Django REST framework

Lookup for vulnerable packages by Package URL.

Purl pkg:rpm/redhat/thunderbird@102.8.0-2?arch=el9_1

Type rpm

Namespace redhat

Name thunderbird

Version 102.8.0-2

Qualifiers

arch	el9_1

Subpath

Is_vulnerable true

Next_non_vulnerable_version null

Latest_non_vulnerable_version null

Affected_by_vulnerabilities

url

VCID-2hsy-7yvg-27fb

vulnerability_id

VCID-2hsy-7yvg-27fb

summary

Module load requests that failed were not being checked as to whether or not they were cancelled causing a use-after-free in <code>ScriptLoadContext</code>. This vulnerability affects Firefox < 110, Thunderbird < 102.8, and Firefox ESR < 102.8.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-25739.json

reference_id

reference_type

scores

value	8.8
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-25739.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2023-25739

reference_id

reference_type

scores

value	0.00208
scoring_system	epss
scoring_elements	0.43412
published_at	2026-06-14T12:55:00Z

value	0.00208
scoring_system	epss
scoring_elements	0.43245
published_at	2026-06-11T12:55:00Z

value	0.00208
scoring_system	epss
scoring_elements	0.43401
published_at	2026-06-12T12:55:00Z

value	0.00208
scoring_system	epss
scoring_elements	0.43421
published_at	2026-06-13T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2023-25739

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-46871
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-46871

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-46877
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-46877

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0430
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0430

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0616
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0616

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0767
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0767

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-23598
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-23598

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-23601
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-23601

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-23602
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-23602

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-23603
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-23603

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-23605
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-23605

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25728
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25728

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25729
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25729

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25730
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25730

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25732
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25732

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25735
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25735

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25737
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25737

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25739
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25739

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25742
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25742

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25744
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25744

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25746
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25746

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2170381
reference_id	2170381
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2170381

reference_url	https://security.gentoo.org/glsa/202305-35
reference_id	GLSA-202305-35
reference_type
scores
url	https://security.gentoo.org/glsa/202305-35

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2023-05

reference_id

mfsa2023-05

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2023-05

reference_url

https://www.mozilla.org/security/advisories/mfsa2023-05/

reference_id

mfsa2023-05

reference_type

scores

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

value	Track*
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2025-01-09T20:05:46Z/

url

https://www.mozilla.org/security/advisories/mfsa2023-05/

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2023-06

reference_id

mfsa2023-06

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2023-06

reference_url

https://www.mozilla.org/security/advisories/mfsa2023-06/

reference_id

mfsa2023-06

reference_type

scores

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

value	Track*
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2025-01-09T20:05:46Z/

url

https://www.mozilla.org/security/advisories/mfsa2023-06/

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2023-07

reference_id

mfsa2023-07

reference_type

scores

value	low
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2023-07

reference_url

https://www.mozilla.org/security/advisories/mfsa2023-07/

reference_id

mfsa2023-07

reference_type

scores

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

value	Track*
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2025-01-09T20:05:46Z/

url

https://www.mozilla.org/security/advisories/mfsa2023-07/

reference_url	https://access.redhat.com/errata/RHSA-2023:0805
reference_id	RHSA-2023:0805
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:0805

reference_url	https://access.redhat.com/errata/RHSA-2023:0806
reference_id	RHSA-2023:0806
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:0806

reference_url	https://access.redhat.com/errata/RHSA-2023:0807
reference_id	RHSA-2023:0807
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:0807

reference_url	https://access.redhat.com/errata/RHSA-2023:0808
reference_id	RHSA-2023:0808
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:0808

reference_url	https://access.redhat.com/errata/RHSA-2023:0809
reference_id	RHSA-2023:0809
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:0809

reference_url	https://access.redhat.com/errata/RHSA-2023:0810
reference_id	RHSA-2023:0810
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:0810

reference_url	https://access.redhat.com/errata/RHSA-2023:0811
reference_id	RHSA-2023:0811
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:0811

reference_url	https://access.redhat.com/errata/RHSA-2023:0812
reference_id	RHSA-2023:0812
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:0812

reference_url	https://access.redhat.com/errata/RHSA-2023:0817
reference_id	RHSA-2023:0817
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:0817

reference_url	https://access.redhat.com/errata/RHSA-2023:0818
reference_id	RHSA-2023:0818
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:0818

reference_url	https://access.redhat.com/errata/RHSA-2023:0819
reference_id	RHSA-2023:0819
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:0819

reference_url	https://access.redhat.com/errata/RHSA-2023:0820
reference_id	RHSA-2023:0820
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:0820

reference_url	https://access.redhat.com/errata/RHSA-2023:0821
reference_id	RHSA-2023:0821
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:0821

