Django REST framework

Lookup for vulnerable packages by Package URL.

Purl pkg:apk/alpine/firefox@70.0-r0?arch=x86_64&distroversion=v3.18&reponame=community

Type apk

Namespace alpine

Name firefox

Version 70.0-r0

Qualifiers

arch	x86_64
distroversion	v3.18
reponame	community

Subpath

Is_vulnerable false

Next_non_vulnerable_version 71.0.1-r0

Latest_non_vulnerable_version 119.0-r0

Affected_by_vulnerabilities

Fixing_vulnerabilities

url VCID-1jrk-9n37-qfcv

vulnerability_id VCID-1jrk-9n37-qfcv

summary When following the value's prototype chain, it was possible to retain a reference to a locale, delete it, and subsequently reference it. This resulted in a use-after-free and a potentially exploitable crash.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-11757.json

reference_id

reference_type

scores

value	8.8
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-11757.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2019-11757

reference_id

reference_type

scores

value	0.00886
scoring_system	epss
scoring_elements	0.75848
published_at	2026-06-06T12:55:00Z

value	0.00886
scoring_system	epss
scoring_elements	0.75849
published_at	2026-06-05T12:55:00Z

value	0.00886
scoring_system	epss
scoring_elements	0.75822
published_at	2026-06-04T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2019-11757

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11755
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11755

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11757
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11757

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11759
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11759

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11760
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11760

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11761
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11761

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11762
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11762

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11763
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11763

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11764
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11764

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-15903
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-15903

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1764438
reference_id	1764438
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1764438

reference_url	https://security.archlinux.org/ASA-201910-15
reference_id	ASA-201910-15
reference_type
scores
url	https://security.archlinux.org/ASA-201910-15

reference_url	https://security.archlinux.org/ASA-201910-16
reference_id	ASA-201910-16
reference_type
scores
url	https://security.archlinux.org/ASA-201910-16

reference_url

https://security.archlinux.org/AVG-1054

reference_id

AVG-1054

reference_type

scores

value	Critical
scoring_system	archlinux
scoring_elements

url

https://security.archlinux.org/AVG-1054

reference_url

https://security.archlinux.org/AVG-1055

reference_id

AVG-1055

reference_type

scores

value	Critical
scoring_system	archlinux
scoring_elements

url

https://security.archlinux.org/AVG-1055

reference_url	https://security.gentoo.org/glsa/202003-10
reference_id	GLSA-202003-10
reference_type
scores
url	https://security.gentoo.org/glsa/202003-10

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2019-33

reference_id

mfsa2019-33

reference_type

scores

value	critical
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2019-33

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2019-34

reference_id

mfsa2019-34

reference_type

scores

value	critical
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2019-34

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2019-35

reference_id

mfsa2019-35

reference_type

scores

value	critical
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2019-35

reference_url	https://access.redhat.com/errata/RHSA-2019:3193
reference_id	RHSA-2019:3193
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2019:3193

reference_url	https://access.redhat.com/errata/RHSA-2019:3196
reference_id	RHSA-2019:3196
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2019:3196

reference_url	https://access.redhat.com/errata/RHSA-2019:3210
reference_id	RHSA-2019:3210
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2019:3210

reference_url	https://access.redhat.com/errata/RHSA-2019:3237
reference_id	RHSA-2019:3237
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2019:3237

reference_url	https://access.redhat.com/errata/RHSA-2019:3281
reference_id	RHSA-2019:3281
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2019:3281

reference_url	https://access.redhat.com/errata/RHSA-2019:3756
reference_id	RHSA-2019:3756
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2019:3756

fixed_packages

url	pkg:apk/alpine/firefox@70.0-r0?arch=x86_64&distroversion=v3.18&reponame=community
purl	pkg:apk/alpine/firefox@70.0-r0?arch=x86_64&distroversion=v3.18&reponame=community
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/firefox@70.0-r0%3Farch=x86_64&distroversion=v3.18&reponame=community

aliases CVE-2019-11757

risk_score 4.5

exploitability 0.5

weighted_severity 9.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-1jrk-9n37-qfcv

