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-07", "reference_id": "mfsa2023-07", "reference_type": "", "scores": [ { "value": "low", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-07" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2023-07/", "reference_id": "mfsa2023-07", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-09T16:15:37Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2023-07/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:0805", "reference_id": "RHSA-2023:0805", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:0805" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:0806", "reference_id": "RHSA-2023:0806", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:0806" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:0807", "reference_id": "RHSA-2023:0807", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:0807" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:0808", "reference_id": "RHSA-2023:0808", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:0808" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:0809", "reference_id": "RHSA-2023:0809", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:0809" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:0810", "reference_id": "RHSA-2023:0810", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:0810" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:0811", "reference_id": "RHSA-2023:0811", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:0811" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:0812", "reference_id": "RHSA-2023:0812", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:0812" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:0817", "reference_id": "RHSA-2023:0817", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:0817" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:0818", "reference_id": "RHSA-2023:0818", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:0818" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:0819", "reference_id": "RHSA-2023:0819", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:0819" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:0820", "reference_id": "RHSA-2023:0820", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:0820" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:0821", "reference_id": "RHSA-2023:0821", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:0821" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:0822", "reference_id": "RHSA-2023:0822", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:0822" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:0823", "reference_id": "RHSA-2023:0823", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:0823" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:0824", "reference_id": "RHSA-2023:0824", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:0824" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1813424", "reference_id": "show_bug.cgi?id=1813424", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-09T16:15:37Z/" } ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1813424" }, { "reference_url": "https://usn.ubuntu.com/5880-1/", "reference_id": "USN-5880-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5880-1/" }, { "reference_url": "https://usn.ubuntu.com/5943-1/", "reference_id": "USN-5943-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5943-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/73547?format=api", "purl": "pkg:ebuild/mail-client/thunderbird-bin@102.10.0", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/mail-client/thunderbird-bin@102.10.0" } ], "aliases": [ "CVE-2023-25742" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-g1af-pkh5-xygt" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/33953?format=api", "vulnerability_id": "VCID-jvup-17w9-9yf1", "summary": "Multiple vulnerabilities have been discovered in Mozilla Thunderbird, the worst of which could result in arbitrary code execution.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-25741.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-25741.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2023-25741", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00199", "scoring_system": "epss", "scoring_elements": "0.41897", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00199", "scoring_system": "epss", "scoring_elements": "0.41958", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00199", "scoring_system": "epss", "scoring_elements": "0.41986", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00199", "scoring_system": "epss", "scoring_elements": "0.41912", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00199", "scoring_system": "epss", "scoring_elements": "0.41962", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00199", "scoring_system": "epss", "scoring_elements": "0.41974", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00199", "scoring_system": "epss", "scoring_elements": "0.41997", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00199", "scoring_system": "epss", "scoring_elements": "0.41959", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00199", "scoring_system": "epss", "scoring_elements": "0.41945", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00199", "scoring_system": "epss", "scoring_elements": "0.41994", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00199", "scoring_system": "epss", "scoring_elements": "0.41967", "published_at": "2026-04-18T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2023-25741" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2170389", "reference_id": "2170389", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2170389" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-05", "reference_id": "mfsa2023-05", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-05" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2023-05/", "reference_id": "mfsa2023-05", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-09T19:58:39Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2023-05/" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1437126", "reference_id": "show_bug.cgi?id=1437126", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-09T19:58:39Z/" } ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1437126" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1812611", "reference_id": "show_bug.cgi?id=1812611", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-09T19:58:39Z/" } ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1812611" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1813376", "reference_id": "show_bug.cgi?id=1813376", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-09T19:58:39Z/" } ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1813376" }, { "reference_url": "https://usn.ubuntu.com/5880-1/", "reference_id": "USN-5880-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5880-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/73547?format=api", "purl": "pkg:ebuild/mail-client/thunderbird-bin@102.10.0", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/mail-client/thunderbird-bin@102.10.0" } ], "aliases": [ "CVE-2023-25741" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-jvup-17w9-9yf1" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/33967?format=api", "vulnerability_id": "VCID-krq5-4j17-vfg9", "summary": "Multiple vulnerabilities have been discovered in Mozilla Thunderbird, the worst of which could result in arbitrary code execution.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-28164.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-28164.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2023-28164", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00085", "scoring_system": "epss", "scoring_elements": "0.24573", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00085", "scoring_system": "epss", "scoring_elements": "0.24596", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00085", "scoring_system": "epss", "scoring_elements": "0.24746", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00085", "scoring_system": "epss", "scoring_elements": "0.24606", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00085", "scoring_system": "epss", "scoring_elements": "0.24593", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00085", "scoring_system": "epss", "scoring_elements": "0.2465", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00085", "scoring_system": "epss", "scoring_elements": "0.24691", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00085", "scoring_system": "epss", "scoring_elements": "0.24676", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00085", "scoring_system": "epss", "scoring_elements": "0.24629", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00085", "scoring_system": "epss", "scoring_elements": "0.24785", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00085", "scoring_system": "epss", "scoring_elements": "0.24557", "published_at": "2026-04-07T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2023-28164" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25751", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25751" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25752", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25752" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-28162", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-28162" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-28164", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-28164" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-28176", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-28176" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2178470", "reference_id": "2178470", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2178470" }, { "reference_url": "https://security.gentoo.org/glsa/202305-35", "reference_id": "GLSA-202305-35", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202305-35" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-09", "reference_id": "mfsa2023-09", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-09" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2023-09/", "reference_id": "mfsa2023-09", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-09T14:58:40Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2023-09/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-10", "reference_id": "mfsa2023-10", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-10" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2023-10/", "reference_id": "mfsa2023-10", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-09T14:58:40Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2023-10/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-11", "reference_id": "mfsa2023-11", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-11" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2023-11/", "reference_id": "mfsa2023-11", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-09T14:58:40Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2023-11/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1333", "reference_id": "RHSA-2023:1333", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1333" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1336", "reference_id": "RHSA-2023:1336", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1336" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1337", "reference_id": "RHSA-2023:1337", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1337" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1364", "reference_id": "RHSA-2023:1364", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1364" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1367", "reference_id": "RHSA-2023:1367", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1367" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1401", "reference_id": "RHSA-2023:1401", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1401" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1402", "reference_id": "RHSA-2023:1402", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1402" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1403", "reference_id": "RHSA-2023:1403", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1403" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1404", "reference_id": "RHSA-2023:1404", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1404" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1407", "reference_id": "RHSA-2023:1407", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1407" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1442", "reference_id": "RHSA-2023:1442", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1442" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1443", "reference_id": "RHSA-2023:1443", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1443" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1444", "reference_id": "RHSA-2023:1444", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1444" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1445", "reference_id": "RHSA-2023:1445", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1445" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1472", "reference_id": "RHSA-2023:1472", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1472" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1479", "reference_id": "RHSA-2023:1479", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1479" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1809122", "reference_id": "show_bug.cgi?id=1809122", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-09T14:58:40Z/" } ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1809122" }, { "reference_url": "https://usn.ubuntu.com/5954-1/", "reference_id": "USN-5954-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5954-1/" }, { "reference_url": "https://usn.ubuntu.com/5972-1/", "reference_id": "USN-5972-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5972-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/73547?format=api", "purl": "pkg:ebuild/mail-client/thunderbird-bin@102.10.0", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/mail-client/thunderbird-bin@102.10.0" } ], "aliases": [ "CVE-2023-28164" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-krq5-4j17-vfg9" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/33942?format=api", "vulnerability_id": "VCID-m26q-fgjn-yugu", "summary": "Multiple vulnerabilities have been discovered in Mozilla Thunderbird, the worst of which could result in arbitrary code execution.