reference_url	https://access.redhat.com/errata/RHSA-2023:0822
reference_id	RHSA-2023:0822
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:0822

reference_url	https://access.redhat.com/errata/RHSA-2023:0823
reference_id	RHSA-2023:0823
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:0823

reference_url	https://access.redhat.com/errata/RHSA-2023:0824
reference_id	RHSA-2023:0824
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:0824

reference_url

https://bugzilla.mozilla.org/show_bug.cgi?id=1811939

reference_id

show_bug.cgi?id=1811939

reference_type

scores

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

value	Track*
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2025-01-09T20:05:46Z/

url

https://bugzilla.mozilla.org/show_bug.cgi?id=1811939

reference_url	https://usn.ubuntu.com/5880-1/
reference_id	USN-5880-1
reference_type
scores
url	https://usn.ubuntu.com/5880-1/

reference_url	https://usn.ubuntu.com/5943-1/
reference_id	USN-5943-1
reference_type
scores
url	https://usn.ubuntu.com/5943-1/

reference_url	https://usn.ubuntu.com/6120-1/
reference_id	USN-6120-1
reference_type
scores
url	https://usn.ubuntu.com/6120-1/

fixed_packages

aliases

CVE-2023-25739

risk_score

4.0

exploitability

0.5

weighted_severity

8.0

resource_url

http://public2.vulnerablecode.io/vulnerabilities/VCID-2hsy-7yvg-27fb

url

VCID-2uhf-ar3k-4qdr

vulnerability_id

VCID-2uhf-ar3k-4qdr

summary

When importing a SPKI RSA public key as ECDSA P-256, the key would be handled incorrectly causing the tab to crash. This vulnerability affects Firefox < 110, Thunderbird < 102.8, and Firefox ESR < 102.8.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-25742.json

reference_id

reference_type

scores

value	4.3
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-25742.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2023-25742

reference_id

reference_type

scores

value	0.00124
scoring_system	epss
scoring_elements	0.31384
published_at	2026-06-12T12:55:00Z

value	0.00124
scoring_system	epss
scoring_elements	0.31383
published_at	2026-06-14T12:55:00Z

value	0.00124
scoring_system	epss
scoring_elements	0.31402
published_at	2026-06-13T12:55:00Z

value	0.00124
scoring_system	epss
scoring_elements	0.31191
published_at	2026-06-11T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2023-25742

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-46871
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-46871

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-46877
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-46877

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0430
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0430

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0616
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0616

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0767
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0767

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-23598
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-23598

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-23601
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-23601

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-23602
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-23602

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-23603
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-23603

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-23605
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-23605

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25728
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25728

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25729
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25729

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25730
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25730

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25732
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25732

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25735
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25735

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25737
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25737

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25739
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25739

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25742
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25742

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25744
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25744

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25746
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25746

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2170390
reference_id	2170390
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2170390

reference_url	https://security.gentoo.org/glsa/202305-35
reference_id	GLSA-202305-35
reference_type
scores
url	https://security.gentoo.org/glsa/202305-35

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2023-05

reference_id

mfsa2023-05

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2023-05

reference_url

https://www.mozilla.org/security/advisories/mfsa2023-05/

reference_id

mfsa2023-05

reference_type

scores

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-09T16:15:37Z/

url

https://www.mozilla.org/security/advisories/mfsa2023-05/

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2023-06

reference_id

mfsa2023-06

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2023-06

reference_url

https://www.mozilla.org/security/advisories/mfsa2023-06/

reference_id

mfsa2023-06

reference_type

scores

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-09T16:15:37Z/

url

https://www.mozilla.org/security/advisories/mfsa2023-06/

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2023-07

reference_id

mfsa2023-07

reference_type

scores

value	low
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2023-07

reference_url

https://www.mozilla.org/security/advisories/mfsa2023-07/

reference_id

mfsa2023-07

reference_type

scores

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-09T16:15:37Z/

url

https://www.mozilla.org/security/advisories/mfsa2023-07/

reference_url	https://access.redhat.com/errata/RHSA-2023:0805
reference_id	RHSA-2023:0805
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:0805

reference_url	https://access.redhat.com/errata/RHSA-2023:0806
reference_id	RHSA-2023:0806
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:0806

reference_url	https://access.redhat.com/errata/RHSA-2023:0807
reference_id	RHSA-2023:0807
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:0807

reference_url	https://access.redhat.com/errata/RHSA-2023:0808
reference_id	RHSA-2023:0808
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:0808

reference_url	https://access.redhat.com/errata/RHSA-2023:0809
reference_id	RHSA-2023:0809
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:0809

reference_url	https://access.redhat.com/errata/RHSA-2023:0810
reference_id	RHSA-2023:0810
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:0810

reference_url	https://access.redhat.com/errata/RHSA-2023:0811
reference_id	RHSA-2023:0811
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:0811