url VCID-b5fq-qdud-dfb9

vulnerability_id VCID-b5fq-qdud-dfb9

summary By using a form with a data URI it was possible to gain access to the privileged JSONView object that had been cloned into content. Impact from exposing this object appears to be minimal, however it was a bypass of existing defense in depth mechanisms.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-11761.json

reference_id

reference_type

scores

value	5.4
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-11761.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2019-11761

reference_id

reference_type

scores

value	0.00414
scoring_system	epss
scoring_elements	0.62009
published_at	2026-06-06T12:55:00Z

value	0.00414
scoring_system	epss
scoring_elements	0.62002
published_at	2026-06-05T12:55:00Z

value	0.00414
scoring_system	epss
scoring_elements	0.61952
published_at	2026-06-04T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2019-11761

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11755
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11755

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11757
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11757

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11759
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11759

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11760
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11760

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11761
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11761

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11762
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11762

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11763
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11763

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11764
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11764

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-15903
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-15903

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1764442
reference_id	1764442
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1764442

reference_url	https://security.archlinux.org/ASA-201910-15
reference_id	ASA-201910-15
reference_type
scores
url	https://security.archlinux.org/ASA-201910-15

reference_url	https://security.archlinux.org/ASA-201910-16
reference_id	ASA-201910-16
reference_type
scores
url	https://security.archlinux.org/ASA-201910-16

reference_url

https://security.archlinux.org/AVG-1054

reference_id

AVG-1054

reference_type

scores

value	Critical
scoring_system	archlinux
scoring_elements

url

https://security.archlinux.org/AVG-1054

reference_url

https://security.archlinux.org/AVG-1055

reference_id

AVG-1055

reference_type

scores

value	Critical
scoring_system	archlinux
scoring_elements

url

https://security.archlinux.org/AVG-1055

reference_url	https://security.gentoo.org/glsa/202003-10
reference_id	GLSA-202003-10
reference_type
scores
url	https://security.gentoo.org/glsa/202003-10

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2019-33

reference_id

mfsa2019-33

reference_type

scores

value	critical
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2019-33

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2019-34

reference_id

mfsa2019-34

reference_type

scores

value	critical
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2019-34

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2019-35

reference_id

mfsa2019-35

reference_type

scores

value	critical
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2019-35

reference_url	https://access.redhat.com/errata/RHSA-2019:3193
reference_id	RHSA-2019:3193
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2019:3193

reference_url	https://access.redhat.com/errata/RHSA-2019:3196
reference_id	RHSA-2019:3196
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2019:3196

reference_url	https://access.redhat.com/errata/RHSA-2019:3210
reference_id	RHSA-2019:3210
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2019:3210

reference_url	https://access.redhat.com/errata/RHSA-2019:3237
reference_id	RHSA-2019:3237
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2019:3237

reference_url	https://access.redhat.com/errata/RHSA-2019:3281
reference_id	RHSA-2019:3281
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2019:3281

reference_url	https://access.redhat.com/errata/RHSA-2019:3756
reference_id	RHSA-2019:3756
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2019:3756

fixed_packages

url	pkg:apk/alpine/firefox@70.0-r0?arch=x86_64&distroversion=v3.18&reponame=community
purl	pkg:apk/alpine/firefox@70.0-r0?arch=x86_64&distroversion=v3.18&reponame=community
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/firefox@70.0-r0%3Farch=x86_64&distroversion=v3.18&reponame=community

aliases CVE-2019-11761

risk_score 4.5

exploitability 0.5

weighted_severity 9.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-b5fq-qdud-dfb9

url VCID-bymc-339x-hqd2

vulnerability_id VCID-bymc-339x-hqd2

summary A fixed-size stack buffer could overflow in nrappkit when doing WebRTC signaling. This resulted in a potentially exploitable crash in some instances.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-11760.json

reference_id

reference_type

scores

value	8.8
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-11760.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2019-11760

reference_id

reference_type

scores

value	0.01271
scoring_system	epss
scoring_elements	0.79873
published_at	2026-06-06T12:55:00Z

value	0.01271
scoring_system	epss
scoring_elements	0.79867
published_at	2026-06-05T12:55:00Z

value	0.01271
scoring_system	epss
scoring_elements	0.79842
published_at	2026-06-04T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2019-11760