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-25730.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-25730.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2023-25730", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00101", "scoring_system": "epss", "scoring_elements": "0.27843", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00101", "scoring_system": "epss", "scoring_elements": "0.27904", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00101", "scoring_system": "epss", "scoring_elements": "0.28049", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00101", "scoring_system": "epss", "scoring_elements": "0.27895", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00101", "scoring_system": "epss", "scoring_elements": "0.27954", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00101", "scoring_system": "epss", "scoring_elements": "0.27997", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00101", "scoring_system": "epss", "scoring_elements": "0.27994", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00101", "scoring_system": "epss", "scoring_elements": "0.27953", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00101", "scoring_system": "epss", "scoring_elements": "0.28091", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00101", "scoring_system": "epss", "scoring_elements": "0.27886", "published_at": "2026-04-18T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2023-25730" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-46871", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-46871" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-46877", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-46877" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0430", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0430" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0616", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0616" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0767", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0767" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-23598", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-23598" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-23601", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-23601" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-23602", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-23602" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-23603", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-23603" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-23605", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-23605" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25728", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25728" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25729", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25729" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25730", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25730" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25732", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25732" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25735", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25735" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25737", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25737" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25739", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25739" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25742", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25742" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25744", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25744" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25746", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25746" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2170375", "reference_id": "2170375", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2170375" }, { "reference_url": "https://security.gentoo.org/glsa/202305-35", "reference_id": "GLSA-202305-35", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202305-35" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-05", "reference_id": "mfsa2023-05", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-05" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2023-05/", "reference_id": "mfsa2023-05", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-10T17:32:33Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2023-05/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-06", "reference_id": "mfsa2023-06", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-06" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2023-06/", "reference_id": "mfsa2023-06", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-10T17:32:33Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2023-06/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-07", "reference_id": "mfsa2023-07", "reference_type": "", "scores": [ { "value": "low", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-07" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2023-07/", "reference_id": "mfsa2023-07", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-10T17:32:33Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2023-07/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:0805", "reference_id": "RHSA-2023:0805", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:0805" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:0806", "reference_id": "RHSA-2023:0806", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:0806" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:0807", "reference_id": "RHSA-2023:0807", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:0807" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:0808", "reference_id": "RHSA-2023:0808", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:0808" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:0809", "reference_id": "RHSA-2023:0809", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:0809" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:0810", "reference_id": "RHSA-2023:0810", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:0810" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:0811", "reference_id": "RHSA-2023:0811", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:0811" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:0812", "reference_id": "RHSA-2023:0812", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:0812" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:0817", "reference_id": "RHSA-2023:0817", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:0817" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:0818", "reference_id": "RHSA-2023:0818", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:0818" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:0819", "reference_id": "RHSA-2023:0819", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:0819" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:0820", "reference_id": "RHSA-2023:0820", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:0820" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:0821", "reference_id": "RHSA-2023:0821", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:0821" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:0822", "reference_id": "RHSA-2023:0822", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:0822" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:0823", "reference_id": "RHSA-2023:0823", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:0823" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:0824", "reference_id": "RHSA-2023:0824", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:0824" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1794622", "reference_id": "show_bug.cgi?id=1794622", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-10T17:32:33Z/" } ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1794622" }, { "reference_url": "https://usn.ubuntu.com/5880-1/", "reference_id": "USN-5880-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5880-1/" }, { "reference_url": "https://usn.ubuntu.com/5943-1/", "reference_id": "USN-5943-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5943-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/73547?format=api", "purl": "pkg:ebuild/mail-client/thunderbird-bin@102.10.0", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/mail-client/thunderbird-bin@102.10.0" } ], "aliases": [ "CVE-2023-25730" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-m26q-fgjn-yugu" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/33957?format=api", "vulnerability_id": "VCID-mc6m-8uzs-pkgu", "summary": "Multiple vulnerabilities have been discovered in Mozilla Thunderbird, the worst of which could result in arbitrary code execution.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-25744.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-25744.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2023-25744", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00145", "scoring_system": "epss", "scoring_elements": "0.34846", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00145", "scoring_system": "epss", "scoring_elements": "0.34929", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00145", "scoring_system": "epss", "scoring_elements": "0.34893", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00145", "scoring_system": "epss", "scoring_elements": "0.3487", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00145", "scoring_system": "epss", "scoring_elements": "0.34908", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00145", "scoring_system": "epss", "scoring_elements": "0.34891", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00145", "scoring_system": "epss", "scoring_elements": "0.34945", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00145", "scoring_system": "epss", "scoring_elements": "0.34971", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00145", "scoring_system": "epss", "scoring_elements": "0.34852", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00145", "scoring_system": "epss", "scoring_elements": "0.34897", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00145", "scoring_system": "epss", "scoring_elements": "0.34925", "published_at": "2026-04-09T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2023-25744" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-46871", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-46871" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-46877", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-46877" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0430", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0430" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0616", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0616" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0767", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0767" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-23598", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-23598" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-23601", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-23601" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-23602", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-23602" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-23603", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-23603" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-23605", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-23605" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25728", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25728" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25729", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25729" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25730", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25730" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25732", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25732" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25735", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25735" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25737", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25737" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25739", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25739" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25742", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25742" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25744", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25744" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25746", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25746" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2170391", "reference_id": "2170391", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2170391" }, { "reference_url": "https://bugzilla.mozilla.org/buglist.cgi?bug_id=1789449%2C1803628%2C1810536", "reference_id": "buglist.cgi?bug_id=1789449%2C1803628%2C1810536", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-01-09T16:10:45Z/" } ], "url": "https://bugzilla.mozilla.org/buglist.cgi?bug_id=1789449%2C1803628%2C1810536" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-05", "reference_id": "mfsa2023-05", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-05" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2023-05/", "reference_id": "mfsa2023-05", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-01-09T16:10:45Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2023-05/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-06", "reference_id": "mfsa2023-06", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-06" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2023-06/", "reference_id": "mfsa2023-06", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-01-09T16:10:45Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2023-06/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:0805", "reference_id": "RHSA-2023:0805", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:0805" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:0806", "reference_id": "RHSA-2023:0806", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:0806" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:0807", "reference_id": "RHSA-2023:0807", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:0807" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:0808", "reference_id": "RHSA-2023:0808", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:0808" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:0809", "reference_id": "RHSA-2023:0809", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:0809" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:0810", "reference_id": "RHSA-2023:0810", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:0810" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:0811", "reference_id": "RHSA-2023:0811", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:0811" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:0812", "reference_id": "RHSA-2023:0812", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:0812" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:0817", "reference_id": "RHSA-2023:0817", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:0817" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:0818", "reference_id": "RHSA-2023:0818", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:0818" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:0819", "reference_id": "RHSA-2023:0819", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:0819" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:0820", "reference_id": "RHSA-2023:0820", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:0820" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:0821", "reference_id": "RHSA-2023:0821", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:0821" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:0822", "reference_id": "RHSA-2023:0822", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:0822" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:0823", "reference_id": "RHSA-2023:0823", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:0823" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:0824", "reference_id": "RHSA-2023:0824", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:0824" }, { "reference_url": "https://usn.ubuntu.com/5880-1/", "reference_id": "USN-5880-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5880-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/73547?format=api", "purl": "pkg:ebuild/mail-client/thunderbird-bin@102.10.0", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/mail-client/thunderbird-bin@102.10.0" } ], "aliases": [ "CVE-2023-25744" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-mc6m-8uzs-pkgu" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/33966?format=api", "vulnerability_id": "VCID-mp4n-ez8p-63ek", "summary": "Multiple vulnerabilities have been discovered in Mozilla Thunderbird, the worst of which could result in arbitrary code execution.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-28163.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-28163.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2023-28163", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00246", "scoring_system": "epss", "scoring_elements": "0.47933", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00246", "scoring_system": "epss", "scoring_elements": "0.47978", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00246", "scoring_system": "epss", "scoring_elements": "0.47901", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00246", "scoring_system": "epss", "scoring_elements": "0.47984", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00246", "scoring_system": "epss", "scoring_elements": "0.47929", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00246", "scoring_system": "epss", "scoring_elements": "0.4792", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00246", "scoring_system": "epss", "scoring_elements": "0.47942", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00246", "scoring_system": "epss", "scoring_elements": "0.47918", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00246", "scoring_system": "epss", "scoring_elements": "0.47923", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00246", "scoring_system": "epss", "scoring_elements": "0.47871", "published_at": "2026-04-07T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2023-28163" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2178468", "reference_id": "2178468", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2178468" }, { "reference_url": "https://security.gentoo.org/glsa/202305-35", "reference_id": "GLSA-202305-35", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202305-35" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-09", "reference_id": "mfsa2023-09", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-09" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2023-09/", "reference_id": "mfsa2023-09", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-09T15:17:13Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2023-09/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-10", "reference_id": "mfsa2023-10", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-10" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2023-10/", "reference_id": "mfsa2023-10", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-09T15:17:13Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2023-10/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-11", "reference_id": "mfsa2023-11", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-11" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2023-11/", "reference_id": "mfsa2023-11", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-09T15:17:13Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2023-11/" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1817768", "reference_id": "show_bug.cgi?id=1817768", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-09T15:17:13Z/" } ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1817768" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/73547?format=api", "purl": "pkg:ebuild/mail-client/thunderbird-bin@102.10.0", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/mail-client/thunderbird-bin@102.10.0" } ], "aliases": [ "CVE-2023-28163" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-mp4n-ez8p-63ek" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/33952?format=api", "vulnerability_id": "VCID-mvg3-6cbk-xyb6", "summary": "Multiple vulnerabilities have been discovered in Mozilla Thunderbird, the worst of which could result in arbitrary code execution.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-25740.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-25740.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2023-25740", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00247", "scoring_system": "epss", "scoring_elements": "0.47943", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00247", "scoring_system": "epss", "scoring_elements": "0.47976", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00247", "scoring_system": "epss", "scoring_elements": "0.47984", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00247", "scoring_system": "epss", "scoring_elements": "0.47961", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00247", "scoring_system": "epss", "scoring_elements": "0.47972", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00247", "scoring_system": "epss", "scoring_elements": "0.48025", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00247", "scoring_system": "epss", "scoring_elements": "0.4802", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00247", "scoring_system": "epss", "scoring_elements": "0.47964", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00247", "scoring_system": "epss", "scoring_elements": "0.47913", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00247", "scoring_system": "epss", "scoring_elements": "0.47965", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00247", "scoring_system": "epss", "scoring_elements": "0.4796", "published_at": "2026-04-09T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2023-25740" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2170385", "reference_id": "2170385", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2170385" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-05", "reference_id": "mfsa2023-05", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-05" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2023-05/", "reference_id": "mfsa2023-05", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2025-01-09T20:02:01Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2023-05/" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1812354", "reference_id": "show_bug.cgi?id=1812354", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2025-01-09T20:02:01Z/" } ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1812354" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/73547?format=api", "purl": "pkg:ebuild/mail-client/thunderbird-bin@102.10.0", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/mail-client/thunderbird-bin@102.10.0" } ], "aliases": [ "CVE-2023-25740" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-mvg3-6cbk-xyb6" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/33936?format=api", "vulnerability_id": "VCID-q17c-5xdn-uqcf", "summary": "Multiple vulnerabilities have been discovered in Mozilla Thunderbird, the worst of which could result in arbitrary code execution.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-0616.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-0616.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2023-0616", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00111", "scoring_system": "epss", "scoring_elements": "0.29683", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00111", "scoring_system": "epss", "scoring_elements": "0.29508", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00111", "scoring_system": "epss", "scoring_elements": "0.29653", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00111", "scoring_system": "epss", "scoring_elements": "0.29656", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00111", "scoring_system": "epss", "scoring_elements": "0.29611", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00111", "scoring_system": "epss", "scoring_elements": "0.2956", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00111", "scoring_system": "epss", "scoring_elements": "0.29579", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00111", "scoring_system": "epss", "scoring_elements": "0.29733", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00111", "scoring_system": "epss", "scoring_elements": "0.29553", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00111", "scoring_system": "epss", "scoring_elements": "0.29616", "published_at": "2026-04-08T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2023-0616" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-46871", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-46871" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-46877", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-46877" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0430", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0430" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0616", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0616" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0767", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0767" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-23598", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-23598" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-23601", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-23601" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-23602", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-23602" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-23603", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-23603" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-23605", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-23605" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25728", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25728" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25729", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25729" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25730", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25730" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25732", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25732" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25735", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25735" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25737", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25737" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25739", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25739" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25742", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25742" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25744", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25744" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25746", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25746" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2171397", "reference_id": "2171397", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2171397" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-07", "reference_id": "mfsa2023-07", "reference_type": "", "scores": [ { "value": "low", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-07" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2023-07/", "reference_id": "mfsa2023-07", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-10T18:18:39Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2023-07/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:0817", "reference_id": "RHSA-2023:0817", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:0817" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:0818", "reference_id": "RHSA-2023:0818", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:0818" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:0819", "reference_id": "RHSA-2023:0819", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:0819" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:0820", "reference_id": "RHSA-2023:0820", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:0820" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:0821", "reference_id": "RHSA-2023:0821", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:0821" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:0822", "reference_id": "RHSA-2023:0822", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:0822" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:0823", "reference_id": "RHSA-2023:0823", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:0823" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:0824", "reference_id": "RHSA-2023:0824", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:0824" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1806507", "reference_id": "show_bug.cgi?id=1806507", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-10T18:18:39Z/" } ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1806507" }, { "reference_url": "https://usn.ubuntu.com/5943-1/", "reference_id": "USN-5943-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5943-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/73547?format=api", "purl": "pkg:ebuild/mail-client/thunderbird-bin@102.10.0", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/mail-client/thunderbird-bin@102.10.0" } ], "aliases": [ "CVE-2023-0616" ], "risk_score": 3.0, "exploitability": "0.5", "weighted_severity": "5.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-q17c-5xdn-uqcf" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/33955?format=api", "vulnerability_id": "VCID-s3kc-mhdz-nkeh", "summary": "Multiple vulnerabilities have been discovered in Mozilla Thunderbird, the worst of which could result in arbitrary code execution.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-25743.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-25743.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2023-25743", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00084", "scoring_system": "epss", "scoring_elements": "0.2464", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00084", "scoring_system": "epss", "scoring_elements": "0.24463", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00084", "scoring_system": "epss", "scoring_elements": "0.24534", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00084", "scoring_system": "epss", "scoring_elements": "0.2448", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00084", "scoring_system": "epss", "scoring_elements": "0.24494", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00084", "scoring_system": "epss", "scoring_elements": "0.24488", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00084", "scoring_system": "epss", "scoring_elements": "0.24677", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00084", "scoring_system": "epss", "scoring_elements": "0.2445", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00084", "scoring_system": "epss", "scoring_elements": "0.24518", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00084", "scoring_system": "epss", "scoring_elements": "0.24562", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00084", "scoring_system": "epss", "scoring_elements": "0.24578", "published_at": "2026-04-11T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2023-25743" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2170376", "reference_id": "2170376", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2170376" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-05", "reference_id": "mfsa2023-05", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-05" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2023-05/", "reference_id": "mfsa2023-05", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-01-09T16:12:53Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2023-05/" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2023-06/", "reference_id": "mfsa2023-06", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-01-09T16:12:53Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2023-06/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:0805", "reference_id": "RHSA-2023:0805", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:0805" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:0806", "reference_id": "RHSA-2023:0806", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:0806" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:0807", "reference_id": "RHSA-2023:0807", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:0807" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:0808", "reference_id": "RHSA-2023:0808", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:0808" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:0809", "reference_id": "RHSA-2023:0809", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:0809" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:0810", "reference_id": "RHSA-2023:0810", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:0810" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:0811", "reference_id": "RHSA-2023:0811", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:0811" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:0812", "reference_id": "RHSA-2023:0812", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:0812" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:0817", "reference_id": "RHSA-2023:0817", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:0817" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:0818", "reference_id": "RHSA-2023:0818", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:0818" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:0819", "reference_id": "RHSA-2023:0819", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:0819" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:0820", "reference_id": "RHSA-2023:0820", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:0820" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:0821", "reference_id": "RHSA-2023:0821", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:0821" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:0822", "reference_id": "RHSA-2023:0822", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:0822" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:0823", "reference_id": "RHSA-2023:0823", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:0823" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:0824", "reference_id": "RHSA-2023:0824", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:0824" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1800203", "reference_id": "show_bug.cgi?id=1800203", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-01-09T16:12:53Z/" } ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1800203" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/73547?format=api", "purl": "pkg:ebuild/mail-client/thunderbird-bin@102.10.0", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/mail-client/thunderbird-bin@102.10.0" } ], "aliases": [ "CVE-2023-25743" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-s3kc-mhdz-nkeh" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/33948?format=api", "vulnerability_id": "VCID-tce3-s87t-2qh8", "summary": "Multiple vulnerabilities have been discovered in Mozilla Thunderbird, the worst of which could result in arbitrary code execution.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-25737.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-25737.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2023-25737", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00172", "scoring_system": "epss", "scoring_elements": "0.3839", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00172", "scoring_system": "epss", "scoring_elements": "0.38454", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00172", "scoring_system": "epss", "scoring_elements": "0.38529", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00172", "scoring_system": "epss", "scoring_elements": "0.38427", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00172", "scoring_system": "epss", "scoring_elements": "0.38452", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00172", "scoring_system": "epss", "scoring_elements": "0.3849", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00172", "scoring_system": "epss", "scoring_elements": "0.38474", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00172", "scoring_system": "epss", "scoring_elements": "0.38467", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00172", "scoring_system": "epss", "scoring_elements": "0.38554", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00172", "scoring_system": "epss", "scoring_elements": "0.38417", "published_at": "2026-04-07T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2023-25737" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-46871", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-46871" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-46877", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-46877" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0430", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0430" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0616", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0616" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0767", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0767" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-23598", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-23598" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-23601", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-23601" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-23602", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-23602" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-23603", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-23603" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-23605", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-23605" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25728", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25728" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25729", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25729" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25730", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25730" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25732", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25732" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25735", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25735" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25737", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25737" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25739", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25739" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25742", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25742" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25744", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25744" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25746", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25746" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2170379", "reference_id": "2170379", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2170379" }, { "reference_url": "https://security.gentoo.org/glsa/202305-35", "reference_id": "GLSA-202305-35", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202305-35" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-05", "reference_id": "mfsa2023-05", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-05" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2023-05/", "reference_id": "mfsa2023-05", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2025-01-09T20:10:49Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2023-05/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-06", "reference_id": "mfsa2023-06", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-06" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2023-06/", "reference_id": "mfsa2023-06", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2025-01-09T20:10:49Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2023-06/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-07", "reference_id": "mfsa2023-07", "reference_type": "", "scores": [ { "value": "low", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-07" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2023-07/", "reference_id": "mfsa2023-07", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2025-01-09T20:10:49Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2023-07/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:0805", "reference_id": "RHSA-2023:0805", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:0805" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:0806", "reference_id": "RHSA-2023:0806", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:0806" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:0807", "reference_id": "RHSA-2023:0807", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:0807" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:0808", "reference_id": "RHSA-2023:0808", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:0808" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:0809", "reference_id": "RHSA-2023:0809", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:0809" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:0810", "reference_id": "RHSA-2023:0810", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:0810" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:0811", "reference_id": "RHSA-2023:0811", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:0811" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:0812", "reference_id": "RHSA-2023:0812", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:0812" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:0817", "reference_id": "RHSA-2023:0817", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:0817" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:0818", "reference_id": "RHSA-2023:0818", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:0818" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:0819", "reference_id": "RHSA-2023:0819", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:0819" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:0820", "reference_id": "RHSA-2023:0820", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:0820" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:0821", "reference_id": "RHSA-2023:0821", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:0821" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:0822", "reference_id": "RHSA-2023:0822", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:0822" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:0823", "reference_id": "RHSA-2023:0823", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:0823" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:0824", "reference_id": "RHSA-2023:0824", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:0824" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1811464", "reference_id": "show_bug.cgi?id=1811464", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2025-01-09T20:10:49Z/" } ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1811464" }, { "reference_url": "https://usn.ubuntu.com/5880-1/", "reference_id": "USN-5880-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5880-1/" }, { "reference_url": "https://usn.ubuntu.com/5943-1/", "reference_id": "USN-5943-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5943-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/73547?format=api", "purl": "pkg:ebuild/mail-client/thunderbird-bin@102.10.0", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/mail-client/thunderbird-bin@102.10.0" } ], "aliases": [ "CVE-2023-25737" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-tce3-s87t-2qh8" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/33945?format=api", "vulnerability_id": "VCID-u5n5-6h82-tqhw", "summary": "Multiple vulnerabilities have been discovered in Mozilla Thunderbird, the worst of which could result in arbitrary code execution.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-25734.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-25734.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2023-25734", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00179", "scoring_system": "epss", "scoring_elements": "0.39428", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00179", "scoring_system": "epss", "scoring_elements": "0.39513", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00179", "scoring_system": "epss", "scoring_elements": "0.39526", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00179", "scoring_system": "epss", "scoring_elements": "0.39541", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00179", "scoring_system": "epss", "scoring_elements": "0.39491", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00179", "scoring_system": "epss", "scoring_elements": "0.39508", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00179", "scoring_system": "epss", "scoring_elements": "0.39546", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00179", "scoring_system": "epss", "scoring_elements": "0.39535", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00179", "scoring_system": "epss", "scoring_elements": "0.39519", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00179", "scoring_system": "epss", "scoring_elements": "0.39465", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00179", "scoring_system": "epss", "scoring_elements": "0.39549", "published_at": "2026-04-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2023-25734" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2170384", "reference_id": "2170384", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2170384" }, { "reference_url": "https://security.gentoo.org/glsa/202305-35", "reference_id": "GLSA-202305-35", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202305-35" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-05", "reference_id": "mfsa2023-05", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-05" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2023-05/", "reference_id": "mfsa2023-05", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2025-01-09T20:59:56Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2023-05/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-06", "reference_id": "mfsa2023-06", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-06" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2023-06/", "reference_id": "mfsa2023-06", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2025-01-09T20:59:56Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2023-06/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-07", "reference_id": "mfsa2023-07", "reference_type": "", "scores": [ { "value": "low", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-07" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2023-07/", "reference_id": "mfsa2023-07", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2025-01-09T20:59:56Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2023-07/" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1784451", "reference_id": "show_bug.cgi?id=1784451", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2025-01-09T20:59:56Z/" } ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1784451" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1809923", "reference_id": "show_bug.cgi?id=1809923", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2025-01-09T20:59:56Z/" } ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1809923" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1810143", "reference_id": "show_bug.cgi?id=1810143", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2025-01-09T20:59:56Z/" } ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1810143" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1812338", "reference_id": "show_bug.cgi?id=1812338", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2025-01-09T20:59:56Z/" } ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1812338" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/73547?format=api", "purl": "pkg:ebuild/mail-client/thunderbird-bin@102.10.0", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/mail-client/thunderbird-bin@102.10.0" } ], "aliases": [ "CVE-2023-25734" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-u5n5-6h82-tqhw" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/33964?format=api", "vulnerability_id": "VCID-w1cg-up6a-7ycg", "summary": "Multiple vulnerabilities have been discovered in Mozilla Thunderbird, the worst of which could result in arbitrary code execution.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-28162.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-28162.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2023-28162", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00131", "scoring_system": "epss", "scoring_elements": "0.32625", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00131", "scoring_system": "epss", "scoring_elements": "0.32654", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00131", "scoring_system": "epss", "scoring_elements": "0.32773", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00131", "scoring_system": "epss", "scoring_elements": "0.32678", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00131", "scoring_system": "epss", "scoring_elements": "0.3264", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00131", "scoring_system": "epss", "scoring_elements": "0.32667", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00131", "scoring_system": "epss", "scoring_elements": "0.32705", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00131", "scoring_system": "epss", "scoring_elements": "0.32703", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00131", "scoring_system": "epss", "scoring_elements": "0.32677", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00131", "scoring_system": "epss", "scoring_elements": "0.32809", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00131", "scoring_system": "epss", "scoring_elements": "0.3263", "published_at": "2026-04-07T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2023-28162" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25751", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25751" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25752", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25752" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-28162", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-28162" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-28164", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-28164" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-28176", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-28176" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2178466", "reference_id": "2178466", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2178466" }, { "reference_url": "https://security.gentoo.org/glsa/202305-35", "reference_id": "GLSA-202305-35", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202305-35" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-09", "reference_id": "mfsa2023-09", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-09" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2023-09/", "reference_id": "mfsa2023-09", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2025-01-09T15:25:38Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2023-09/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-10", "reference_id": "mfsa2023-10", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-10" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2023-10/", "reference_id": "mfsa2023-10", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2025-01-09T15:25:38Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2023-10/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-11", "reference_id": "mfsa2023-11", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-11" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2023-11/", "reference_id": "mfsa2023-11", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2025-01-09T15:25:38Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2023-11/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1333", "reference_id": "RHSA-2023:1333", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1333" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1336", "reference_id": "RHSA-2023:1336", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1336" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1337", "reference_id": "RHSA-2023:1337", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1337" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1364", "reference_id": "RHSA-2023:1364", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1364" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1367", "reference_id": "RHSA-2023:1367", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1367" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1401", "reference_id": "RHSA-2023:1401", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1401" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1402", "reference_id": "RHSA-2023:1402", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1402" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1403", "reference_id": "RHSA-2023:1403", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1403" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1404", "reference_id": "RHSA-2023:1404", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1404" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1407", "reference_id": "RHSA-2023:1407", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1407" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1442", "reference_id": "RHSA-2023:1442", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1442" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1443", "reference_id": "RHSA-2023:1443", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1443" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1444", "reference_id": "RHSA-2023:1444", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1444" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1445", "reference_id": "RHSA-2023:1445", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1445" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1472", "reference_id": "RHSA-2023:1472", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1472" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1479", "reference_id": "RHSA-2023:1479", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1479" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1811327", "reference_id": "show_bug.cgi?id=1811327", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2025-01-09T15:25:38Z/" } ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1811327" }, { "reference_url": "https://usn.ubuntu.com/5954-1/", "reference_id": "USN-5954-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5954-1/" }, { "reference_url": "https://usn.ubuntu.com/5972-1/", "reference_id": "USN-5972-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5972-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/73547?format=api", "purl": "pkg:ebuild/mail-client/thunderbird-bin@102.10.0", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/mail-client/thunderbird-bin@102.10.0" } ], "aliases": [ "CVE-2023-28162" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-w1cg-up6a-7ycg" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/33950?format=api", "vulnerability_id": "VCID-w2xw-eupp-cqgf", "summary": "Multiple vulnerabilities have been discovered in Mozilla Thunderbird, the worst of which could result in arbitrary code execution.