reference_url	https://access.redhat.com/errata/RHSA-2023:0812
reference_id	RHSA-2023:0812
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:0812

reference_url	https://access.redhat.com/errata/RHSA-2023:0817
reference_id	RHSA-2023:0817
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:0817

reference_url	https://access.redhat.com/errata/RHSA-2023:0818
reference_id	RHSA-2023:0818
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:0818

reference_url	https://access.redhat.com/errata/RHSA-2023:0819
reference_id	RHSA-2023:0819
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:0819

reference_url	https://access.redhat.com/errata/RHSA-2023:0820
reference_id	RHSA-2023:0820
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:0820

reference_url	https://access.redhat.com/errata/RHSA-2023:0821
reference_id	RHSA-2023:0821
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:0821

reference_url	https://access.redhat.com/errata/RHSA-2023:0822
reference_id	RHSA-2023:0822
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:0822

reference_url	https://access.redhat.com/errata/RHSA-2023:0823
reference_id	RHSA-2023:0823
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:0823

reference_url	https://access.redhat.com/errata/RHSA-2023:0824
reference_id	RHSA-2023:0824
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:0824

reference_url

https://bugzilla.mozilla.org/show_bug.cgi?id=1813424

reference_id

show_bug.cgi?id=1813424

reference_type

scores

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-09T16:15:37Z/

url

https://bugzilla.mozilla.org/show_bug.cgi?id=1813424

reference_url	https://usn.ubuntu.com/5880-1/
reference_id	USN-5880-1
reference_type
scores
url	https://usn.ubuntu.com/5880-1/

reference_url	https://usn.ubuntu.com/5943-1/
reference_id	USN-5943-1
reference_type
scores
url	https://usn.ubuntu.com/5943-1/

fixed_packages

aliases

CVE-2023-25742

risk_score

4.0

exploitability

0.5

weighted_severity

8.0

resource_url

http://public2.vulnerablecode.io/vulnerabilities/VCID-2uhf-ar3k-4qdr

url

VCID-5a3y-radv-j7e3

vulnerability_id

VCID-5a3y-radv-j7e3

summary

Memory safety bugs present in Firefox ESR 102.7. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Thunderbird < 102.8 and Firefox ESR < 102.8.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-25746.json

reference_id

reference_type

scores

value	8.8
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-25746.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2023-25746

reference_id

reference_type

scores

value	0.00145
scoring_system	epss
scoring_elements	0.34849
published_at	2026-06-14T12:55:00Z

value	0.00145
scoring_system	epss
scoring_elements	0.34666
published_at	2026-06-11T12:55:00Z

value	0.00145
scoring_system	epss
scoring_elements	0.34844
published_at	2026-06-12T12:55:00Z

value	0.00145
scoring_system	epss
scoring_elements	0.34868
published_at	2026-06-13T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2023-25746

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-46871
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-46871

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-46877
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-46877

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0430
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0430

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0616
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0616

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0767
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0767

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-23598
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-23598

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-23601
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-23601

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-23602
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-23602

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-23603
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-23603

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-23605
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-23605

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25728
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25728

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25729
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25729

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25730
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25730

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25732
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25732

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25735
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25735

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25737
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25737

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25739
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25739

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25742
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25742

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25744
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25744

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25746
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25746

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2170402
reference_id	2170402
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2170402

reference_url

https://bugzilla.mozilla.org/buglist.cgi?bug_id=1544127%2C1762368

reference_id

buglist.cgi?bug_id=1544127%2C1762368

reference_type

scores

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-01-09T19:10:21Z/

url

https://bugzilla.mozilla.org/buglist.cgi?bug_id=1544127%2C1762368

reference_url	https://security.gentoo.org/glsa/202305-35
reference_id	GLSA-202305-35
reference_type
scores
url	https://security.gentoo.org/glsa/202305-35

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2023-06

reference_id

mfsa2023-06

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2023-06

reference_url

https://www.mozilla.org/security/advisories/mfsa2023-06/

reference_id

mfsa2023-06

reference_type

scores

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-01-09T19:10:21Z/

url

https://www.mozilla.org/security/advisories/mfsa2023-06/

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2023-07

reference_id

mfsa2023-07

reference_type

scores

value	low
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2023-07

reference_url

https://www.mozilla.org/security/advisories/mfsa2023-07/

reference_id

mfsa2023-07

reference_type

scores

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-01-09T19:10:21Z/

url

https://www.mozilla.org/security/advisories/mfsa2023-07/

reference_url	https://access.redhat.com/errata/RHSA-2023:0805
reference_id	RHSA-2023:0805
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:0805

reference_url	https://access.redhat.com/errata/RHSA-2023:0806
reference_id	RHSA-2023:0806
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:0806

