Package Instance
Lookup for vulnerable packages by Package URL.
GET /api/packages/95167?format=api
{ "url": "http://public2.vulnerablecode.io/api/packages/95167?format=api", "purl": "pkg:deb/debian/firefox-esr@128.11.0esr-1~deb12u1?distro=trixie", "type": "deb", "namespace": "debian", "name": "firefox-esr", "version": "128.11.0esr-1~deb12u1", "qualifiers": { "distro": "trixie" }, "subpath": "", "is_vulnerable": false, "next_non_vulnerable_version": "128.11.0esr-1", "latest_non_vulnerable_version": "140.11.0esr-1~deb13u1", "affected_by_vulnerabilities": [], "fixing_vulnerabilities": [ { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/749?format=api", "vulnerability_id": "VCID-1pzp-mm6e-kbdc", "summary": "Memory safety bugs present in Firefox 138, Thunderbird 138, Firefox ESR 128.10, and Thunderbird 128.10. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-5268.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-5268.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-5268", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00436", "scoring_system": "epss", "scoring_elements": "0.63364", "published_at": "2026-06-07T12:55:00Z" }, { "value": "0.00436", "scoring_system": "epss", "scoring_elements": "0.63375", "published_at": "2026-06-06T12:55:00Z" }, { "value": "0.00436", "scoring_system": "epss", "scoring_elements": "0.63367", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-5268" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-5268", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-5268" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2368752", "reference_id": "2368752", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2368752" }, { "reference_url": "https://bugzilla.mozilla.org/buglist.cgi?bug_id=1950136%2C1958121%2C1960499%2C1962634", "reference_id": "buglist.cgi?bug_id=1950136%2C1958121%2C1960499%2C1962634", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-05-28T03:55:56Z/" } ], "url": "https://bugzilla.mozilla.org/buglist.cgi?bug_id=1950136%2C1958121%2C1960499%2C1962634" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-42", "reference_id": "mfsa2025-42", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-42" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2025-42/", "reference_id": "mfsa2025-42", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-05-28T03:55:56Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2025-42/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-44", "reference_id": "mfsa2025-44", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-44" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2025-44/", "reference_id": "mfsa2025-44", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-05-28T03:55:56Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2025-44/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-45", "reference_id": "mfsa2025-45", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-45" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2025-45/", "reference_id": "mfsa2025-45", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-05-28T03:55:56Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2025-45/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-46", "reference_id": "mfsa2025-46", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-46" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2025-46/", "reference_id": "mfsa2025-46", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-05-28T03:55:56Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2025-46/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:8293", "reference_id": "RHSA-2025:8293", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:8293" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:8308", "reference_id": "RHSA-2025:8308", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:8308" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:8341", "reference_id": "RHSA-2025:8341", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:8341" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:8598", "reference_id": "RHSA-2025:8598", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:8598" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:8599", "reference_id": "RHSA-2025:8599", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:8599" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:8607", "reference_id": "RHSA-2025:8607", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:8607" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:8608", "reference_id": "RHSA-2025:8608", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:8608" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:8628", "reference_id": "RHSA-2025:8628", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:8628" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:8629", "reference_id": "RHSA-2025:8629", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:8629" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:8630", "reference_id": "RHSA-2025:8630", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:8630" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:8631", "reference_id": "RHSA-2025:8631", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:8631" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:8642", "reference_id": "RHSA-2025:8642", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:8642" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:8756", "reference_id": "RHSA-2025:8756", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:8756" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:9071", "reference_id": "RHSA-2025:9071", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:9071" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:9072", "reference_id": "RHSA-2025:9072", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:9072" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:9073", "reference_id": "RHSA-2025:9073", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:9073" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:9074", "reference_id": "RHSA-2025:9074", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:9074" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:9075", "reference_id": "RHSA-2025:9075", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:9075" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:9076", "reference_id": "RHSA-2025:9076", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:9076" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:9077", "reference_id": "RHSA-2025:9077", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:9077" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:9155", "reference_id": "RHSA-2025:9155", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:9155" }, { "reference_url": "https://usn.ubuntu.com/7663-1/", "reference_id": "USN-7663-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7663-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/94686?format=api", "purl": "pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/95168?format=api", "purl": "pkg:deb/debian/firefox-esr@128.11.0esr-1~deb11u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@128.11.0esr-1~deb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/95167?format=api", "purl": "pkg:deb/debian/firefox-esr@128.11.0esr-1~deb12u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@128.11.0esr-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/95169?format=api", "purl": "pkg:deb/debian/firefox-esr@128.11.0esr-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@128.11.0esr-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/94684?format=api", "purl": "pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-ghpk-c1e6-pkae" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/94688?format=api", "purl": "pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-ghpk-c1e6-pkae" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/94687?format=api", "purl": "pkg:deb/debian/firefox-esr@140.11.0esr-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-ghpk-c1e6-pkae" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.11.0esr-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2025-5268" ], "risk_score": 4.5, "exploitability": "0.5", "weighted_severity": "9.