Django REST framework

Package Instance

Lookup for vulnerable packages by Package URL.

Purlpkg:apk/alpine/firefox-esr@115.3.0-r0?arch=x86&distroversion=v3.20&reponame=community
Typeapk
Namespacealpine
Namefirefox-esr
Version115.3.0-r0
Qualifiers
arch x86
distroversion v3.20
reponame community
Subpath
Is_vulnerablefalse
Next_non_vulnerable_version115.3.1-r0
Latest_non_vulnerable_version115.17.0-r0
Affected_by_vulnerabilities
Fixing_vulnerabilities
0
url VCID-bbef-dvqd-53gq
vulnerability_id VCID-bbef-dvqd-53gq
summary During Ion compilation, a Garbage Collection could have resulted in a use-after-free condition, allowing an attacker to write two NUL bytes, and cause a potentially exploitable crash. This vulnerability affects Firefox < 118, Firefox ESR < 115.3, and Thunderbird < 115.3.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-5171.json
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-5171.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2023-5171
reference_id
reference_type
scores
0
value 0.0026
scoring_system epss
scoring_elements 0.49701
published_at 2026-06-11T12:55:00Z
1
value 0.0026
scoring_system epss
scoring_elements 0.49843
published_at 2026-06-14T12:55:00Z
2
value 0.0026
scoring_system epss
scoring_elements 0.49856
published_at 2026-06-13T12:55:00Z
3
value 0.0026
scoring_system epss
scoring_elements 0.49837
published_at 2026-06-12T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2023-5171
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-5169
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-5169
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-5171
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-5171
4
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-5176
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-5176
5
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-5217
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-5217
6
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2240894
reference_id 2240894
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2240894
7
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AY642Z6JZODQJE7Z62CFREVUHEGCXGPD/
reference_id AY642Z6JZODQJE7Z62CFREVUHEGCXGPD
reference_type
scores
0
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-23T19:24:47Z/
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AY642Z6JZODQJE7Z62CFREVUHEGCXGPD/
8
reference_url https://www.debian.org/security/2023/dsa-5506
reference_id dsa-5506
reference_type
scores
0
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-23T19:24:47Z/
url https://www.debian.org/security/2023/dsa-5506
9
reference_url https://www.debian.org/security/2023/dsa-5513
reference_id dsa-5513
reference_type
scores
0
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-23T19:24:47Z/
url https://www.debian.org/security/2023/dsa-5513
10
reference_url https://security.gentoo.org/glsa/202402-25
reference_id GLSA-202402-25
reference_type
scores
url https://security.gentoo.org/glsa/202402-25
11
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2023-41
reference_id mfsa2023-41
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2023-41
12
reference_url https://www.mozilla.org/security/advisories/mfsa2023-41/
reference_id mfsa2023-41
reference_type
scores
0
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-23T19:24:47Z/
url https://www.mozilla.org/security/advisories/mfsa2023-41/
13
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2023-42
reference_id mfsa2023-42
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2023-42
14
reference_url https://www.mozilla.org/security/advisories/mfsa2023-42/
reference_id mfsa2023-42
reference_type
scores
0
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-23T19:24:47Z/
url https://www.mozilla.org/security/advisories/mfsa2023-42/
15
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2023-43
reference_id mfsa2023-43
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2023-43
16
reference_url https://www.mozilla.org/security/advisories/mfsa2023-43/
reference_id mfsa2023-43
reference_type
scores
0
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-23T19:24:47Z/
url https://www.mozilla.org/security/advisories/mfsa2023-43/
17
reference_url https://lists.debian.org/debian-lts-announce/2023/10/msg00015.html
reference_id msg00015.html
reference_type
scores
0
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-23T19:24:47Z/
url https://lists.debian.org/debian-lts-announce/2023/10/msg00015.html
18
reference_url https://lists.debian.org/debian-lts-announce/2023/09/msg00034.html
reference_id msg00034.html
reference_type
scores
0
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-23T19:24:47Z/
url https://lists.debian.org/debian-lts-announce/2023/09/msg00034.html
19
reference_url https://access.redhat.com/errata/RHSA-2023:5426
reference_id RHSA-2023:5426
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:5426
20
reference_url https://access.redhat.com/errata/RHSA-2023:5427