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-25739.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-25739.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2023-25739", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00208", "scoring_system": "epss", "scoring_elements": "0.43146", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00208", "scoring_system": "epss", "scoring_elements": "0.43212", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00208", "scoring_system": "epss", "scoring_elements": "0.43159", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00208", "scoring_system": "epss", "scoring_elements": "0.43222", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00208", "scoring_system": "epss", "scoring_elements": "0.43163", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00208", "scoring_system": "epss", "scoring_elements": "0.43178", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00208", "scoring_system": "epss", "scoring_elements": "0.43211", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00208", "scoring_system": "epss", "scoring_elements": "0.4319", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00208", "scoring_system": "epss", "scoring_elements": "0.43177", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00208", "scoring_system": "epss", "scoring_elements": "0.43187", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00208", "scoring_system": "epss", "scoring_elements": "0.43125", "published_at": "2026-04-07T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2023-25739" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-46871", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-46871" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-46877", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-46877" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0430", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0430" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0616", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0616" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0767", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0767" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-23598", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-23598" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-23601", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-23601" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-23602", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-23602" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-23603", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-23603" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-23605", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-23605" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25728", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25728" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25729", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25729" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25730", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25730" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25732", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25732" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25735", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25735" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25737", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25737" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25739", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25739" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25742", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25742" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25744", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25744" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25746", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25746" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2170381", "reference_id": "2170381", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2170381" }, { "reference_url": "https://security.gentoo.org/glsa/202305-35", "reference_id": "GLSA-202305-35", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202305-35" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-05", "reference_id": "mfsa2023-05", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-05" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2023-05/", "reference_id": "mfsa2023-05", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2025-01-09T20:05:46Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2023-05/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-06", "reference_id": "mfsa2023-06", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-06" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2023-06/", "reference_id": "mfsa2023-06", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2025-01-09T20:05:46Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2023-06/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-07", "reference_id": "mfsa2023-07", "reference_type": "", "scores": [ { "value": "low", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-07" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2023-07/", "reference_id": "mfsa2023-07", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2025-01-09T20:05:46Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2023-07/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:0805", "reference_id": "RHSA-2023:0805", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:0805" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:0806", "reference_id": "RHSA-2023:0806", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:0806" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:0807", "reference_id": "RHSA-2023:0807", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:0807" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:0808", "reference_id": "RHSA-2023:0808", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:0808" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:0809", "reference_id": "RHSA-2023:0809", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:0809" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:0810", "reference_id": "RHSA-2023:0810", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:0810" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:0811", "reference_id": "RHSA-2023:0811", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:0811" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:0812", "reference_id": "RHSA-2023:0812", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:0812" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:0817", "reference_id": "RHSA-2023:0817", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:0817" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:0818", "reference_id": "RHSA-2023:0818", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:0818" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:0819", "reference_id": "RHSA-2023:0819", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:0819" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:0820", "reference_id": "RHSA-2023:0820", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:0820" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:0821", "reference_id": "RHSA-2023:0821", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:0821" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:0822", "reference_id": "RHSA-2023:0822", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:0822" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:0823", "reference_id": "RHSA-2023:0823", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:0823" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:0824", "reference_id": "RHSA-2023:0824", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:0824" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1811939", "reference_id": "show_bug.cgi?id=1811939", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2025-01-09T20:05:46Z/" } ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1811939" }, { "reference_url": "https://usn.ubuntu.com/5880-1/", "reference_id": "USN-5880-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5880-1/" }, { "reference_url": "https://usn.ubuntu.com/5943-1/", "reference_id": "USN-5943-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5943-1/" }, { "reference_url": "https://usn.ubuntu.com/6120-1/", "reference_id": "USN-6120-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6120-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/73547?format=api", "purl": "pkg:ebuild/mail-client/thunderbird-bin@102.10.0", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/mail-client/thunderbird-bin@102.10.0" } ], "aliases": [ "CVE-2023-25739" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-w2xw-eupp-cqgf" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/33970?format=api", "vulnerability_id": "VCID-w814-2cmz-ruhz", "summary": "Multiple vulnerabilities have been discovered in Mozilla Thunderbird, the worst of which could result in arbitrary code execution.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-29535.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-29535.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2023-29535", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0033", "scoring_system": "epss", "scoring_elements": "0.56006", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.0033", "scoring_system": "epss", "scoring_elements": "0.56009", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.0033", "scoring_system": "epss", "scoring_elements": "0.56019", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.0035", "scoring_system": "epss", "scoring_elements": "0.575", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.0035", "scoring_system": "epss", "scoring_elements": "0.57525", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.0035", "scoring_system": "epss", "scoring_elements": "0.57497", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.0035", "scoring_system": "epss", "scoring_elements": "0.57517", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.0035", "scoring_system": "epss", "scoring_elements": "0.5752", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00419", "scoring_system": "epss", "scoring_elements": "0.61885", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00419", "scoring_system": "epss", "scoring_elements": "0.61855", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00419", "scoring_system": "epss", "scoring_elements": "0.61857", "published_at": "2026-04-07T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2023-29535" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0547", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0547" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1945", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1945" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1999", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1999" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-28427", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-28427" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29479", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29479" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29533", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29533" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29535", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29535" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29536", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29536" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29539", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29539" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29541", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29541" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29548", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29548" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29550", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29550" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2186103", "reference_id": "2186103", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2186103" }, { "reference_url": "https://security.gentoo.org/glsa/202305-35", "reference_id": "GLSA-202305-35", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