reference_url	https://access.redhat.com/errata/RHSA-2023:0807
reference_id	RHSA-2023:0807
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:0807

reference_url	https://access.redhat.com/errata/RHSA-2023:0808
reference_id	RHSA-2023:0808
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:0808

reference_url	https://access.redhat.com/errata/RHSA-2023:0809
reference_id	RHSA-2023:0809
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:0809

reference_url	https://access.redhat.com/errata/RHSA-2023:0810
reference_id	RHSA-2023:0810
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:0810

reference_url	https://access.redhat.com/errata/RHSA-2023:0811
reference_id	RHSA-2023:0811
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:0811

reference_url	https://access.redhat.com/errata/RHSA-2023:0812
reference_id	RHSA-2023:0812
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:0812

reference_url	https://access.redhat.com/errata/RHSA-2023:0817
reference_id	RHSA-2023:0817
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:0817

reference_url	https://access.redhat.com/errata/RHSA-2023:0818
reference_id	RHSA-2023:0818
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:0818

reference_url	https://access.redhat.com/errata/RHSA-2023:0819
reference_id	RHSA-2023:0819
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:0819

reference_url	https://access.redhat.com/errata/RHSA-2023:0820
reference_id	RHSA-2023:0820
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:0820

reference_url	https://access.redhat.com/errata/RHSA-2023:0821
reference_id	RHSA-2023:0821
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:0821

reference_url	https://access.redhat.com/errata/RHSA-2023:0822
reference_id	RHSA-2023:0822
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:0822

reference_url	https://access.redhat.com/errata/RHSA-2023:0823
reference_id	RHSA-2023:0823
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:0823

reference_url	https://access.redhat.com/errata/RHSA-2023:0824
reference_id	RHSA-2023:0824
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:0824

reference_url	https://usn.ubuntu.com/5943-1/
reference_id	USN-5943-1
reference_type
scores
url	https://usn.ubuntu.com/5943-1/

fixed_packages

aliases

CVE-2023-25746

risk_score

4.0

exploitability

0.5

weighted_severity

8.0

resource_url

http://public2.vulnerablecode.io/vulnerabilities/VCID-5a3y-radv-j7e3

url

VCID-78jx-q4zz-aba1

vulnerability_id

VCID-78jx-q4zz-aba1

summary

Mmemory safety bugs present in Firefox 109 and Firefox ESR 102.7. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 110 and Firefox ESR < 102.8.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-25744.json

reference_id

reference_type

scores

value	8.8
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-25744.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2023-25744

reference_id

reference_type

scores

value	0.00145
scoring_system	epss
scoring_elements	0.34849
published_at	2026-06-14T12:55:00Z

value	0.00145
scoring_system	epss
scoring_elements	0.34844
published_at	2026-06-12T12:55:00Z

value	0.00145
scoring_system	epss
scoring_elements	0.34666
published_at	2026-06-11T12:55:00Z

value	0.00145
scoring_system	epss
scoring_elements	0.34868
published_at	2026-06-13T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2023-25744

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-46871
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-46871

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-46877
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-46877

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0430
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0430

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0616
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0616

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0767
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0767

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-23598
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-23598

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-23601
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-23601

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-23602
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-23602

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-23603
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-23603

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-23605
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-23605

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25728
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25728

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25729
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25729

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25730
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25730

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25732
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25732

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25735
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25735

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25737
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25737

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25739
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25739

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25742
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25742

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25744
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25744

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25746
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25746

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2170391
reference_id	2170391
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2170391

reference_url

https://bugzilla.mozilla.org/buglist.cgi?bug_id=1789449%2C1803628%2C1810536

reference_id

buglist.cgi?bug_id=1789449%2C1803628%2C1810536

reference_type

scores

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-01-09T16:10:45Z/

url

https://bugzilla.mozilla.org/buglist.cgi?bug_id=1789449%2C1803628%2C1810536

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2023-05

reference_id

mfsa2023-05

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2023-05

reference_url

https://www.mozilla.org/security/advisories/mfsa2023-05/

reference_id

mfsa2023-05

reference_type

scores

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-01-09T16:10:45Z/

url

https://www.mozilla.org/security/advisories/mfsa2023-05/

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2023-06

reference_id

mfsa2023-06

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2023-06

reference_url

https://www.mozilla.org/security/advisories/mfsa2023-06/

reference_id

mfsa2023-06

reference_type

scores

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-01-09T16:10:45Z/

url

https://www.mozilla.org/security/advisories/mfsa2023-06/

reference_url	https://access.redhat.com/errata/RHSA-2023:0805
reference_id	RHSA-2023:0805
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:0805

reference_url	https://access.redhat.com/errata/RHSA-2023:0806
reference_id	RHSA-2023:0806
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:0806