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11755
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11755

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11757
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11757

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11759
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11759

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11760
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11760

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11761
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11761

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11762
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11762

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11763
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11763

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11764
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11764

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-15903
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-15903

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1764441
reference_id	1764441
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1764441

reference_url	https://security.archlinux.org/ASA-201910-15
reference_id	ASA-201910-15
reference_type
scores
url	https://security.archlinux.org/ASA-201910-15

reference_url	https://security.archlinux.org/ASA-201910-16
reference_id	ASA-201910-16
reference_type
scores
url	https://security.archlinux.org/ASA-201910-16

reference_url

https://security.archlinux.org/AVG-1054

reference_id

AVG-1054

reference_type

scores

value	Critical
scoring_system	archlinux
scoring_elements

url

https://security.archlinux.org/AVG-1054

reference_url

https://security.archlinux.org/AVG-1055

reference_id

AVG-1055

reference_type

scores

value	Critical
scoring_system	archlinux
scoring_elements

url

https://security.archlinux.org/AVG-1055

reference_url	https://security.gentoo.org/glsa/202003-10
reference_id	GLSA-202003-10
reference_type
scores
url	https://security.gentoo.org/glsa/202003-10

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2019-33

reference_id

mfsa2019-33

reference_type

scores

value	critical
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2019-33

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2019-34

reference_id

mfsa2019-34

reference_type

scores

value	critical
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2019-34

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2019-35

reference_id

mfsa2019-35

reference_type

scores

value	critical
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2019-35

reference_url	https://access.redhat.com/errata/RHSA-2019:3193
reference_id	RHSA-2019:3193
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2019:3193

reference_url	https://access.redhat.com/errata/RHSA-2019:3196
reference_id	RHSA-2019:3196
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2019:3196

reference_url	https://access.redhat.com/errata/RHSA-2019:3210
reference_id	RHSA-2019:3210
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2019:3210

reference_url	https://access.redhat.com/errata/RHSA-2019:3237
reference_id	RHSA-2019:3237
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2019:3237

reference_url	https://access.redhat.com/errata/RHSA-2019:3281
reference_id	RHSA-2019:3281
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2019:3281

reference_url	https://access.redhat.com/errata/RHSA-2019:3756
reference_id	RHSA-2019:3756
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2019:3756

fixed_packages

url	pkg:apk/alpine/firefox@70.0-r0?arch=x86_64&distroversion=v3.18&reponame=community
purl	pkg:apk/alpine/firefox@70.0-r0?arch=x86_64&distroversion=v3.18&reponame=community
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/firefox@70.0-r0%3Farch=x86_64&distroversion=v3.18&reponame=community

aliases CVE-2019-11760

risk_score 4.5

exploitability 0.5

weighted_severity 9.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-bymc-339x-hqd2

url VCID-bznz-baya-hbbw

vulnerability_id VCID-bznz-baya-hbbw

summary Incorrect derivation of a packet length in WebRTC caused heap corruption via a crafted video file. This resulted in a potentially exploitable crash.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-6156.json

reference_id

reference_type

scores

value	8.8
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-6156.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2018-6156

reference_id

reference_type

scores

value	0.00471
scoring_system	epss
scoring_elements	0.64972
published_at	2026-06-04T12:55:00Z

value	0.00471
scoring_system	epss
scoring_elements	0.65015
published_at	2026-06-05T12:55:00Z

value	0.00471
scoring_system	epss
scoring_elements	0.65025
published_at	2026-06-06T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2018-6156

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16064
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16064

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-17460
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-17460

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-17461
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-17461

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-4117
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-4117

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-6150
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-6150

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-6151
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-6151

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-6152
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-6152

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-6153
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-6153

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-6154
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-6154

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-6155
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-6155

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-6156
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-6156

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-6157
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-6157

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-6158
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-6158

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-6159
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-6159

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-6161
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-6161

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-6162
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-6162

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-6163
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-6163

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-6164
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-6164

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-6165
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-6165

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-6166
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-6166

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-6167
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-6167

