Package Instance
Lookup for vulnerable packages by Package URL.
GET /api/packages/99301?format=api
{ "url": "http://public2.vulnerablecode.io/api/packages/99301?format=api", "purl": "pkg:rpm/redhat/thunderbird@140.4.0-2?arch=el8_10", "type": "rpm", "namespace": "redhat", "name": "thunderbird", "version": "140.4.0-2", "qualifiers": { "arch": "el8_10" }, "subpath": "", "is_vulnerable": true, "next_non_vulnerable_version": null, "latest_non_vulnerable_version": null, "affected_by_vulnerabilities": [ { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/846?format=api", "vulnerability_id": "VCID-7vyt-mpzf-wyez", "summary": "A compromised web process was able to trigger out of bounds reads and writes in a more privileged process using manipulated WebGL textures.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-11709.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-11709.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-11709", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00106", "scoring_system": "epss", "scoring_elements": "0.28228", "published_at": "2026-06-07T12:55:00Z" }, { "value": "0.00106", "scoring_system": "epss", "scoring_elements": "0.2827", "published_at": "2026-06-06T12:55:00Z" }, { "value": "0.00106", "scoring_system": "epss", "scoring_elements": "0.2832", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-11709" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-11709", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-11709" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2403765", "reference_id": "2403765", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2403765" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-81", "reference_id": "mfsa2025-81", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-81" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2025-81/", "reference_id": "mfsa2025-81", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-10-15T13:22:47Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2025-81/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-82", "reference_id": "mfsa2025-82", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-82" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2025-82/", "reference_id": "mfsa2025-82", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-10-15T13:22:47Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2025-82/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-83", "reference_id": "mfsa2025-83", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-83" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2025-83/", "reference_id": "mfsa2025-83", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-10-15T13:22:47Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2025-83/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-84", "reference_id": "mfsa2025-84", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-84" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2025-84/", "reference_id": "mfsa2025-84", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-10-15T13:22:47Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2025-84/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-85", "reference_id": "mfsa2025-85", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-85" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2025-85/", "reference_id": "mfsa2025-85", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-10-15T13:22:47Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2025-85/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:18154", "reference_id": "RHSA-2025:18154", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:18154" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:18155", "reference_id": "RHSA-2025:18155", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:18155" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:18285", "reference_id": "RHSA-2025:18285", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:18285" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:18320", "reference_id": "RHSA-2025:18320", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:18320" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:18321", "reference_id": "RHSA-2025:18321", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:18321" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:18983", "reference_id": "RHSA-2025:18983", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:18983" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:19278", "reference_id": "RHSA-2025:19278", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:19278" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:19938", "reference_id": "RHSA-2025:19938", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:19938" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:19939", "reference_id": "RHSA-2025:19939", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:19939" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:19941", "reference_id": "RHSA-2025:19941", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:19941" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:19942", "reference_id": "RHSA-2025:19942", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:19942" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:19943", "reference_id": "RHSA-2025:19943", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:19943" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:19944", "reference_id": "RHSA-2025:19944", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:19944" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:19945", "reference_id": "RHSA-2025:19945", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:19945" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:21054", "reference_id": "RHSA-2025:21054", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:21054" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:21055", "reference_id": "RHSA-2025:21055", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:21055" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:21056", "reference_id": "RHSA-2025:21056", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:21056" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:21057", "reference_id": "RHSA-2025:21057", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:21057" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:21058", "reference_id": "RHSA-2025:21058", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:21058" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:21059", "reference_id": "RHSA-2025:21059", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:21059" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:21064", "reference_id": "RHSA-2025:21064", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:21064" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1989127", "reference_id": "show_bug.cgi?id=1989127", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-10-15T13:22:47Z/" } ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1989127" }, { "reference_url": "https://usn.ubuntu.com/7991-1/", "reference_id": "USN-7991-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7991-1/" } ], "fixed_packages": [], "aliases": [ "CVE-2025-11709" ], "risk_score": 4.4, "exploitability": "0.5", "weighted_severity": "8.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-7vyt-mpzf-wyez" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/845?format=api", "vulnerability_id": "VCID-qknk-w6fq-7ybb", "summary": "Use-after-free in MediaTrackGraphImpl::GetInstance()", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-11708.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-11708.