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-1pzp-mm6e-kbdc" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/743?format=api", "vulnerability_id": "VCID-c25m-7d3t-4qdc", "summary": "Due to insufficient escaping of the newline character in the “Copy as cURL” feature, an attacker could trick a user into using this command, potentially leading to local code execution on the user's system.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-5264.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-5264.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-5264", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00134", "scoring_system": "epss", "scoring_elements": "0.32552", "published_at": "2026-06-07T12:55:00Z" }, { "value": "0.00134", "scoring_system": "epss", "scoring_elements": "0.32591", "published_at": "2026-06-06T12:55:00Z" }, { "value": "0.00134", "scoring_system": "epss", "scoring_elements": "0.32623", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-5264" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-5264", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-5264" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2368751", "reference_id": "2368751", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2368751" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-42", "reference_id": "mfsa2025-42", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-42" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2025-42/", "reference_id": "mfsa2025-42", "reference_type": "", "scores": [ { "value": "4.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-05-28T03:55:59Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2025-42/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-43", "reference_id": "mfsa2025-43", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-43" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2025-43/", "reference_id": "mfsa2025-43", "reference_type": "", "scores": [ { "value": "4.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-05-28T03:55:59Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2025-43/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-44", "reference_id": "mfsa2025-44", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-44" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2025-44/", "reference_id": "mfsa2025-44", "reference_type": "", "scores": [ { "value": "4.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-05-28T03:55:59Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2025-44/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-45", "reference_id": "mfsa2025-45", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-45" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2025-45/", "reference_id": "mfsa2025-45", "reference_type": "", "scores": [ { "value": "4.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-05-28T03:55:59Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2025-45/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-46", "reference_id": "mfsa2025-46", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-46" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2025-46/", "reference_id": "mfsa2025-46", "reference_type": "", "scores": [ { "value": "4.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-05-28T03:55:59Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2025-46/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:8293", "reference_id": "RHSA-2025:8293", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:8293" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:8308", "reference_id": "RHSA-2025:8308", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:8308" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:8341", "reference_id": "RHSA-2025:8341", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:8341" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:8598", "reference_id": "RHSA-2025:8598", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:8598" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:8599", "reference_id": "RHSA-2025:8599", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:8599" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:8607", "reference_id": "RHSA-2025:8607", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:8607" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:8608", "reference_id": "RHSA-2025:8608", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:8608" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:8628", "reference_id": "RHSA-2025:8628", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:8628" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:8629", "reference_id": "RHSA-2025:8629", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:8629" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:8630", "reference_id": "RHSA-2025:8630", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:8630" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:8631", "reference_id": "RHSA-2025:8631", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:8631" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:8642", "reference_id": "RHSA-2025:8642", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:8642" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:8756", "reference_id": "RHSA-2025:8756", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:8756" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:9071", "reference_id": "RHSA-2025:9071", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:9071" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:9072", "reference_id": "RHSA-2025:9072", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:9072" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:9073", "reference_id": "RHSA-2025:9073", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:9073" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:9074", "reference_id": "RHSA-2025:9074", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:9074" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:9075", "reference_id": "RHSA-2025:9075", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:9075" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:9076", "reference_id": "RHSA-2025:9076", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:9076" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:9077", "reference_id": "RHSA-2025:9077", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:9077" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:9155", "reference_id": "RHSA-2025:9155", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:9155" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1950001", "reference_id": "show_bug.cgi?id=1950001", "reference_type": "", "scores": [ { "value": "4.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-05-28T03:55:59Z/" } ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1950001" }, { "reference_url": "https://usn.ubuntu.com/7663-1/", "reference_id": "USN-7663-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7663-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/94686?format=api", "purl": "pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/95168?format=api", "purl": "pkg:deb/debian/firefox-esr@128.11.0esr-1~deb11u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@128.11.0esr-1~deb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/95167?format=api", "purl": "pkg:deb/debian/firefox-esr@128.11.0esr-1~deb12u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@128.11.0esr-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/95169?format=api", "purl": "pkg:deb/debian/firefox-esr@128.11.0esr-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@128.11.0esr-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/94684?format=api", "purl": "pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-ghpk-c1e6-pkae" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/94688?format=api", "purl": "pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-ghpk-c1e6-pkae" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/94687?format=api", "purl": "pkg:deb/debian/firefox-esr@140.11.0esr-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-ghpk-c1e6-pkae" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.11.0esr-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2025-5264" ], "risk_score": 4.5, "exploitability": "0.5", "weighted_severity": "9.