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-6168
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-6168

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-6169
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-6169

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-6170
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-6170

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-6171
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-6171

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-6172
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-6172

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-6173
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-6173

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-6174
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-6174

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-6175
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-6175

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-6176
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-6176

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-6177
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-6177

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-6178
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-6178

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-6179
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-6179

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1608180
reference_id	1608180
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1608180

reference_url	https://security.archlinux.org/ASA-201910-16
reference_id	ASA-201910-16
reference_type
scores
url	https://security.archlinux.org/ASA-201910-16

reference_url

https://security.archlinux.org/AVG-1055

reference_id

AVG-1055

reference_type

scores

value	Critical
scoring_system	archlinux
scoring_elements

url

https://security.archlinux.org/AVG-1055

reference_url	https://security.gentoo.org/glsa/201808-01
reference_id	GLSA-201808-01
reference_type
scores
url	https://security.gentoo.org/glsa/201808-01

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2019-34

reference_id

mfsa2019-34

reference_type

scores

value	critical
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2019-34

reference_url	https://access.redhat.com/errata/RHSA-2018:2282
reference_id	RHSA-2018:2282
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2018:2282

fixed_packages

url	pkg:apk/alpine/firefox@70.0-r0?arch=x86_64&distroversion=v3.18&reponame=community
purl	pkg:apk/alpine/firefox@70.0-r0?arch=x86_64&distroversion=v3.18&reponame=community
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/firefox@70.0-r0%3Farch=x86_64&distroversion=v3.18&reponame=community

aliases CVE-2018-6156

risk_score 4.5

exploitability 0.5

weighted_severity 9.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-bznz-baya-hbbw

url VCID-kx36-ey2t-bygw

vulnerability_id VCID-kx36-ey2t-bygw

summary An attacker could have caused 4 bytes of HMAC output to be written past the end of a buffer stored on the stack. This could be used by an attacker to execute arbitrary code or more likely lead to a crash.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-11759.json

reference_id

reference_type

scores

value	8.8
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-11759.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2019-11759

reference_id

reference_type

scores

value	0.0213
scoring_system	epss
scoring_elements	0.84514
published_at	2026-06-06T12:55:00Z

value	0.0213
scoring_system	epss
scoring_elements	0.84511
published_at	2026-06-05T12:55:00Z

value	0.0213
scoring_system	epss
scoring_elements	0.84487
published_at	2026-06-04T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2019-11759

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11755
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11755

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11757
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11757

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11759
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11759

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11760
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11760

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11761
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11761

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11762
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11762

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11763
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11763

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11764
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11764

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-15903
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-15903

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1764440
reference_id	1764440
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1764440

reference_url	https://security.archlinux.org/ASA-201910-15
reference_id	ASA-201910-15
reference_type
scores
url	https://security.archlinux.org/ASA-201910-15

reference_url	https://security.archlinux.org/ASA-201910-16
reference_id	ASA-201910-16
reference_type
scores
url	https://security.archlinux.org/ASA-201910-16

reference_url

https://security.archlinux.org/AVG-1054

reference_id

AVG-1054

reference_type

scores

value	Critical
scoring_system	archlinux
scoring_elements

url

https://security.archlinux.org/AVG-1054

reference_url

https://security.archlinux.org/AVG-1055

reference_id

AVG-1055

reference_type

scores

value	Critical
scoring_system	archlinux
scoring_elements

url

https://security.archlinux.org/AVG-1055

reference_url	https://security.gentoo.org/glsa/202003-10
reference_id	GLSA-202003-10
reference_type
scores
url	https://security.gentoo.org/glsa/202003-10