reference_id RHSA-2023:5427
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:5427
21
reference_url https://access.redhat.com/errata/RHSA-2023:5428
reference_id RHSA-2023:5428
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:5428
22
reference_url https://access.redhat.com/errata/RHSA-2023:5429
reference_id RHSA-2023:5429
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:5429
23
reference_url https://access.redhat.com/errata/RHSA-2023:5430
reference_id RHSA-2023:5430
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:5430
24
reference_url https://access.redhat.com/errata/RHSA-2023:5432
reference_id RHSA-2023:5432
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:5432
25
reference_url https://access.redhat.com/errata/RHSA-2023:5433
reference_id RHSA-2023:5433
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:5433
26
reference_url https://access.redhat.com/errata/RHSA-2023:5434
reference_id RHSA-2023:5434
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:5434
27
reference_url https://access.redhat.com/errata/RHSA-2023:5435
reference_id RHSA-2023:5435
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:5435
28
reference_url https://access.redhat.com/errata/RHSA-2023:5436
reference_id RHSA-2023:5436
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:5436
29
reference_url https://access.redhat.com/errata/RHSA-2023:5437
reference_id RHSA-2023:5437
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:5437
30
reference_url https://access.redhat.com/errata/RHSA-2023:5438
reference_id RHSA-2023:5438
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:5438
31
reference_url https://access.redhat.com/errata/RHSA-2023:5439
reference_id RHSA-2023:5439
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:5439
32
reference_url https://access.redhat.com/errata/RHSA-2023:5440
reference_id RHSA-2023:5440
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:5440
33
reference_url https://access.redhat.com/errata/RHSA-2023:5475
reference_id RHSA-2023:5475
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:5475
34
reference_url https://access.redhat.com/errata/RHSA-2023:5477
reference_id RHSA-2023:5477
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:5477
35
reference_url https://bugzilla.mozilla.org/show_bug.cgi?id=1851599
reference_id show_bug.cgi?id=1851599
reference_type
scores
0
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-23T19:24:47Z/
url https://bugzilla.mozilla.org/show_bug.cgi?id=1851599
36
reference_url https://usn.ubuntu.com/6404-1/
reference_id USN-6404-1
reference_type
scores
url https://usn.ubuntu.com/6404-1/
37
reference_url https://usn.ubuntu.com/6405-1/
reference_id USN-6405-1
reference_type
scores
url https://usn.ubuntu.com/6405-1/
fixed_packages
0
url pkg:apk/alpine/firefox-esr@115.3.0-r0?arch=x86&distroversion=v3.20&reponame=community
purl pkg:apk/alpine/firefox-esr@115.3.0-r0?arch=x86&distroversion=v3.20&reponame=community
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:apk/alpine/firefox-esr@115.3.0-r0%3Farch=x86&distroversion=v3.20&reponame=community
aliases CVE-2023-5171
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-bbef-dvqd-53gq
1
url VCID-emg3-zrwj-ffah
vulnerability_id VCID-emg3-zrwj-ffah
summary A compromised content process could have provided malicious data in a `PathRecording` resulting in an out-of-bounds write, leading to a potentially exploitable crash in a privileged process. This vulnerability affects Firefox < 118, Firefox ESR < 115.3, and Thunderbird < 115.3.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-5169.json
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-5169.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2023-5169
reference_id
reference_type
scores
0
value 0.0024
scoring_system epss
scoring_elements 0.47325
published_at 2026-06-11T12:55:00Z
1
value 0.0024
scoring_system epss
scoring_elements 0.47463
published_at 2026-06-14T12:55:00Z
2
value 0.0024
scoring_system epss
scoring_elements 0.47482
published_at 2026-06-13T12:55:00Z
3
value 0.0024
scoring_system epss
scoring_elements 0.47466
published_at 2026-06-12T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2023-5169
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-5169
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-5169
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-5171
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-5171
4
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-5176
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-5176
5
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-5217
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-5217
6
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2240893
reference_id 2240893
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2240893
7
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AY642Z6JZODQJE7Z62CFREVUHEGCXGPD/
reference_id AY642Z6JZODQJE7Z62CFREVUHEGCXGPD
reference_type
scores
0