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-11708", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0009", "scoring_system": "epss", "scoring_elements": "0.25579", "published_at": "2026-06-07T12:55:00Z" }, { "value": "0.0009", "scoring_system": "epss", "scoring_elements": "0.25624", "published_at": "2026-06-06T12:55:00Z" }, { "value": "0.0009", "scoring_system": "epss", "scoring_elements": "0.25633", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-11708" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-11708", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-11708" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2403769", "reference_id": "2403769", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2403769" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-81", "reference_id": "mfsa2025-81", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-81" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2025-81/", "reference_id": "mfsa2025-81", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-10-15T13:22:05Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2025-81/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-83", "reference_id": "mfsa2025-83", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-83" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2025-83/", "reference_id": "mfsa2025-83", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-10-15T13:22:05Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2025-83/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-84", "reference_id": "mfsa2025-84", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-84" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2025-84/", "reference_id": "mfsa2025-84", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-10-15T13:22:05Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2025-84/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-85", "reference_id": "mfsa2025-85", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-85" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2025-85/", "reference_id": "mfsa2025-85", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-10-15T13:22:05Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2025-85/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:18154", "reference_id": "RHSA-2025:18154", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:18154" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:18155", "reference_id": "RHSA-2025:18155", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:18155" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:18285", "reference_id": "RHSA-2025:18285", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:18285" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:18320", "reference_id": "RHSA-2025:18320", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:18320" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:18321", "reference_id": "RHSA-2025:18321", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:18321" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:18983", "reference_id": "RHSA-2025:18983", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:18983" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:19278", "reference_id": "RHSA-2025:19278", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:19278" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:19938", "reference_id": "RHSA-2025:19938", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:19938" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:19939", "reference_id": "RHSA-2025:19939", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:19939" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:19941", "reference_id": "RHSA-2025:19941", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:19941" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:19942", "reference_id": "RHSA-2025:19942", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:19942" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:19943", "reference_id": "RHSA-2025:19943", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:19943" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:19944", "reference_id": "RHSA-2025:19944", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:19944" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:19945", "reference_id": "RHSA-2025:19945", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:19945" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:21054", "reference_id": "RHSA-2025:21054", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:21054" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:21055", "reference_id": "RHSA-2025:21055", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:21055" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:21056", "reference_id": "RHSA-2025:21056", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:21056" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:21057", "reference_id": "RHSA-2025:21057", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:21057" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:21058", "reference_id": "RHSA-2025:21058", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:21058" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:21059", "reference_id": "RHSA-2025:21059", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:21059" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:21064", "reference_id": "RHSA-2025:21064", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:21064" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1988931", "reference_id": "show_bug.cgi?id=1988931", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-10-15T13:22:05Z/" } ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1988931" }, { "reference_url": "https://usn.ubuntu.com/7991-1/", "reference_id": "USN-7991-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7991-1/" } ], "fixed_packages": [], "aliases": [ "CVE-2025-11708" ], "risk_score": 4.4, "exploitability": "0.5", "weighted_severity": "8.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-qknk-w6fq-7ybb" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/847?format=api", "vulnerability_id": "VCID-u926-beug-xydv", "summary": "A compromised web process using malicious IPC messages could have caused the privileged browser process to reveal blocks of its memory to the compromised process.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-11710.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-11710.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-11710", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00106", "scoring_system": "epss", "scoring_elements": "0.28228", "published_at": "2026-06-07T12:55:00Z" }, { "value": "0.00106", "scoring_system": "epss", "scoring_elements": "0.2827", "published_at": "2026-06-06T12:55:00Z" }, { "value": "0.00106", "scoring_system": "epss", "scoring_elements": "0.2832", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-11710" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-11710", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-11710" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2403768", "reference_id": "2403768", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2403768" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-81", "reference_id": "mfsa2025-81", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-81" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2025-81/", "reference_id": "mfsa2025-81", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-10-15T13:22:34Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2025-81/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-82", "reference_id": "mfsa2025-82", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-82" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2025-82/", "reference_id": "mfsa2025-82", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-10-15T13:22:34Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2025-82/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-83", "reference_id": "mfsa2025-83", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-83" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2025-83/", "reference