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2019-33

reference_id

mfsa2019-33

reference_type

scores

value	critical
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2019-33

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2019-34

reference_id

mfsa2019-34

reference_type

scores

value	critical
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2019-34

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2019-35

reference_id

mfsa2019-35

reference_type

scores

value	critical
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2019-35

reference_url	https://access.redhat.com/errata/RHSA-2019:3193
reference_id	RHSA-2019:3193
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2019:3193

reference_url	https://access.redhat.com/errata/RHSA-2019:3196
reference_id	RHSA-2019:3196
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2019:3196

reference_url	https://access.redhat.com/errata/RHSA-2019:3210
reference_id	RHSA-2019:3210
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2019:3210

reference_url	https://access.redhat.com/errata/RHSA-2019:3237
reference_id	RHSA-2019:3237
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2019:3237

reference_url	https://access.redhat.com/errata/RHSA-2019:3281
reference_id	RHSA-2019:3281
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2019:3281

reference_url	https://access.redhat.com/errata/RHSA-2019:3756
reference_id	RHSA-2019:3756
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2019:3756

fixed_packages

url	pkg:apk/alpine/firefox@70.0-r0?arch=x86_64&distroversion=v3.18&reponame=community
purl	pkg:apk/alpine/firefox@70.0-r0?arch=x86_64&distroversion=v3.18&reponame=community
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/firefox@70.0-r0%3Farch=x86_64&distroversion=v3.18&reponame=community

aliases CVE-2019-11759

risk_score 4.5

exploitability 0.5

weighted_severity 9.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-kx36-ey2t-bygw

url VCID-nnt4-kek2-w7dd

vulnerability_id VCID-nnt4-kek2-w7dd

summary Failure to correctly handle null bytes when processing HTML entities resulted in Firefox incorrectly parsing these entities. This could have led to HTML comment text being treated as HTML which could have led to XSS in a web application under certain conditions. It could have also led to HTML entities being masked from filters - enabling the use of entities to mask the actual characters of interest from filters.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-11763.json

reference_id

reference_type

scores

value	6.1
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-11763.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2019-11763

reference_id

reference_type

scores

value	0.00804
scoring_system	epss
scoring_elements	0.74509
published_at	2026-06-06T12:55:00Z

value	0.00804
scoring_system	epss
scoring_elements	0.74503
published_at	2026-06-05T12:55:00Z

value	0.00804
scoring_system	epss
scoring_elements	0.74471
published_at	2026-06-04T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2019-11763

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11755
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11755

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11757
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11757

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11759
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11759

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11760
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11760

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11761
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11761

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11762
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11762

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11763
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11763

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11764
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11764

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-15903
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-15903

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1764444
reference_id	1764444
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1764444

reference_url	https://security.archlinux.org/ASA-201910-15
reference_id	ASA-201910-15
reference_type
scores
url	https://security.archlinux.org/ASA-201910-15

reference_url	https://security.archlinux.org/ASA-201910-16
reference_id	ASA-201910-16
reference_type
scores
url	https://security.archlinux.org/ASA-201910-16

reference_url

https://security.archlinux.org/AVG-1054

reference_id

AVG-1054

reference_type

scores

value	Critical
scoring_system	archlinux
scoring_elements

url

https://security.archlinux.org/AVG-1054

reference_url

https://security.archlinux.org/AVG-1055

reference_id

AVG-1055

reference_type

scores

value	Critical
scoring_system	archlinux
scoring_elements

url

https://security.archlinux.org/AVG-1055

reference_url	https://security.gentoo.org/glsa/202003-10
reference_id	GLSA-202003-10
reference_type
scores
url	https://security.gentoo.org/glsa/202003-10

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2019-33

reference_id

mfsa2019-33

reference_type

scores

value	critical
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2019-33

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2019-34

reference_id

mfsa2019-34

reference_type

scores

value	critical
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2019-34

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2019-35

reference_id

mfsa2019-35

reference_type

scores

value	critical
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2019-35

reference_url	https://access.redhat.com/errata/RHSA-2019:3193
reference_id	RHSA-2019:3193
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2019:3193

reference_url	https://access.redhat.com/errata/RHSA-2019:3196
reference_id	RHSA-2019:3196
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2019:3196

reference_url	https://access.redhat.com/errata/RHSA-2019:3210
reference_id	RHSA-2019:3210
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2019:3210

reference_url	https://access.redhat.com/errata/RHSA-2019:3237
reference_id	RHSA-2019:3237
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2019:3237

reference_url	https://access.redhat.com/errata/RHSA-2019:3281
reference_id	RHSA-2019:3281
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2019:3281