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-c25m-7d3t-4qdc" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/741?format=api", "vulnerability_id": "VCID-kssx-csgu-3yg3", "summary": "A double-free could have occurred in `vpx_codec_enc_init_multi` after a failed allocation when initializing the encoder for WebRTC. This could have caused memory corruption and a potentially exploitable crash.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-5283.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-5283.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-5283", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00273", "scoring_system": "epss", "scoring_elements": "0.50933", "published_at": "2026-06-07T12:55:00Z" }, { "value": "0.00273", "scoring_system": "epss", "scoring_elements": "0.50954", "published_at": "2026-06-06T12:55:00Z" }, { "value": "0.00273", "scoring_system": "epss", "scoring_elements": "0.50949", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-5283" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-5283", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-5283" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1106689", "reference_id": "1106689", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1106689" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2368749", "reference_id": "2368749", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2368749" }, { "reference_url": "https://issues.chromium.org/issues/419467315", "reference_id": "419467315", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-28T13:25:59Z/" } ], "url": "https://issues.chromium.org/issues/419467315" }, { "reference_url": "https://security.gentoo.org/glsa/202509-07", "reference_id": "GLSA-202509-07", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202509-07" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-42", "reference_id": "mfsa2025-42", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-42" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-43", "reference_id": "mfsa2025-43", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-43" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-44", "reference_id": "mfsa2025-44", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-44" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-45", "reference_id": "mfsa2025-45", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-45" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-46", "reference_id": "mfsa2025-46", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-46" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:8293", "reference_id": "RHSA-2025:8293", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:8293" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:8308", "reference_id": "RHSA-2025:8308", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:8308" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:8341", "reference_id": "RHSA-2025:8341", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:8341" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:8598", "reference_id": "RHSA-2025:8598", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:8598" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:8599", "reference_id": "RHSA-2025:8599", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:8599" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:8607", "reference_id": "RHSA-2025:8607", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:8607" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:8608", "reference_id": "RHSA-2025:8608", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:8608" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:8628", "reference_id": "RHSA-2025:8628", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:8628" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:8629", "reference_id": "RHSA-2025:8629", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:8629" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:8630", "reference_id": "RHSA-2025:8630", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:8630" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:8631", "reference_id": "RHSA-2025:8631", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:8631" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:8642", "reference_id": "RHSA-2025:8642", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:8642" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:8756", "reference_id": "RHSA-2025:8756", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:8756" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:9071", "reference_id": "RHSA-2025:9071", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:9071" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:9072", "reference_id": "RHSA-2025:9072", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:9072" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:9073", "reference_id": "RHSA-2025:9073", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:9073" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:9074", "reference_id": "RHSA-2025:9074", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:9074" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:9075", "reference_id": "RHSA-2025:9075", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:9075" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:9076", "reference_id": "RHSA-2025:9076", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:9076" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:9077", "reference_id": "RHSA-2025:9077", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:9077" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:9118", "reference_id": "RHSA-2025:9118", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:9118" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:9119", "reference_id": "RHSA-2025:9119", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:9119" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:9120", "reference_id": "RHSA-2025:9120", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:9120" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:9122", "reference_id": "RHSA-2025:9122", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:9122" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:9123", "reference_id": "RHSA-2025:9123", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:9123" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:9124", "reference_id": "RHSA-2025:9124", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:9124" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:9125", "reference_id": "RHSA-2025:9125", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:9125" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:9126", "reference_id": "RHSA-2025:9126", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:9126" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:9127", "reference_id": "RHSA-2025:9127", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:9127" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:9128", "reference_id": "RHSA-2025:9128", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:9128" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:9155", "reference_id": "RHSA-2025:9155", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:9155" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:9331", "reference_id": "RHSA-2025:9331", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:9331" }, { "reference_url": "https://chromereleases.googleblog.com/2025/05/stable-channel-update-for-desktop_27.html", "reference_id": "stable-channel-update-for-desktop_27.html", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-28T13:25:59Z/" } ], "url": "https://chromereleases.googleblog.com/2025/05/stable-channel-update-for-desktop_27.html" }, { "reference_url": "https://usn.ubuntu.com/7551-1/", "reference_id": "USN-7551-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7551-1/" }, { "reference_url": "https://usn.ubuntu.com/7991-1/", "reference_id": "USN-7991-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7991-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/94686?format=api", "purl": "pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/95168?format=api", "purl": "pkg:deb/debian/firefox-esr@128.11.0esr-1~deb11u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@128.11.0esr-1~deb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/95167?format=api", "purl": "pkg:deb/debian/firefox-esr@128.11.0esr-1~deb12u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@128.11.0esr-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/95169?format=api", "purl": "pkg:deb/debian/firefox-esr@128.11.0esr-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@128.11.0esr-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/94684?format=api", "purl": "pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-ghpk-c1e6-pkae" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/94688?format=api", "purl": "pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-ghpk-c1e6-pkae" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/94687?format=api", "purl": "pkg:deb/debian/firefox-esr@140.11.0esr-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-ghpk-c1e6-pkae" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.11.0esr-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2025-5283" ], "risk_score": 4.5, "exploitability": "0.5", "weighted_severity": "9.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-kssx-csgu-3yg3" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/748?format=api", "vulnerability_id": "VCID-px5p-xdma-c7da", "summary": "A clickjacking vulnerability could have been used to trick a user into leaking saved payment card details to a malicious page.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-5267.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.4", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-5267.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-5267", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00352", "scoring_system": "epss", "scoring_elements": "0.57919", "published_at": "2026-06-07T12:55:00Z" }, { "value": "0.00352", "scoring_system": "epss", "scoring_elements": "0.5793", "published_at": "2026-06-06T12:55:00Z" }, { "value": "0.00352", "scoring_system": "epss", "scoring_elements": "0.57922", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-5267" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-5267", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-5267" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2368750", "reference_id": "2368750", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2368750" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-42", "reference_id": "mfsa2025-42", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-42" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2025-42/", "reference_id": "mfsa2025-42", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-27T17:44:29Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2025-42/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-44", "reference_id": "mfsa2025-44", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-44" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2025-44/", "reference_id": "mfsa2025-44", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-27T17:44:29Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2025-44/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-45", "reference_id": "mfsa2025-45", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-45" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2025-45/", "reference_id": "mfsa2025-45", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-27T17:44:29Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2025-45/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-46", "reference_id": "mfsa2025-46", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-46" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2025-46/", "reference_id": "mfsa2025-46", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-27T17:44:29Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2025-46/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:8293", "reference_id": "RHSA-2025:8293", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:8293" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:8308", "reference_id": "RHSA-2025:8308", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:8308" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:8341", "reference_id": "RHSA-2025:8341", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:8341" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:8598", "reference_id": "RHSA-2025:8598", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:8598" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:8599", "reference_id": "RHSA-2025:8599", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:8599" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:8607", "reference_id": "RHSA-2025:8607", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:8607" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:8608", "reference_id": "RHSA-2025:8608", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:8608" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:8628", "reference_id": "RHSA-2025:8628", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:8628" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:8629", "reference_id": "RHSA-2025:8629", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:8629" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:8630", "reference_id": "RHSA-2025:8630", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:8630" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:8631", "reference_id": "RHSA-2025:8631", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:8631" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:8642", "reference_id": "RHSA-2025:8642", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:8642" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:8756", "reference_id": "RHSA-2025:8756", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:8756" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:9071", "reference_id": "RHSA-2025:9071", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:9071" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:9072", "reference_id": "RHSA-2025:9072", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:9072" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:9073", "reference_id": "RHSA-2025:9073", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:9073" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:9074", "reference_id": "RHSA-2025:9074", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:9074" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:9075", "reference_id": "RHSA-2025:9075", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:9075" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:9076", "reference_id": "RHSA-2025:9076", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:9076" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:9077", "reference_id": "RHSA-2025:9077", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:9077" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:9155", "reference_id": "RHSA-2025:9155", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:9155" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1954137", "reference_id": "show_bug.cgi?id=1954137", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-27T17:44:29Z/" } ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1954137" }, { "reference_url": "https://usn.ubuntu.com/7663-1/", "reference_id": "USN-7663-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7663-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/94686?format=api", "purl": "pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/95168?format=api", "purl": "pkg:deb/debian/firefox-esr@128.11.0esr-1~deb11u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@128.11.0esr-1~deb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/95167?format=api", "purl": "pkg:deb/debian/firefox-esr@128.11.0esr-1~deb12u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@128.11.0esr-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/95169?format=api", "purl": "pkg:deb/debian/firefox-esr@128.11.0esr-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@128.11.0esr-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/94684?format=api", "purl": "pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-ghpk-c1e6-pkae" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/94688?format=api", "purl": "pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-ghpk-c1e6-pkae" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/94687?format=api", "purl": "pkg:deb/debian/firefox-esr@140.11.0esr-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-ghpk-c1e6-pkae" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.11.0esr-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2025-5267" ], "risk_score": 4.5, "exploitability": "0.5", "weighted_severity": "9.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-px5p-xdma-c7da" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/742?format=api", "vulnerability_id": "VCID-u7zd-r5jx-23ca", "summary": "Error handling for script execution was incorrectly isolated from web content, which could have allowed cross-origin leak attacks.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-5263.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-5263.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-5263", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00183", "scoring_system": "epss", "scoring_elements": "0.39832", "published_at": "2026-06-07T12:55:00Z" }, { "value": "0.00183", "scoring_system": "epss", "scoring_elements": "0.39859", "published_at": "2026-06-06T12:55:00Z" }, { "value": "0.00183", "scoring_system": "epss", "scoring_elements": "0.39855", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-5263" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-5263", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-5263" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2368756", "reference_id": "2368756", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2368756" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-42", "reference_id": "mfsa2025-42", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-42" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2025-42/", "reference_id": "mfsa2025-42", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-27T15:20:12Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2025-42/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-43", "reference_id": "mfsa2025-43", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-43" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2025-43/", "reference_id": "mfsa2025-43", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-27T15:20:12Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2025-43/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-44", "reference_id": "mfsa2025-44", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-44" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2025-44/", "reference_id": "mfsa2025-44", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-27T15:20:12Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2025-44/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-45", "reference_id": "mfsa2025-45", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-45" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2025-45/", "reference_id": "mfsa2025-45", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-27T15:20:12Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2025-45/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-46", "reference_id": "mfsa2025-46", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-46" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2025-46/", "reference_id": "mfsa2025-46", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-27T15:20:12Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2025-46/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:8293", "reference_id": "RHSA-2025:8293", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:8293" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:8308", "reference_id": "RHSA-2025:8308", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:8308" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:8341", "reference_id": "RHSA-2025:8341", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:8341" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:8598", "reference_id": "RHSA-2025:8598", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:8598" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:8599", "reference_id": "RHSA-2025:8599", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:8599" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:8607", "reference_id": "RHSA-2025:8607", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:8607" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:8608", "reference_id": "RHSA-2025:8608", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:8608" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:8628", "reference_id": "RHSA-2025:8628", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:8628" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:8629", "reference_id": "RHSA-2025:8629", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:8629" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:8630", "reference_id": "RHSA-2025:8630", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:8630" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:8631", "reference_id": "RHSA-2025:8631", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:8631" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:8642", "reference_id": "RHSA-2025:8642", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:8642" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:8756", "reference_id": "RHSA-2025:8756", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:8756" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:9071", "reference_id": "RHSA-2025:9071", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:9071" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:9072", "reference_id": "RHSA-2025:9072", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:9072" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:9073", "reference_id": "RHSA-2025:9073", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:9073" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:9074", "reference_id": "RHSA-2025:9074", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:9074" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:9075", "reference_id": "RHSA-2025:9075", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:9075" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:9076", "reference_id": "RHSA-2025:9076", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:9076" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:9077", "reference_id": "RHSA-2025:9077", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:9077" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:9155", "reference_id": "RHSA-2025:9155", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:9155" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1960745", "reference_id": "show_bug.cgi?id=1960745", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-27T15:20:12Z/" } ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1960745" }, { "reference_url": "https://usn.ubuntu.com/7663-1/", "reference_id": "USN-7663-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7663-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/94686?format=api", "purl": "pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/95168?format=api", "purl": "pkg:deb/debian/firefox-esr@128.11.0esr-1~deb11u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@128.11.0esr-1~deb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/95167?format=api", "purl": "pkg:deb/debian/firefox-esr@128.11.0esr-1~deb12u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@128.11.0esr-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/95169?format=api", "purl": "pkg:deb/debian/firefox-esr@128.11.0esr-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@128.11.0esr-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/94684?format=api", "purl": "pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-ghpk-c1e6-pkae" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/94688?format=api", "purl": "pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-ghpk-c1e6-pkae" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/94687?format=api", "purl": "pkg:deb/debian/firefox-esr@140.11.0esr-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-ghpk-c1e6-pkae" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.11.0esr-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2025-5263" ], "risk_score": 4.5, "exploitability": "0.5", "weighted_severity": "9.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-u7zd-r5jx-23ca" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/745?format=api", "vulnerability_id": "VCID-ubk2-785h-5kct", "summary": "Script elements loading cross-origin resources generated load and error events which leaked information enabling XS-Leaks attacks.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-5266.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-5266.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-5266", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00434", "scoring_system": "epss", "scoring_elements": "0.63226", "published_at": "2026-06-07T12:55:00Z" }, { "value": "0.00434", "scoring_system": "epss", "scoring_elements": "0.63236", "published_at": "2026-06-06T12:55:00Z" }, { "value": "0.00434", "scoring_system": "epss", "scoring_elements": "0.63228", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-5266" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-5266", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-5266" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2368755", "reference_id": "2368755", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2368755" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-42", "reference_id": "mfsa2025-42", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-42" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2025-42/", "reference_id": "mfsa2025-42", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-09-23T14:44:04Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2025-42/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-44", "reference_id": "mfsa2025-44", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-44" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2025-44/", "reference_id": "mfsa2025-44", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-09-23T14:44:04Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2025-44/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-45", "reference_id": "mfsa2025-45", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-45" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2025-45/", "reference_id": "mfsa2025-45", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-09-23T14:44:04Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2025-45/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-46", "reference_id": "mfsa2025-46", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-46" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2025-46/", "reference_id": "mfsa2025-46", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-09-23T14:44:04Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2025-46/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:8293", "reference_id": "RHSA-2025:8293", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:8293" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:8308", "reference_id": "RHSA-2025:8308", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:8308" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:8341", "reference_id": "RHSA-2025:8341", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:8341" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:8598", "reference_id": "RHSA-2025:8598", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:8598" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:8599", "reference_id": "RHSA-2025:8599", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:8599" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:8607", "reference_id": "RHSA-2025:8607", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:8607" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:8608", "reference_id": "RHSA-2025:8608", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:8608" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:8628", "reference_id": "RHSA-2025:8628", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:8628" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:8629", "reference_id": "RHSA-2025:8629", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:8629" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:8630", "reference_id": "RHSA-2025:8630", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:8630" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:8631", "reference_id": "RHSA-2025:8631", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:8631" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:8642", "reference_id": "RHSA-2025:8642", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:8642" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:8756", "reference_id": "RHSA-2025:8756", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:8756" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:9071", "reference_id": "RHSA-2025:9071", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:9071" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:9072", "reference_id": "RHSA-2025:9072", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:9072" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:9073", "reference_id": "RHSA-2025:9073", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:9073" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:9074", "reference_id": "RHSA-2025:9074", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:9074" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:9075", "reference_id": "RHSA-2025:9075", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:9075" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:9076", "reference_id": "RHSA-2025:9076", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:9076" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:9077", "reference_id": "RHSA-2025:9077", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:9077" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:9155", "reference_id": "RHSA-2025:9155", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:9155" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1965628", "reference_id": "show_bug.cgi?id=1965628", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-09-23T14:44:04Z/" } ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1965628" }, { "reference_url": "https://usn.ubuntu.com/7663-1/", "reference_id": "USN-7663-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7663-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/94686?format=api", "purl": "pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/95168?format=api", "purl": "pkg:deb/debian/firefox-esr@128.11.0esr-1~deb11u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@128.11.0esr-1~deb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/95167?format=api", "purl": "pkg:deb/debian/firefox-esr@128.11.0esr-1~deb12u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@128.11.0esr-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/95169?format=api", "purl": "pkg:deb/debian/firefox-esr@128.11.0esr-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@128.11.0esr-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/94684?format=api", "purl": "pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-ghpk-c1e6-pkae" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/94688?format=api", "purl": "pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-ghpk-c1e6-pkae" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/94687?format=api", "purl": "pkg:deb/debian/firefox-esr@140.11.0esr-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-ghpk-c1e6-pkae" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.11.0esr-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2025-5266" ], "risk_score": 4.5, "exploitability": "0.5", "weighted_severity": "9.