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-23T19:25:15Z/
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AY642Z6JZODQJE7Z62CFREVUHEGCXGPD/
8
reference_url https://www.debian.org/security/2023/dsa-5506
reference_id dsa-5506
reference_type
scores
0
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-23T19:25:15Z/
url https://www.debian.org/security/2023/dsa-5506
9
reference_url https://www.debian.org/security/2023/dsa-5513
reference_id dsa-5513
reference_type
scores
0
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-23T19:25:15Z/
url https://www.debian.org/security/2023/dsa-5513
10
reference_url https://security.gentoo.org/glsa/202402-25
reference_id GLSA-202402-25
reference_type
scores
url https://security.gentoo.org/glsa/202402-25
11
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2023-41
reference_id mfsa2023-41
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2023-41
12
reference_url https://www.mozilla.org/security/advisories/mfsa2023-41/
reference_id mfsa2023-41
reference_type
scores
0
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-23T19:25:15Z/
url https://www.mozilla.org/security/advisories/mfsa2023-41/
13
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2023-42
reference_id mfsa2023-42
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2023-42
14
reference_url https://www.mozilla.org/security/advisories/mfsa2023-42/
reference_id mfsa2023-42
reference_type
scores
0
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-23T19:25:15Z/
url https://www.mozilla.org/security/advisories/mfsa2023-42/
15
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2023-43
reference_id mfsa2023-43
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2023-43
16
reference_url https://www.mozilla.org/security/advisories/mfsa2023-43/
reference_id mfsa2023-43
reference_type
scores
0
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-23T19:25:15Z/
url https://www.mozilla.org/security/advisories/mfsa2023-43/
17
reference_url https://lists.debian.org/debian-lts-announce/2023/10/msg00015.html
reference_id msg00015.html
reference_type
scores
0
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-23T19:25:15Z/
url https://lists.debian.org/debian-lts-announce/2023/10/msg00015.html
18
reference_url https://lists.debian.org/debian-lts-announce/2023/09/msg00034.html
reference_id msg00034.html
reference_type
scores
0
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-23T19:25:15Z/
url https://lists.debian.org/debian-lts-announce/2023/09/msg00034.html
19
reference_url https://access.redhat.com/errata/RHSA-2023:5426
reference_id RHSA-2023:5426
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:5426
20
reference_url https://access.redhat.com/errata/RHSA-2023:5427
reference_id RHSA-2023:5427
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:5427
21
reference_url https://access.redhat.com/errata/RHSA-2023:5428
reference_id RHSA-2023:5428
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:5428
22
reference_url https://access.redhat.com/errata/RHSA-2023:5429
reference_id RHSA-2023:5429
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:5429
23
reference_url https://access.redhat.com/errata/RHSA-2023:5430
reference_id RHSA-2023:5430
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:5430
24
reference_url https://access.redhat.com/errata/RHSA-2023:5432
reference_id RHSA-2023:5432
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:5432
25
reference_url https://access.redhat.com/errata/RHSA-2023:5433
reference_id RHSA-2023:5433
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:5433
26
reference_url https://access.redhat.com/errata/RHSA-2023:5434
reference_id RHSA-2023:5434
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:5434
27
reference_url https://access.redhat.com/errata/RHSA-2023:5435
reference_id RHSA-2023:5435
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:5435
28
reference_url https://access.redhat.com/errata/RHSA-2023:5436
reference_id RHSA-2023:5436
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:5436
29
reference_url https://access.redhat.com/errata/RHSA-2023:5437
reference_id RHSA-2023:5437
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:5437
30
reference_url https://access.redhat.com/errata/RHSA-2023:5438
reference_id RHSA-2023:5438
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:5438
31
reference_url https://access.redhat.com/errata/RHSA-2023:5439
reference_id RHSA-2023:5439
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:5439
32
reference_url https://access.redhat.com/errata/RHSA-2023:5440
reference_id RHSA-2023:5440
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:5440
33
reference_url https://access.redhat.com/errata/RHSA-2023:5475
reference_id RHSA-2023:5475
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:5475
34
reference_url https://access.redhat.com/errata/RHSA-2023:5477
reference_id RHSA-2023:5477
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:5477
35