_id": "mfsa2025-83", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-10-15T13:22:34Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2025-83/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-84", "reference_id": "mfsa2025-84", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-84" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2025-84/", "reference_id": "mfsa2025-84", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-10-15T13:22:34Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2025-84/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-85", "reference_id": "mfsa2025-85", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-85" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2025-85/", "reference_id": "mfsa2025-85", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-10-15T13:22:34Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2025-85/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:18154", "reference_id": "RHSA-2025:18154", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:18154" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:18155", "reference_id": "RHSA-2025:18155", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:18155" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:18285", "reference_id": "RHSA-2025:18285", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:18285" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:18320", "reference_id": "RHSA-2025:18320", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:18320" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:18321", "reference_id": "RHSA-2025:18321", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:18321" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:18983", "reference_id": "RHSA-2025:18983", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:18983" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:19278", "reference_id": "RHSA-2025:19278", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:19278" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:19938", "reference_id": "RHSA-2025:19938", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:19938" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:19939", "reference_id": "RHSA-2025:19939", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:19939" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:19941", "reference_id": "RHSA-2025:19941", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:19941" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:19942", "reference_id": "RHSA-2025:19942", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:19942" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:19943", "reference_id": "RHSA-2025:19943", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:19943" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:19944", "reference_id": "RHSA-2025:19944", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:19944" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:19945", "reference_id": "RHSA-2025:19945", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:19945" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:21054", "reference_id": "RHSA-2025:21054", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:21054" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:21055", "reference_id": "RHSA-2025:21055", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:21055" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:21056", "reference_id": "RHSA-2025:21056", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:21056" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:21057", "reference_id": "RHSA-2025:21057", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:21057" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:21058", "reference_id": "RHSA-2025:21058", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:21058" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:21059", "reference_id": "RHSA-2025:21059", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:21059" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:21064", "reference_id": "RHSA-2025:21064", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:21064" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1989899", "reference_id": "show_bug.cgi?id=1989899", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-10-15T13:22:34Z/" } ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1989899" }, { "reference_url": "https://usn.ubuntu.com/7991-1/", "reference_id": "USN-7991-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7991-1/" } ], "fixed_packages": [], "aliases": [ "CVE-2025-11710" ], "risk_score": 4.4, "exploitability": "0.5", "weighted_severity": "8.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-u926-beug-xydv" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/857?format=api", "vulnerability_id": "VCID-wf48-836h-53h5", "summary": "Memory safety bugs present in Firefox ESR 140.3, Thunderbird ESR 140.3, Firefox 143 and Thunderbird 143. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-11715.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-11715.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-11715", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00064", "scoring_system": "epss", "scoring_elements": "0.2003", "published_at": "2026-06-07T12:55:00Z" }, { "value": "0.00064", "scoring_system": "epss", "scoring_elements": "0.20068", "published_at": "2026-06-06T12:55:00Z" }, { "value": "0.00064", "scoring_system": "epss", "scoring_elements": "0.20073", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-11715" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-11715", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-11715" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2403774", "reference_id": "2403774", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2403774" }, { "reference_url": "https://bugzilla.mozilla.org/buglist.cgi?bug_id=1983838%2C1987624%2C1988244%2C1988912%2C1989734%2C1990085%2C1991899", "reference_id": "buglist.cgi?bug_id=1983838%2C1987624%2C1988244%2C1988912%2C1989734%2C1990085%2C1991899", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-10-21T03:55:16Z/" } ], "url": "https://bugzilla.mozilla.org/buglist.cgi?bug_id=1983838%2C1987624%2C1988244%2C1988912%2C1989734%2C1990085%2C1991899" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-81", "reference_id": "mfsa2025-81", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-81" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2025-81/", "reference_id": "mfsa2025-81", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-10-21T03:55:16Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2025-81/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-83", "reference_id": "mfsa2025-83", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-83" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2025-83/", "reference_id": "mfsa2025-83", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-10-21T03:55:16Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2025-83/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-84", "reference_id": "mfsa2025-84", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-84" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2025-84/", "reference_id": "mfsa2025-84", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-10-21T03:55:16Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2025-84/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-85", "reference_id": "mfsa2025-85", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-85" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2025-85/", "reference_id": "mfsa2025-85", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-10-21T03:55:16Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2025-85/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:18154", "reference_id": "RHSA-2025:18154", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