reference_url	https://access.redhat.com/errata/RHSA-2019:3756
reference_id	RHSA-2019:3756
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2019:3756

fixed_packages

url	pkg:apk/alpine/firefox@70.0-r0?arch=x86_64&distroversion=v3.18&reponame=community
purl	pkg:apk/alpine/firefox@70.0-r0?arch=x86_64&distroversion=v3.18&reponame=community
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/firefox@70.0-r0%3Farch=x86_64&distroversion=v3.18&reponame=community

aliases CVE-2019-11763

risk_score 4.5

exploitability 0.5

weighted_severity 9.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-nnt4-kek2-w7dd

url VCID-ssve-9dr8-xfbc

vulnerability_id VCID-ssve-9dr8-xfbc

summary If upgrade-insecure-requests was specified in the Content Security Policy, and a link was dragged and dropped from that page, the link was not upgraded to https.

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2019-17002

reference_id

reference_type

scores

value	0.00186
scoring_system	epss
scoring_elements	0.40151
published_at	2026-06-04T12:55:00Z

value	0.00186
scoring_system	epss
scoring_elements	0.40234
published_at	2026-06-05T12:55:00Z

value	0.00186
scoring_system	epss
scoring_elements	0.40237
published_at	2026-06-06T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2019-17002

reference_url	https://security.archlinux.org/ASA-201910-16
reference_id	ASA-201910-16
reference_type
scores
url	https://security.archlinux.org/ASA-201910-16

reference_url

https://security.archlinux.org/AVG-1055

reference_id

AVG-1055

reference_type

scores

value	Critical
scoring_system	archlinux
scoring_elements

url

https://security.archlinux.org/AVG-1055

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2019-34

reference_id

mfsa2019-34

reference_type

scores

value	critical
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2019-34

fixed_packages

url	pkg:apk/alpine/firefox@70.0-r0?arch=x86_64&distroversion=v3.18&reponame=community
purl	pkg:apk/alpine/firefox@70.0-r0?arch=x86_64&distroversion=v3.18&reponame=community
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/firefox@70.0-r0%3Farch=x86_64&distroversion=v3.18&reponame=community

aliases CVE-2019-17002

risk_score 4.5

exploitability 0.5

weighted_severity 9.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-ssve-9dr8-xfbc

url VCID-ukhg-vp41-z3dr

vulnerability_id VCID-ukhg-vp41-z3dr

summary An object tag with a data URI did not correctly inherit the document's Content Security Policy. This allowed a CSP bypass in a cross-origin frame if the document's policy explicitly allowed data: URIs.

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2019-17000

reference_id

reference_type

scores

value	0.00163
scoring_system	epss
scoring_elements	0.37019
published_at	2026-06-04T12:55:00Z

value	0.00163
scoring_system	epss
scoring_elements	0.3711
published_at	2026-06-05T12:55:00Z

value	0.00163
scoring_system	epss
scoring_elements	0.37117
published_at	2026-06-06T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2019-17000

reference_url	https://security.archlinux.org/ASA-201910-16
reference_id	ASA-201910-16
reference_type
scores
url	https://security.archlinux.org/ASA-201910-16

reference_url

https://security.archlinux.org/AVG-1055

reference_id

AVG-1055

reference_type

scores

value	Critical
scoring_system	archlinux
scoring_elements

url

https://security.archlinux.org/AVG-1055

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2019-34

reference_id

mfsa2019-34

reference_type

scores

value	critical
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2019-34

fixed_packages

url	pkg:apk/alpine/firefox@70.0-r0?arch=x86_64&distroversion=v3.18&reponame=community
purl	pkg:apk/alpine/firefox@70.0-r0?arch=x86_64&distroversion=v3.18&reponame=community
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/firefox@70.0-r0%3Farch=x86_64&distroversion=v3.18&reponame=community

aliases CVE-2019-17000

risk_score 4.5

exploitability 0.5

weighted_severity 9.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-ukhg-vp41-z3dr

Risk_score null

Resource_url http://public2.vulnerablecode.io/packages/pkg:apk/alpine/firefox@70.0-r0%3Farch=x86_64&distroversion=v3.18&reponame=community

Package Instance