reference_url	https://access.redhat.com/errata/RHSA-2023:0807
reference_id	RHSA-2023:0807
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:0807

reference_url	https://access.redhat.com/errata/RHSA-2023:0808
reference_id	RHSA-2023:0808
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:0808

reference_url	https://access.redhat.com/errata/RHSA-2023:0809
reference_id	RHSA-2023:0809
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:0809

reference_url	https://access.redhat.com/errata/RHSA-2023:0810
reference_id	RHSA-2023:0810
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:0810

reference_url	https://access.redhat.com/errata/RHSA-2023:0811
reference_id	RHSA-2023:0811
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:0811

reference_url	https://access.redhat.com/errata/RHSA-2023:0812
reference_id	RHSA-2023:0812
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:0812

reference_url	https://access.redhat.com/errata/RHSA-2023:0817
reference_id	RHSA-2023:0817
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:0817

reference_url	https://access.redhat.com/errata/RHSA-2023:0818
reference_id	RHSA-2023:0818
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:0818

reference_url	https://access.redhat.com/errata/RHSA-2023:0819
reference_id	RHSA-2023:0819
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:0819

reference_url	https://access.redhat.com/errata/RHSA-2023:0820
reference_id	RHSA-2023:0820
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:0820

reference_url	https://access.redhat.com/errata/RHSA-2023:0821
reference_id	RHSA-2023:0821
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:0821

reference_url	https://access.redhat.com/errata/RHSA-2023:0822
reference_id	RHSA-2023:0822
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:0822

reference_url	https://access.redhat.com/errata/RHSA-2023:0823
reference_id	RHSA-2023:0823
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:0823

reference_url	https://access.redhat.com/errata/RHSA-2023:0824
reference_id	RHSA-2023:0824
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:0824

reference_url	https://usn.ubuntu.com/5880-1/
reference_id	USN-5880-1
reference_type
scores
url	https://usn.ubuntu.com/5880-1/

fixed_packages

aliases

CVE-2023-25744

risk_score

4.0

exploitability

0.5

weighted_severity

8.0

resource_url

http://public2.vulnerablecode.io/vulnerabilities/VCID-78jx-q4zz-aba1

url

VCID-akxy-w512-qqe9

vulnerability_id

VCID-akxy-w512-qqe9

summary

The <code>Content-Security-Policy-Report-Only</code> header could allow an attacker to leak a child iframe's unredacted URI when interaction with that iframe triggers a redirect. This vulnerability affects Firefox < 110, Thunderbird < 102.8, and Firefox ESR < 102.8.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-25728.json

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-25728.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2023-25728

reference_id

reference_type

scores

value	0.00201
scoring_system	epss
scoring_elements	0.42322
published_at	2026-06-14T12:55:00Z

value	0.00201
scoring_system	epss
scoring_elements	0.42146
published_at	2026-06-11T12:55:00Z

value	0.00201
scoring_system	epss
scoring_elements	0.42311
published_at	2026-06-12T12:55:00Z

value	0.00201
scoring_system	epss
scoring_elements	0.42333
published_at	2026-06-13T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2023-25728

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-46871
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-46871

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-46877
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-46877

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0430
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0430

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0616
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0616

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0767
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0767

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-23598
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-23598

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-23601
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-23601

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-23602
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-23602

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-23603
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-23603

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-23605
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-23605

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25728
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25728

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25729
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25729

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25730
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25730

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25732
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25732

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25735
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25735

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25737
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25737

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25739
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25739

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25742
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25742

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25744
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25744

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25746
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25746

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2170374
reference_id	2170374
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2170374

reference_url	https://security.gentoo.org/glsa/202305-35
reference_id	GLSA-202305-35
reference_type
scores
url	https://security.gentoo.org/glsa/202305-35

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2023-05

reference_id

mfsa2023-05

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2023-05

reference_url

https://www.mozilla.org/security/advisories/mfsa2023-05/

reference_id

mfsa2023-05

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-10T17:40:01Z/

url

https://www.mozilla.org/security/advisories/mfsa2023-05/

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2023-06

reference_id

mfsa2023-06

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2023-06

reference_url

https://www.mozilla.org/security/advisories/mfsa2023-06/

reference_id

mfsa2023-06

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-10T17:40:01Z/

url

https://www.mozilla.org/security/advisories/mfsa2023-06/

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2023-07

reference_id

mfsa2023-07

reference_type

scores

value	low
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2023-07

reference_url

https://www.mozilla.org/security/advisories/mfsa2023-07/

reference_id

mfsa2023-07

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-10T17:40:01Z/

url

https://www.mozilla.org/security/advisories/mfsa2023-07/

reference_url	https://access.redhat.com/errata/RHSA-2023:0805
reference_id	RHSA-2023:0805
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:0805