reference_url https://bugzilla.mozilla.org/show_bug.cgi?id=1846685
reference_id show_bug.cgi?id=1846685
reference_type
scores
0
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-23T19:25:15Z/
url https://bugzilla.mozilla.org/show_bug.cgi?id=1846685
36
reference_url https://usn.ubuntu.com/6404-1/
reference_id USN-6404-1
reference_type
scores
url https://usn.ubuntu.com/6404-1/
37
reference_url https://usn.ubuntu.com/6405-1/
reference_id USN-6405-1
reference_type
scores
url https://usn.ubuntu.com/6405-1/
fixed_packages
0
url pkg:apk/alpine/firefox-esr@115.3.0-r0?arch=x86&distroversion=v3.20&reponame=community
purl pkg:apk/alpine/firefox-esr@115.3.0-r0?arch=x86&distroversion=v3.20&reponame=community
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:apk/alpine/firefox-esr@115.3.0-r0%3Farch=x86&distroversion=v3.20&reponame=community
aliases CVE-2023-5169
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-emg3-zrwj-ffah
2
url VCID-km5q-hvb6-huct
vulnerability_id VCID-km5q-hvb6-huct
summary Memory safety bugs present in Firefox 117, Firefox ESR 115.2, and Thunderbird 115.2. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 118, Firefox ESR < 115.3, and Thunderbird < 115.3.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-5176.json
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-5176.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2023-5176
reference_id
reference_type
scores
0
value 0.00704
scoring_system epss
scoring_elements 0.72635
published_at 2026-06-12T12:55:00Z
1
value 0.00704
scoring_system epss
scoring_elements 0.72648
published_at 2026-06-14T12:55:00Z
2
value 0.00704
scoring_system epss
scoring_elements 0.7265
published_at 2026-06-13T12:55:00Z
3
value 0.00704
scoring_system epss
scoring_elements 0.72557
published_at 2026-06-11T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2023-5176
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-5169
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-5169
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-5171
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-5171
4
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-5176
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-5176
5
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-5217
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-5217
6
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2240896
reference_id 2240896
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2240896
7
reference_url https://bugzilla.mozilla.org/buglist.cgi?bug_id=1836353%2C1842674%2C1843824%2C1843962%2C1848890%2C1850180%2C1850983%2C1851195
reference_id buglist.cgi?bug_id=1836353%2C1842674%2C1843824%2C1843962%2C1848890%2C1850180%2C1850983%2C1851195
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-04-23T13:27:06Z/
url https://bugzilla.mozilla.org/buglist.cgi?bug_id=1836353%2C1842674%2C1843824%2C1843962%2C1848890%2C1850180%2C1850983%2C1851195
8
reference_url https://www.debian.org/security/2023/dsa-5506
reference_id dsa-5506
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-04-23T13:27:06Z/
url https://www.debian.org/security/2023/dsa-5506
9
reference_url https://www.debian.org/security/2023/dsa-5513
reference_id dsa-5513
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-04-23T13:27:06Z/
url https://www.debian.org/security/2023/dsa-5513
10
reference_url https://security.gentoo.org/glsa/202402-25
reference_id GLSA-202402-25
reference_type
scores
url https://security.gentoo.org/glsa/202402-25
11
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2023-41
reference_id mfsa2023-41
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2023-41
12
reference_url https://www.mozilla.org/security/advisories/mfsa2023-41/
reference_id mfsa2023-41
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-04-23T13:27:06Z/
url https://www.mozilla.org/security/advisories/mfsa2023-41/
13
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2023-42
reference_id mfsa2023-42
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2023-42
14
reference_url https://www.mozilla.org/security/advisories/mfsa2023-42/
reference_id mfsa2023-42
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-04-23T13:27:06Z/
url https://www.mozilla.org/security/advisories/mfsa2023-42/
15
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2023-43
reference_id mfsa2023-43
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2023-43
16
reference_url https://www.mozilla.org/security/advisories/mfsa2023-43/
reference_id mfsa2023-43
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-04-23T13:27:06Z/
url https://www.mozilla.org/security/advisories/mfsa2023-43/
17
reference_url https://lists.debian.org/debian-lts-announce/2023/10/msg00015.html
reference_id msg00015.html
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-04-23T13:27:06Z/
url https://lists.debian.org/debian-lts-announce/2023/10/msg00015.html
18
reference_url https://lists.debian.org/debian-lts-announce/2023/09/msg00034.html
reference_id msg00034.html