202305-35" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-13", "reference_id": "mfsa2023-13", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-13" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2023-13/", "reference_id": "mfsa2023-13", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-09T15:51:21Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2023-13/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-14", "reference_id": "mfsa2023-14", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-14" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2023-14/", "reference_id": "mfsa2023-14", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-09T15:51:21Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2023-14/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-15", "reference_id": "mfsa2023-15", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-15" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2023-15/", "reference_id": "mfsa2023-15", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-09T15:51:21Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2023-15/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1785", "reference_id": "RHSA-2023:1785", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1785" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1786", "reference_id": "RHSA-2023:1786", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1786" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1787", "reference_id": "RHSA-2023:1787", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1787" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1788", "reference_id": "RHSA-2023:1788", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1788" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1789", "reference_id": "RHSA-2023:1789", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1789" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1790", "reference_id": "RHSA-2023:1790", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1790" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1791", "reference_id": "RHSA-2023:1791", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1791" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1792", "reference_id": "RHSA-2023:1792", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1792" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1802", "reference_id": "RHSA-2023:1802", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1802" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1803", "reference_id": "RHSA-2023:1803", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1803" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1804", "reference_id": "RHSA-2023:1804", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1804" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1805", "reference_id": "RHSA-2023:1805", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1805" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1806", "reference_id": "RHSA-2023:1806", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1806" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1809", "reference_id": "RHSA-2023:1809", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1809" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1810", "reference_id": "RHSA-2023:1810", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1810" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1811", "reference_id": "RHSA-2023:1811", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1811" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1820543", "reference_id": "show_bug.cgi?id=1820543", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-09T15:51:21Z/" } ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1820543" }, { "reference_url": "https://usn.ubuntu.com/6010-1/", "reference_id": "USN-6010-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6010-1/" }, { "reference_url": "https://usn.ubuntu.com/6015-1/", "reference_id": "USN-6015-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6015-1/" }, { "reference_url": "https://usn.ubuntu.com/6120-1/", "reference_id": "USN-6120-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6120-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/73547?format=api", "purl": "pkg:ebuild/mail-client/thunderbird-bin@102.10.0", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/mail-client/thunderbird-bin@102.10.0" } ], "aliases": [ "CVE-2023-29535" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-w814-2cmz-ruhz" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/33963?format=api", "vulnerability_id": "VCID-wcfk-t1kd-2kgv", "summary": "Multiple vulnerabilities have been discovered in Mozilla Thunderbird, the worst of which could result in arbitrary code execution.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-25752.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-25752.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2023-25752", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00104", "scoring_system": "epss", "scoring_elements": "0.28338", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00104", "scoring_system": "epss", "scoring_elements": "0.28444", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00104", "scoring_system": "epss", "scoring_elements": "0.28485", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00104", "scoring_system": "epss", "scoring_elements": "0.28489", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00104", "scoring_system": "epss", "scoring_elements": "0.28446", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00104", "scoring_system": "epss", "scoring_elements": "0.28397", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00104", "scoring_system": "epss", "scoring_elements": "0.28413", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00104", "scoring_system": "epss", "scoring_elements": "0.2839", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00104", "scoring_system": "epss", "scoring_elements": "0.28533", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00104", "scoring_system": "epss", "scoring_elements": "0.28576", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00104", "scoring_system": "epss", "scoring_elements": "0.28378", "published_at": "2026-04-07T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2023-25752" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25751", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25751" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25752", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25752" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-28162", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-28162" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-28164", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-28164" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-28176", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-28176" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2178460", "reference_id": "2178460", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2178460" }, { "reference_url": "https://security.gentoo.org/glsa/202305-35", "reference_id": "GLSA-202305-35", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202305-35" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-09", "reference_id": "mfsa2023-09", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-09" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2023-09/", "reference_id": "mfsa2023-09", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-09T16:07:23Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2023-09/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-10", "reference_id": "mfsa2023-10", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-10" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2023-10/", "reference_id": "mfsa2023-10", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-09T16:07:23Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2023-10/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-11", "reference_id": "mfsa2023-11", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-11" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2023-11/", "reference_id": "mfsa2023-11", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-09T16:07:23Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2023-11/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1333", "reference_id": "RHSA-2023:1333", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1333" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1336", "reference_id": "RHSA-2023:1336", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1336" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1337", "reference_id": "RHSA-2023:1337", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1337" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1364", "reference_id": "RHSA-2023:1364", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1364" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1367", "reference_id": "RHSA-2023:1367", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1367" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1401", "reference_id": "RHSA-2023:1401", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1401" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1402", "reference_id": "RHSA-2023:1402", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1402" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1403", "reference_id": "RHSA-2023:1403", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1403" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1404", "reference_id": "RHSA-2023:1404", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1404" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1407", "reference_id": "RHSA-2023:1407", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1407" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1442", "reference_id": "RHSA-2023:1442", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1442" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1443", "reference_id": "RHSA-2023:1443", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1443" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1444", "reference_id": "RHSA-2023:1444", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1444" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1445", "reference_id": "RHSA-2023:1445", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1445" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1472", "reference_id": "RHSA-2023:1472", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1472" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1479", "reference_id": "RHSA-2023:1479", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1479" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1811627", "reference_id": "show_bug.cgi?id=1811627", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-09T16:07:23Z/" } ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1811627" }, { "reference_url": "https://usn.ubuntu.com/5954-1/", "reference_id": "USN-5954-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5954-1/" }, { "reference_url": "https://usn.ubuntu.com/5972-1/", "reference_id": "USN-5972-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5972-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/73547?format=api", "purl": "pkg:ebuild/mail-client/thunderbird-bin@102.10.0", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/mail-client/thunderbird-bin@102.10.0" } ], "aliases": [ "CVE-2023-25752" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-wcfk-t1kd-2kgv" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/33969?format=api", "vulnerability_id": "VCID-yhj1-h62u-mud5", "summary": "Multiple vulnerabilities have been discovered in Mozilla Thunderbird, the worst of which could result in arbitrary code execution.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-29533.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-29533.