:18154" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:18155", "reference_id": "RHSA-2025:18155", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:18155" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:18285", "reference_id": "RHSA-2025:18285", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:18285" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:18320", "reference_id": "RHSA-2025:18320", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:18320" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:18321", "reference_id": "RHSA-2025:18321", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:18321" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:18983", "reference_id": "RHSA-2025:18983", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:18983" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:19278", "reference_id": "RHSA-2025:19278", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:19278" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:19938", "reference_id": "RHSA-2025:19938", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:19938" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:19939", "reference_id": "RHSA-2025:19939", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:19939" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:19941", "reference_id": "RHSA-2025:19941", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:19941" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:19942", "reference_id": "RHSA-2025:19942", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:19942" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:19943", "reference_id": "RHSA-2025:19943", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:19943" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:19944", "reference_id": "RHSA-2025:19944", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:19944" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:19945", "reference_id": "RHSA-2025:19945", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:19945" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:21054", "reference_id": "RHSA-2025:21054", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:21054" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:21055", "reference_id": "RHSA-2025:21055", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:21055" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:21056", "reference_id": "RHSA-2025:21056", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:21056" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:21057", "reference_id": "RHSA-2025:21057", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:21057" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:21058", "reference_id": "RHSA-2025:21058", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:21058" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:21059", "reference_id": "RHSA-2025:21059", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:21059" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:21064", "reference_id": "RHSA-2025:21064", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:21064" }, { "reference_url": "https://usn.ubuntu.com/7991-1/", "reference_id": "USN-7991-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7991-1/" } ], "fixed_packages": [], "aliases": [ "CVE-2025-11715" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-wf48-836h-53h5" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/848?format=api", "vulnerability_id": "VCID-yn6r-ptdw-aket", "summary": "There was a way to change the value of JavaScript Object properties that were supposed to be non-writeable.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-11711.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-11711.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-11711", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00031", "scoring_system": "epss", "scoring_elements": "0.09474", "published_at": "2026-06-07T12:55:00Z" }, { "value": "0.00031", "scoring_system": "epss", "scoring_elements": "0.09488", "published_at": "2026-06-06T12:55:00Z" }, { "value": "0.00031", "scoring_system": "epss", "scoring_elements": "0.09468", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-11711" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-11711", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-11711" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2403776", "reference_id": "2403776", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2403776" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-81", "reference_id": "mfsa2025-81", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-81" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2025-81/", "reference_id": "mfsa2025-81", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-10-15T13:22:20Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2025-81/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-82", "reference_id": "mfsa2025-82", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-82" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2025-82/", "reference_id": "mfsa2025-82", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-10-15T13:22:20Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2025-82/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-83", "reference_id": "mfsa2025-83", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-83" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2025-83/", "reference_id": "mfsa2025-83", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-10-15T13:22:20Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2025-83/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-84", "reference_id": "mfsa2025-84", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-84" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2025-84/", "reference_id": "mfsa2025-84", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-10-15T13:22:20Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2025-84/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-85", "reference_id": "mfsa2025-85", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-85" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2025-85/", "reference_id": "mfsa2025-85", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-10-15T13:22:20Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2025-85/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:18154", "reference_id": "RHSA-2025:18154", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:18154" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:18155", "reference_id": "RHSA-2025:18155", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:18155" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:18285", "reference_id": "RHSA-2025:18285", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:18285" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:18320", "reference_id": "RHSA-2025:18320", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:18320" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:18321", "reference_id": "RHSA-2025:18321", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:18321" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:18983", "reference_id": "RHSA-2025:18983", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:18983" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:19278", "reference_id": "RHSA-2025:19278", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:19278" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:19938", "reference_id": "RHSA-2025:19938", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:19938" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:19939", "reference_id": "RHSA-2025:19939", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:19939" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:19941", "reference_id": "RHSA-2025:19941", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:19941" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:19942", "reference_id": "RHSA-2025:19942", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:19942" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:19943", "reference_id": "RHSA-2025:19943", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:19943" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:19944", "reference_id": "RHSA-2025:19944", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:19944" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:19945", "reference_id": "RHSA-2025:19945", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:19945" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:21054", "reference_id": "RHSA-2025:21054", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:21054" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:21055", "reference_id": "RHSA-2025:21055", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:21055" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:21056", "reference_id": "RHSA-2025:21056", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:21056" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:21057", "reference_id": "RHSA-2025:21057", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:21057" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:21058", "reference_id": "RHSA-2025:21058", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:21058" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:21059", "reference_id": "RHSA-2025:21059", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:21059" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:21064", "reference_id": "RHSA-2025:21064", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:21064" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1989978", "reference_id": "show_bug.cgi?id=1989978", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-10-15T13:22:20Z/" } ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1989978" }, { "reference_url": "https://usn.ubuntu.com/7991-1/", "reference_id": "USN-7991-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7991-1/" } ], "fixed_packages": [], "aliases": [ "CVE-2025-11711" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-yn6r-ptdw-aket" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/856?format=api", "vulnerability_id": "VCID-zb1n-26m8-w7g2", "summary": "Memory safety bugs present in Firefox ESR 115.28, Firefox ESR 140.3, Thunderbird ESR 140.3, Firefox 143 and Thunderbird 143. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-11714.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-11714.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-11714", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00061", "scoring_system": "epss", "scoring_elements": "0.19212", "published_at": "2026-06-07T12:55:00Z" }, { "value": "0.00061", "scoring_system": "epss", "scoring_elements": "0.19256", "published_at": "2026-06-06T12:55:00Z" }, { "value": "0.00061", "scoring_system": "epss", "scoring_elements": "0.19259", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-11714" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-11714", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-11714" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2403763", "reference_id": "2403763", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2403763" }, { "reference_url": "https://bugzilla.mozilla.org/buglist.cgi?bug_id=1973699%2C1989945%2C1990970%2C1991040%2C1992113", "reference_id": "buglist.cgi?bug_id=1973699%2C1989945%2C1990970%2C1991040%2C1992113", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-10-21T03:55:19Z/" } ], "url": "https://bugzilla.mozilla.org/buglist.cgi?bug_id=1973699%2C1989945%2C1990970%2C1991040%2C1992113" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-81", "reference_id": "mfsa2025-81", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-81" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2025-81/", "reference_id": "mfsa2025-81", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-10-21T03:55:19Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2025-81/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-82", "reference_id": "mfsa2025-82", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-82" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2025-82/", "reference_id": "mfsa2025-82", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-10-21T03:55:19Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2025-82/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-83", "reference_id": "mfsa2025-83", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-83" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2025-83/", "reference_id": "mfsa2025-83", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-10-21T03:55:19Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2025-83/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-84", "reference_id": "mfsa2025-84", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-84" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2025-84/", "reference_id": "mfsa2025-84", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-10-21T03:55:19Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2025-84/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-85", "reference_id": "mfsa2025-85", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-85" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2025-85/", "reference_id": "mfsa2025-85", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-10-21T03:55:19Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2025-85/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:18154", "reference_id": "RHSA-2025:18154", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:18154" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:18155", "reference_id": "RHSA-2025:18155", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:18155" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:18285", "reference_id": "RHSA-2025:18285", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:18285" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:18320", "reference_id": "RHSA-2025:18320", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:18320" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:18321", "reference_id": "RHSA-2025:18321", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:18321" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:18983", "reference_id": "RHSA-2025:18983", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:18983" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:19278", "reference_id": "RHSA-2025:19278", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:19278" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:19938", "reference_id": "RHSA-2025:19938", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:19938" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:19939", "reference_id": "RHSA-2025:19939", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:19939" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:19941", "reference_id": "RHSA-2025:19941", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:19941" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:19942", "reference_id": "RHSA-2025:19942", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:19942" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:19943", "reference_id": "RHSA-2025:19943", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:19943" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:19944", "reference_id": "RHSA-2025:19944", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:19944" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:19945", "reference_id": "RHSA-2025:19945", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:19945" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:21054", "reference_id": "RHSA-2025:21054", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:21054" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:21055", "reference_id": "RHSA-2025:21055", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:21055" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:21056", "reference_id": "RHSA-2025:21056", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:21056" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:21057", "reference_id": "RHSA-2025:21057", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:21057" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:21058", "reference_id": "RHSA-2025:21058", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:21058" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:21059", "reference_id": "RHSA-2025:21059", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:21059" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:21064", "reference_id": "RHSA-2025:21064", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:21064" }, { "reference_url": "https://usn.ubuntu.com/7991-1/", "reference_id": "USN-7991-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7991-1/" } ], "fixed_packages": [], "aliases": [ "CVE-2025-11714" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-zb1n-26m8-w7g2" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/851?format=api", "vulnerability_id": "VCID-zw1m-naqh-sqfd", "summary": "A malicious page could have used the type attribute of an OBJECT tag to override the default browser behavior when encountering a web resource served without a content-type. This could have contributed to an XSS on a site that unsafely serves files without a content-type header.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-11712.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-11712.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-11712", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00043", "scoring_system": "epss", "scoring_elements": "0.13688", "published_at": "2026-06-07T12:55:00Z" }, { "value": "0.00043", "scoring_system": "epss", "scoring_elements": "0.13727", "published_at": "2026-06-06T12:55:00Z" }, { "value": "0.00043", "scoring_system": "epss", "scoring_elements": "0.13725", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-11712" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-11712", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-11712" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2403770", "reference_id": "2403770", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2403770" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-81", "reference_id": "mfsa2025-81", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-81" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2025-81/", "reference_id": "mfsa2025-81", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-10-15T13:21:51Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2025-81/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-83", "reference_id": "mfsa2025-83", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-83" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2025-83/", "reference_id": "mfsa2025-83", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-10-15T13:21:51Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2025-83/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-84", "reference_id": "mfsa2025-84", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-84" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2025-84/", "reference_id": "mfsa2025-84", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-10-15T13:21:51Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2025-84/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-85", "reference_id": "mfsa2025-85", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-85" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2025-85/", "reference_id": "mfsa2025-85", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-10-15T13:21:51Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2025-85/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:18154", "reference_id": "RHSA-2025:18154", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:18154" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:18155", "reference_id": "RHSA-2025:18155", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:18155" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:18285", "reference_id": "RHSA-2025:18285", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:18285" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:18320", "reference_id": "RHSA-2025:18320", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:18320" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:18321", "reference_id": "RHSA-2025:18321", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:18321" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:18983", "reference_id": "RHSA-2025:18983", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:18983" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:19278", "reference_id": "RHSA-2025:19278", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:19278" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:19938", "reference_id": "RHSA-2025:19938", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:19938" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:19939", "reference_id": "RHSA-2025:19939", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:19939" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:19941", "reference_id": "RHSA-2025:19941", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:19941" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:19942", "reference_id": "RHSA-2025:19942", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:19942" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:19943", "reference_id": "RHSA-2025:19943", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:19943" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:19944", "reference_id": "RHSA-2025:19944", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:19944" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:19945", "reference_id": "RHSA-2025:19945", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:19945" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:21054", "reference_id": "RHSA-2025:21054", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:21054" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:21055", "reference_id": "RHSA-2025:21055", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:21055" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:21056", "reference_id": "RHSA-2025:21056", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:21056" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:21057", "reference_id": "RHSA-2025:21057", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:21057" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:21058", "reference_id": "RHSA-2025:21058", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:21058" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:21059", "reference_id": "RHSA-2025:21059", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:21059" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:21064", "reference_id": "RHSA-2025:21064", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:21064" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1979536", "reference_id": "show_bug.cgi?id=1979536", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-10-15T13:21:51Z/" } ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1979536" }, { "reference_url": "https://usn.ubuntu.com/7991-1/", "reference_id": "USN-7991-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7991-1/" } ], "fixed_packages": [], "aliases": [ "CVE-2025-11712" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-zw1m-naqh-sqfd" } ], "fixing_vulnerabilities": [], "risk_score": "4.4", "resource_url": "http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/thunderbird@140.4.0-2%3Farch=el8_10" }