reference_url	https://access.redhat.com/errata/RHSA-2023:0806
reference_id	RHSA-2023:0806
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:0806

reference_url	https://access.redhat.com/errata/RHSA-2023:0807
reference_id	RHSA-2023:0807
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:0807

reference_url	https://access.redhat.com/errata/RHSA-2023:0808
reference_id	RHSA-2023:0808
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:0808

reference_url	https://access.redhat.com/errata/RHSA-2023:0809
reference_id	RHSA-2023:0809
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:0809

reference_url	https://access.redhat.com/errata/RHSA-2023:0810
reference_id	RHSA-2023:0810
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:0810

reference_url	https://access.redhat.com/errata/RHSA-2023:0811
reference_id	RHSA-2023:0811
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:0811

reference_url	https://access.redhat.com/errata/RHSA-2023:0812
reference_id	RHSA-2023:0812
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:0812

reference_url	https://access.redhat.com/errata/RHSA-2023:0817
reference_id	RHSA-2023:0817
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:0817

reference_url	https://access.redhat.com/errata/RHSA-2023:0818
reference_id	RHSA-2023:0818
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:0818

reference_url	https://access.redhat.com/errata/RHSA-2023:0819
reference_id	RHSA-2023:0819
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:0819

reference_url	https://access.redhat.com/errata/RHSA-2023:0820
reference_id	RHSA-2023:0820
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:0820

reference_url	https://access.redhat.com/errata/RHSA-2023:0821
reference_id	RHSA-2023:0821
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:0821

reference_url	https://access.redhat.com/errata/RHSA-2023:0822
reference_id	RHSA-2023:0822
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:0822

reference_url	https://access.redhat.com/errata/RHSA-2023:0823
reference_id	RHSA-2023:0823
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:0823

reference_url	https://access.redhat.com/errata/RHSA-2023:0824
reference_id	RHSA-2023:0824
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:0824

reference_url

https://bugzilla.mozilla.org/show_bug.cgi?id=1790345

reference_id

show_bug.cgi?id=1790345

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-10T17:40:01Z/

url

https://bugzilla.mozilla.org/show_bug.cgi?id=1790345

reference_url	https://usn.ubuntu.com/5880-1/
reference_id	USN-5880-1
reference_type
scores
url	https://usn.ubuntu.com/5880-1/

reference_url	https://usn.ubuntu.com/5943-1/
reference_id	USN-5943-1
reference_type
scores
url	https://usn.ubuntu.com/5943-1/

fixed_packages

aliases

CVE-2023-25728

risk_score

4.0

exploitability

0.5

weighted_severity

8.0

resource_url

http://public2.vulnerablecode.io/vulnerabilities/VCID-akxy-w512-qqe9

url

VCID-cjyk-amwj-7kf7

vulnerability_id

VCID-cjyk-amwj-7kf7

summary

An invalid downcast from <code>nsTextNode</code> to <code>SVGElement</code> could have lead to undefined behavior. This vulnerability affects Firefox < 110, Thunderbird < 102.8, and Firefox ESR < 102.8.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-25737.json

reference_id

reference_type

scores

value	8.8
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-25737.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2023-25737

reference_id

reference_type

scores

value	0.00172
scoring_system	epss
scoring_elements	0.38446
published_at	2026-06-14T12:55:00Z

value	0.00172
scoring_system	epss
scoring_elements	0.3826
published_at	2026-06-11T12:55:00Z

value	0.00172
scoring_system	epss
scoring_elements	0.38434
published_at	2026-06-12T12:55:00Z

value	0.00172
scoring_system	epss
scoring_elements	0.38457
published_at	2026-06-13T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2023-25737

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-46871
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-46871

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-46877
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-46877

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0430
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0430

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0616
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0616

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0767
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0767

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-23598
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-23598

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-23601
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-23601

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-23602
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-23602

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-23603
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-23603

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-23605
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-23605

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25728
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25728

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25729
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25729

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25730
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25730

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25732
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25732

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25735
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25735

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25737
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25737

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25739
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25739

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25742
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25742

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25744
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25744

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25746
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25746

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2170379
reference_id	2170379
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2170379

reference_url	https://security.gentoo.org/glsa/202305-35
reference_id	GLSA-202305-35
reference_type
scores
url	https://security.gentoo.org/glsa/202305-35

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2023-05

reference_id

mfsa2023-05

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2023-05

reference_url

https://www.mozilla.org/security/advisories/mfsa2023-05/

reference_id

mfsa2023-05

reference_type

scores

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

value	Track*
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2025-01-09T20:10:49Z/

url

https://www.mozilla.org/security/advisories/mfsa2023-05/

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2023-06

reference_id

mfsa2023-06

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2023-06

reference_url

https://www.mozilla.org/security/advisories/mfsa2023-06/

reference_id

mfsa2023-06

reference_type

scores

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

value	Track*
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2025-01-09T20:10:49Z/

url

https://www.mozilla.org/security/advisories/mfsa2023-06/

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2023-07

reference_id

mfsa2023-07

reference_type

scores

value	low
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2023-07

reference_url

https://www.mozilla.org/security/advisories/mfsa2023-07/

reference_id

mfsa2023-07

reference_type

scores

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

value	Track*
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2025-01-09T20:10:49Z/

url

https://www.mozilla.org/security/advisories/mfsa2023-07/

reference_url	https://access.redhat.com/errata/RHSA-2023:0805
reference_id	RHSA-2023:0805
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:0805

reference_url	https://access.redhat.com/errata/RHSA-2023:0806
reference_id	RHSA-2023:0806
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:0806

reference_url	https://access.redhat.com/errata/RHSA-2023:0807
reference_id	RHSA-2023:0807
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:0807

reference_url	https://access.redhat.com/errata/RHSA-2023:0808
reference_id	RHSA-2023:0808
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:0808

reference_url	https://access.redhat.com/errata/RHSA-2023:0809
reference_id	RHSA-2023:0809
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:0809

reference_url	https://access.redhat.com/errata/RHSA-2023:0810
reference_id	RHSA-2023:0810
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:0810

reference_url	https://access.redhat.com/errata/RHSA-2023:0811
reference_id	RHSA-2023:0811
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:0811

reference_url	https://access.redhat.com/errata/RHSA-2023:0812
reference_id	RHSA-2023:0812
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:0812

reference_url	https://access.redhat.com/errata/RHSA-2023:0817
reference_id	RHSA-2023:0817
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:0817

reference_url	https://access.redhat.com/errata/RHSA-2023:0818
reference_id	RHSA-2023:0818
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:0818

reference_url	https://access.redhat.com/errata/RHSA-2023:0819
reference_id	RHSA-2023:0819
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:0819

reference_url	https://access.redhat.com/errata/RHSA-2023:0820
reference_id	RHSA-2023:0820
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:0820

reference_url	https://access.redhat.com/errata/RHSA-2023:0821
reference_id	RHSA-2023:0821
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:0821

reference_url	https://access.redhat.com/errata/RHSA-2023:0822
reference_id	RHSA-2023:0822
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:0822

reference_url	https://access.redhat.com/errata/RHSA-2023:0823
reference_id	RHSA-2023:0823
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:0823

reference_url	https://access.redhat.com/errata/RHSA-2023:0824
reference_id	RHSA-2023:0824
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:0824

reference_url

https://bugzilla.mozilla.org/show_bug.cgi?id=1811464

reference_id

show_bug.cgi?id=1811464

reference_type

scores

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

value	Track*
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2025-01-09T20:10:49Z/

url

https://bugzilla.mozilla.org/show_bug.cgi?id=1811464

reference_url	https://usn.ubuntu.com/5880-1/
reference_id	USN-5880-1
reference_type
scores
url	https://usn.ubuntu.com/5880-1/

reference_url	https://usn.ubuntu.com/5943-1/
reference_id	USN-5943-1
reference_type
scores
url	https://usn.ubuntu.com/5943-1/

fixed_packages

aliases

CVE-2023-25737

risk_score

4.0

exploitability

0.5

weighted_severity

8.0

resource_url

http://public2.vulnerablecode.io/vulnerabilities/VCID-cjyk-amwj-7kf7

url

VCID-mqd7-aqzz-9kbt

vulnerability_id

VCID-mqd7-aqzz-9kbt

summary

Cross-compartment wrappers wrapping a scripted proxy could have caused objects from other compartments to be stored in the main compartment resulting in a use-after-free after unwrapping the proxy. This vulnerability affects Firefox < 110, Thunderbird < 102.8, and Firefox ESR < 102.8.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-25735.json

reference_id

reference_type

scores

value	8.8
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-25735.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2023-25735

reference_id

reference_type

scores

value	0.00166
scoring_system	epss
scoring_elements	0.37654
published_at	2026-06-14T12:55:00Z

value	0.00166
scoring_system	epss
scoring_elements	0.37466
published_at	2026-06-11T12:55:00Z

value	0.00166
scoring_system	epss
scoring_elements	0.37643
published_at	2026-06-12T12:55:00Z

value	0.00166
scoring_system	epss
scoring_elements	0.37667
published_at	2026-06-13T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2023-25735

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-46871
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-46871

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-46877
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-46877

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0430
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0430

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0616
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0616

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0767
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0767

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-23598
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-23598

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-23601
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-23601

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-23602
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-23602

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-23603
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-23603

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-23605
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-23605

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25728
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25728

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25729
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25729

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25730
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25730

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25732
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25732

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25735
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25735

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25737
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25737