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2023-29533", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00138", "scoring_system": "epss", "scoring_elements": "0.33974", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00138", "scoring_system": "epss", "scoring_elements": "0.34088", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00138", "scoring_system": "epss", "scoring_elements": "0.33946", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00138", "scoring_system": "epss", "scoring_elements": "0.34058", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00138", "scoring_system": "epss", "scoring_elements": "0.33987", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00138", "scoring_system": "epss", "scoring_elements": "0.33952", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00138", "scoring_system": "epss", "scoring_elements": "0.33976", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00138", "scoring_system": "epss", "scoring_elements": "0.34019", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00138", "scoring_system": "epss", "scoring_elements": "0.33988", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00144", "scoring_system": "epss", "scoring_elements": "0.34698", "published_at": "2026-04-21T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2023-29533" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0547", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0547" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1945", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1945" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1999", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1999" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-28427", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-28427" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29479", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29479" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29533", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29533" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29535", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29535" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29536", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29536" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29539", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29539" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29541", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29541" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29548", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29548" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29550", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29550" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2186101", "reference_id": "2186101", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2186101" }, { "reference_url": "https://security.gentoo.org/glsa/202305-35", "reference_id": "GLSA-202305-35", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202305-35" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-13", "reference_id": "mfsa2023-13", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-13" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2023-13/", "reference_id": "mfsa2023-13", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-09T15:57:06Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2023-13/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-14", "reference_id": "mfsa2023-14", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-14" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2023-14/", "reference_id": "mfsa2023-14", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-09T15:57:06Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2023-14/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-15", "reference_id": "mfsa2023-15", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-15" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2023-15/", "reference_id": "mfsa2023-15", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-09T15:57:06Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2023-15/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1785", "reference_id": "RHSA-2023:1785", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1785" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1786", "reference_id": "RHSA-2023:1786", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1786" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1787", "reference_id": "RHSA-2023:1787", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1787" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1788", "reference_id": "RHSA-2023:1788", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1788" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1789", "reference_id": "RHSA-2023:1789", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1789" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1790", "reference_id": "RHSA-2023:1790", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1790" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1791", "reference_id": "RHSA-2023:1791", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1791" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1792", "reference_id": "RHSA-2023:1792", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1792" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1802", "reference_id": "RHSA-2023:1802", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1802" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1803", "reference_id": "RHSA-2023:1803", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1803" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1804", "reference_id": "RHSA-2023:1804", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1804" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1805", "reference_id": "RHSA-2023:1805", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1805" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1806", "reference_id": "RHSA-2023:1806", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1806" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1809", "reference_id": "RHSA-2023:1809", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1809" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1810", "reference_id": "RHSA-2023:1810", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1810" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1811", "reference_id": "RHSA-2023:1811", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1811" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1798219", "reference_id": "show_bug.cgi?id=1798219", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-09T15:57:06Z/" } ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1798219" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1814597", "reference_id": "show_bug.cgi?id=1814597", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-09T15:57:06Z/" } ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1814597" }, { "reference_url": "https://usn.ubuntu.com/6010-1/", "reference_id": "USN-6010-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6010-1/" }, { "reference_url": "https://usn.ubuntu.com/6015-1/", "reference_id": "USN-6015-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6015-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/73547?format=api", "purl": "pkg:ebuild/mail-client/thunderbird-bin@102.10.0", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/mail-client/thunderbird-bin@102.10.0" } ], "aliases": [ "CVE-2023-29533" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-yhj1-h62u-mud5" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/33971?format=api", "vulnerability_id": "VCID-yjyu-u73t-u7bh", "summary": "Multiple vulnerabilities have been discovered in Mozilla Thunderbird, the worst of which could result in arbitrary code execution.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-29536.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-29536.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2023-29536", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0019", "scoring_system": "epss", "scoring_elements": "0.40866", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.0019", "scoring_system": "epss", "scoring_elements": "0.40896", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.0019", "scoring_system": "epss", "scoring_elements": "0.4088", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.0019", "scoring_system": "epss", "scoring_elements": "0.40853", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.0019", "scoring_system": "epss", "scoring_elements": "0.40872", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.0019", "scoring_system": "epss", "scoring_elements": "0.40907", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.0019", "scoring_system": "epss", "scoring_elements": "0.40891", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.0019", "scoring_system": "epss", "scoring_elements": "0.40908", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.0019", "scoring_system": "epss", "scoring_elements": "0.40884", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.0019", "scoring_system": "epss", "scoring_elements": "0.40835", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00198", "scoring_system": "epss", "scoring_elements": "0.41763", "published_at": "2026-04-21T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2023-29536" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0547", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0547" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1945", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1945" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1999", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1999" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-28427", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-28427" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29479", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29479" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29533", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29533" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29535", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29535" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29536", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29536" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29539", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29539" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29541", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29541" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29548", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29548" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29550", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29550" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2186104", "reference_id": "2186104", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2186104" }, { "reference_url": "https://security.gentoo.org/glsa/202305-35", "reference_id": "GLSA-202305-35", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202305-35" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-13", "reference_id": "mfsa2023-13", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-13" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2023-13/", "reference_id": "mfsa2023-13", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-01-09T15:50:03Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2023-13/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-14", "reference_id": "mfsa2023-14", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-14" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2023-14/", "reference_id": "mfsa2023-14", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-01-09T15:50:03Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2023-14/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-15", "reference_id": "mfsa2023-15", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-15" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2023-15/", "reference_id": "mfsa2023-15", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-01-09T15:50:03Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2023-15/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1785", "reference_id": "RHSA-2023:1785", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1785" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1786", "reference_id": "RHSA-2023:1786", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1786" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1787", "reference_id": "RHSA-2023:1787", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1787" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1788", "reference_id": "RHSA-2023:1788", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1788" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1789", "reference_id": "RHSA-2023:1789", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1789" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1790", "reference_id": "RHSA-2023:1790", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1790" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1791", "reference_id": "RHSA-2023:1791", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1791" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1792", "reference_id": "RHSA-2023:1792", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1792" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1802", "reference_id": "RHSA-2023:1802", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1802" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1803", "reference_id": "RHSA-2023:1803", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1803" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1804", "reference_id": "RHSA-2023:1804", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1804" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1805", "reference_id": "RHSA-2023:1805", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1805" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1806", "reference_id": "RHSA-2023:1806", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1806" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1809", "reference_id": "RHSA-2023:1809", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1809" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1810", "reference_id": "RHSA-2023:1810", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1810" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1811", "reference_id": "RHSA-2023:1811", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1811" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1821959", "reference_id": "show_bug.cgi?id=1821959", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-01-09T15:50:03Z/" } ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1821959" }, { "reference_url": "https://usn.ubuntu.com/6010-1/", "reference_id": "USN-6010-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6010-1/" }, { "reference_url": "https://usn.ubuntu.com/6015-1/", "reference_id": "USN-6015-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6015-1/" }, { "reference_url": "https://usn.ubuntu.com/6120-1/", "reference_id": "USN-6120-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6120-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/73547?format=api", "purl": "pkg:ebuild/mail-client/thunderbird-bin@102.10.0", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/mail-client/thunderbird-bin@102.10.0" } ], "aliases": [ "CVE-2023-29536" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-yjyu-u73t-u7bh" } ], "risk_score": null, "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/mail-client/thunderbird-bin@102.10.0" }