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-04-23T13:27:06Z/
url https://lists.debian.org/debian-lts-announce/2023/09/msg00034.html
19
reference_url https://access.redhat.com/errata/RHSA-2023:5426
reference_id RHSA-2023:5426
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:5426
20
reference_url https://access.redhat.com/errata/RHSA-2023:5427
reference_id RHSA-2023:5427
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:5427
21
reference_url https://access.redhat.com/errata/RHSA-2023:5428
reference_id RHSA-2023:5428
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:5428
22
reference_url https://access.redhat.com/errata/RHSA-2023:5429
reference_id RHSA-2023:5429
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:5429
23
reference_url https://access.redhat.com/errata/RHSA-2023:5430
reference_id RHSA-2023:5430
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:5430
24
reference_url https://access.redhat.com/errata/RHSA-2023:5432
reference_id RHSA-2023:5432
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:5432
25
reference_url https://access.redhat.com/errata/RHSA-2023:5433
reference_id RHSA-2023:5433
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:5433
26
reference_url https://access.redhat.com/errata/RHSA-2023:5434
reference_id RHSA-2023:5434
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:5434
27
reference_url https://access.redhat.com/errata/RHSA-2023:5435
reference_id RHSA-2023:5435
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:5435
28
reference_url https://access.redhat.com/errata/RHSA-2023:5436
reference_id RHSA-2023:5436
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:5436
29
reference_url https://access.redhat.com/errata/RHSA-2023:5437
reference_id RHSA-2023:5437
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:5437
30
reference_url https://access.redhat.com/errata/RHSA-2023:5438
reference_id RHSA-2023:5438
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:5438
31
reference_url https://access.redhat.com/errata/RHSA-2023:5439
reference_id RHSA-2023:5439
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:5439
32
reference_url https://access.redhat.com/errata/RHSA-2023:5440
reference_id RHSA-2023:5440
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:5440
33
reference_url https://access.redhat.com/errata/RHSA-2023:5475
reference_id RHSA-2023:5475
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:5475
34
reference_url https://access.redhat.com/errata/RHSA-2023:5477
reference_id RHSA-2023:5477
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:5477
35
reference_url https://usn.ubuntu.com/6404-1/
reference_id USN-6404-1
reference_type
scores
url https://usn.ubuntu.com/6404-1/
36
reference_url https://usn.ubuntu.com/6405-1/
reference_id USN-6405-1
reference_type
scores
url https://usn.ubuntu.com/6405-1/
fixed_packages
0
url pkg:apk/alpine/firefox-esr@115.3.0-r0?arch=x86&distroversion=v3.20&reponame=community
purl pkg:apk/alpine/firefox-esr@115.3.0-r0?arch=x86&distroversion=v3.20&reponame=community
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:apk/alpine/firefox-esr@115.3.0-r0%3Farch=x86&distroversion=v3.20&reponame=community
aliases CVE-2023-5176
risk_score 4.4
exploitability 0.5
weighted_severity 8.8
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-km5q-hvb6-huct
3
url VCID-r8g4-zz2s-sfh7
vulnerability_id VCID-r8g4-zz2s-sfh7
summary 
A compromised content process could have provided malicious data to `FilterNodeD2D1` resulting in an out-of-bounds write, leading to a potentially exploitable crash in a privileged process.
*This bug only affects Firefox on Windows. Other operating systems are unaffected.* This vulnerability affects Firefox < 118, Firefox ESR < 115.3, and Thunderbird < 115.3.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-5168.json
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-5168.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2023-5168
reference_id
reference_type
scores
0
value 0.00256
scoring_system epss
scoring_elements 0.49458
published_at 2026-06-14T12:55:00Z
1
value 0.00256
scoring_system epss
scoring_elements 0.49315
published_at 2026-06-11T12:55:00Z
2
value 0.00256
scoring_system epss
scoring_elements 0.49452
published_at 2026-06-12T12:55:00Z
3
value 0.00256
scoring_system epss
scoring_elements 0.4947
published_at 2026-06-13T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2023-5168
2
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2240892
reference_id 2240892
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2240892
3
reference_url https://security.gentoo.org/glsa/202402-25
reference_id GLSA-202402-25
reference_type
scores
url https://security.gentoo.org/glsa/202402-25
4
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2023-41
reference_id mfsa2023-41
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2023-41
5
reference_url https://www.mozilla.org/security/advisories/mfsa2023-41/
reference_id mfsa2023-41