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-ubk2-785h-5kct" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/764?format=api", "vulnerability_id": "VCID-yfq7-nc7g-v7gx", "summary": "Memory safety bug present in Firefox ESR 128.10, and Thunderbird 128.10. This bug showed evidence of memory corruption and we presume that with enough effort this could have been exploited to run arbitrary code.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-5269.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-5269.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-5269", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00428", "scoring_system": "epss", "scoring_elements": "0.62811", "published_at": "2026-06-05T12:55:00Z" }, { "value": "0.00428", "scoring_system": "epss", "scoring_elements": "0.6281", "published_at": "2026-06-07T12:55:00Z" }, { "value": "0.00428", "scoring_system": "epss", "scoring_elements": "0.6282", "published_at": "2026-06-06T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-5269" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-5269", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-5269" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2368757", "reference_id": "2368757", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2368757" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-44", "reference_id": "mfsa2025-44", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-44" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2025-44/", "reference_id": "mfsa2025-44", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-05-27T17:41:18Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2025-44/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-46", "reference_id": "mfsa2025-46", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-46" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2025-46/", "reference_id": "mfsa2025-46", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-05-27T17:41:18Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2025-46/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:8293", "reference_id": "RHSA-2025:8293", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:8293" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:8308", "reference_id": "RHSA-2025:8308", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:8308" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:8341", "reference_id": "RHSA-2025:8341", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:8341" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:8598", "reference_id": "RHSA-2025:8598", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:8598" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:8599", "reference_id": "RHSA-2025:8599", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:8599" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:8607", "reference_id": "RHSA-2025:8607", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:8607" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:8608", "reference_id": "RHSA-2025:8608", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:8608" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:8628", "reference_id": "RHSA-2025:8628", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:8628" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:8629", "reference_id": "RHSA-2025:8629", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:8629" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:8630", "reference_id": "RHSA-2025:8630", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:8630" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:8631", "reference_id": "RHSA-2025:8631", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:8631" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:8642", "reference_id": "RHSA-2025:8642", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:8642" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:8756", "reference_id": "RHSA-2025:8756", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:8756" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:9071", "reference_id": "RHSA-2025:9071", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:9071" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:9072", "reference_id": "RHSA-2025:9072", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:9072" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:9073", "reference_id": "RHSA-2025:9073", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:9073" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:9074", "reference_id": "RHSA-2025:9074", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:9074" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:9075", "reference_id": "RHSA-2025:9075", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:9075" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:9076", "reference_id": "RHSA-2025:9076", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:9076" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:9077", "reference_id": "RHSA-2025:9077", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:9077" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:9155", "reference_id": "RHSA-2025:9155", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:9155" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1924108", "reference_id": "show_bug.cgi?id=1924108", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-05-27T17:41:18Z/" } ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1924108" }, { "reference_url": "https://usn.ubuntu.com/7663-1/", "reference_id": "USN-7663-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7663-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/94686?format=api", "purl": "pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/95168?format=api", "purl": "pkg:deb/debian/firefox-esr@128.11.0esr-1~deb11u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@128.11.0esr-1~deb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/95167?format=api", "purl": "pkg:deb/debian/firefox-esr@128.11.0esr-1~deb12u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@128.11.0esr-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/95169?format=api", "purl": "pkg:deb/debian/firefox-esr@128.11.0esr-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@128.11.0esr-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/94684?format=api", "purl": "pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-ghpk-c1e6-pkae" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/94688?format=api", "purl": "pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-ghpk-c1e6-pkae" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/94687?format=api", "purl": "pkg:deb/debian/firefox-esr@140.11.0esr-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-ghpk-c1e6-pkae" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.11.0esr-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2025-5269" ], "risk_score": 4.5, "exploitability": "0.5", "weighted_severity": "9.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-yfq7-nc7g-v7gx" } ], "risk_score": null, "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@128.11.0esr-1~deb12u1%3Fdistro=trixie" }