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-04-23T13:27:10Z/
url https://www.mozilla.org/security/advisories/mfsa2023-41/
6
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2023-42
reference_id mfsa2023-42
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2023-42
7
reference_url https://www.mozilla.org/security/advisories/mfsa2023-42/
reference_id mfsa2023-42
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-04-23T13:27:10Z/
url https://www.mozilla.org/security/advisories/mfsa2023-42/
8
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2023-43
reference_id mfsa2023-43
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2023-43
9
reference_url https://www.mozilla.org/security/advisories/mfsa2023-43/
reference_id mfsa2023-43
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-04-23T13:27:10Z/
url https://www.mozilla.org/security/advisories/mfsa2023-43/
10
reference_url https://bugzilla.mozilla.org/show_bug.cgi?id=1846683
reference_id show_bug.cgi?id=1846683
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-04-23T13:27:10Z/
url https://bugzilla.mozilla.org/show_bug.cgi?id=1846683
fixed_packages
0
url pkg:apk/alpine/firefox-esr@115.3.0-r0?arch=x86&distroversion=v3.20&reponame=community
purl pkg:apk/alpine/firefox-esr@115.3.0-r0?arch=x86&distroversion=v3.20&reponame=community
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:apk/alpine/firefox-esr@115.3.0-r0%3Farch=x86&distroversion=v3.20&reponame=community
aliases CVE-2023-5168
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-r8g4-zz2s-sfh7
4
url VCID-rg51-rzun-u7aq
vulnerability_id VCID-rg51-rzun-u7aq
summary 
If Windows failed to duplicate a handle during process creation, the sandbox code may have inadvertently freed a pointer twice, resulting in a use-after-free and a potentially exploitable crash.
*This bug only affects Firefox on Windows when run in non-standard configurations (such as using `runas`). Other operating systems are unaffected.* This vulnerability affects Firefox < 118, Firefox ESR < 115.3, and Thunderbird < 115.3.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-5174.json
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-5174.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2023-5174
reference_id
reference_type
scores
0
value 0.00445
scoring_system epss
scoring_elements 0.63973
published_at 2026-06-14T12:55:00Z
1
value 0.00445
scoring_system epss
scoring_elements 0.63858
published_at 2026-06-11T12:55:00Z
2
value 0.00445
scoring_system epss
scoring_elements 0.63961
published_at 2026-06-12T12:55:00Z
3
value 0.00445
scoring_system epss
scoring_elements 0.63975
published_at 2026-06-13T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2023-5174
2
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2240895
reference_id 2240895
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2240895
3
reference_url https://security.gentoo.org/glsa/202402-25
reference_id GLSA-202402-25
reference_type
scores
url https://security.gentoo.org/glsa/202402-25
4
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2023-41
reference_id mfsa2023-41
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2023-41
5
reference_url https://www.mozilla.org/security/advisories/mfsa2023-41/
reference_id mfsa2023-41
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-04-23T13:27:08Z/
url https://www.mozilla.org/security/advisories/mfsa2023-41/
6
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2023-42
reference_id mfsa2023-42
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2023-42
7
reference_url https://www.mozilla.org/security/advisories/mfsa2023-42/
reference_id mfsa2023-42
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-04-23T13:27:08Z/
url https://www.mozilla.org/security/advisories/mfsa2023-42/
8
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2023-43
reference_id mfsa2023-43
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2023-43
9
reference_url https://www.mozilla.org/security/advisories/mfsa2023-43/
reference_id mfsa2023-43
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-04-23T13:27:08Z/
url https://www.mozilla.org/security/advisories/mfsa2023-43/
10
reference_url https://bugzilla.mozilla.org/show_bug.cgi?id=1848454
reference_id show_bug.cgi?id=1848454
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-04-23T13:27:08Z/
url https://bugzilla.mozilla.org/show_bug.cgi?id=1848454
fixed_packages
0
url pkg:apk/alpine/firefox-esr@115.3.0-r0?arch=x86&distroversion=v3.20&reponame=community
purl pkg:apk/alpine/firefox-esr@115.3.0-r0?arch=x86&distroversion=v3.20&reponame=community
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:apk/alpine/firefox-esr@115.3.0-r0%3Farch=x86&distroversion=v3.20&reponame=community
aliases CVE-2023-5174
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-rg51-rzun-u7aq
Risk_scorenull
Resource_urlhttp://public2.vulnerablecode.io/packages/pkg:apk/alpine/firefox-esr@115.3.0-r0%3Farch=x86&distroversion=v3.20&reponame=community