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25739
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25739

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25742
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25742

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25744
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25744

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25746
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25746

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2170378
reference_id	2170378
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2170378

reference_url	https://security.gentoo.org/glsa/202305-35
reference_id	GLSA-202305-35
reference_type
scores
url	https://security.gentoo.org/glsa/202305-35

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2023-05

reference_id

mfsa2023-05

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2023-05

reference_url

https://www.mozilla.org/security/advisories/mfsa2023-05/

reference_id

mfsa2023-05

reference_type

scores

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

value	Track*
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2025-01-09T20:59:20Z/

url

https://www.mozilla.org/security/advisories/mfsa2023-05/

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2023-06

reference_id

mfsa2023-06

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2023-06

reference_url

https://www.mozilla.org/security/advisories/mfsa2023-06/

reference_id

mfsa2023-06

reference_type

scores

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

value	Track*
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2025-01-09T20:59:20Z/

url

https://www.mozilla.org/security/advisories/mfsa2023-06/

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2023-07

reference_id

mfsa2023-07

reference_type

scores

value	low
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2023-07

reference_url

https://www.mozilla.org/security/advisories/mfsa2023-07/

reference_id

mfsa2023-07

reference_type

scores

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

value	Track*
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2025-01-09T20:59:20Z/

url

https://www.mozilla.org/security/advisories/mfsa2023-07/

reference_url	https://access.redhat.com/errata/RHSA-2023:0805
reference_id	RHSA-2023:0805
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:0805

reference_url	https://access.redhat.com/errata/RHSA-2023:0806
reference_id	RHSA-2023:0806
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:0806

reference_url	https://access.redhat.com/errata/RHSA-2023:0807
reference_id	RHSA-2023:0807
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:0807

reference_url	https://access.redhat.com/errata/RHSA-2023:0808
reference_id	RHSA-2023:0808
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:0808

reference_url	https://access.redhat.com/errata/RHSA-2023:0809
reference_id	RHSA-2023:0809
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:0809

reference_url	https://access.redhat.com/errata/RHSA-2023:0810
reference_id	RHSA-2023:0810
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:0810

reference_url	https://access.redhat.com/errata/RHSA-2023:0811
reference_id	RHSA-2023:0811
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:0811

reference_url	https://access.redhat.com/errata/RHSA-2023:0812
reference_id	RHSA-2023:0812
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:0812

reference_url	https://access.redhat.com/errata/RHSA-2023:0817
reference_id	RHSA-2023:0817
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:0817

reference_url	https://access.redhat.com/errata/RHSA-2023:0818
reference_id	RHSA-2023:0818
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:0818

reference_url	https://access.redhat.com/errata/RHSA-2023:0819
reference_id	RHSA-2023:0819
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:0819

reference_url	https://access.redhat.com/errata/RHSA-2023:0820
reference_id	RHSA-2023:0820
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:0820

reference_url	https://access.redhat.com/errata/RHSA-2023:0821
reference_id	RHSA-2023:0821
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:0821

reference_url	https://access.redhat.com/errata/RHSA-2023:0822
reference_id	RHSA-2023:0822
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:0822

reference_url	https://access.redhat.com/errata/RHSA-2023:0823
reference_id	RHSA-2023:0823
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:0823

reference_url	https://access.redhat.com/errata/RHSA-2023:0824
reference_id	RHSA-2023:0824
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:0824

reference_url

https://bugzilla.mozilla.org/show_bug.cgi?id=1810711

reference_id

show_bug.cgi?id=1810711

reference_type

scores

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

value	Track*
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2025-01-09T20:59:20Z/

url

https://bugzilla.mozilla.org/show_bug.cgi?id=1810711

reference_url	https://usn.ubuntu.com/5880-1/
reference_id	USN-5880-1
reference_type
scores
url	https://usn.ubuntu.com/5880-1/

reference_url	https://usn.ubuntu.com/5943-1/
reference_id	USN-5943-1
reference_type
scores
url	https://usn.ubuntu.com/5943-1/

reference_url	https://usn.ubuntu.com/6120-1/
reference_id	USN-6120-1
reference_type
scores
url	https://usn.ubuntu.com/6120-1/

fixed_packages

aliases

CVE-2023-25735

risk_score

4.0

exploitability

0.5

weighted_severity

8.0

resource_url

http://public2.vulnerablecode.io/vulnerabilities/VCID-mqd7-aqzz-9kbt

url

VCID-pwn9-e1hx-aybg

vulnerability_id

VCID-pwn9-e1hx-aybg

summary

A lack of in app notification for entering fullscreen mode could have lead to a malicious website spoofing browser chrome.<br>*This bug only affects Firefox Focus. Other versions of Firefox are unaffected.*. This vulnerability affects Firefox < 110 and Firefox ESR < 102.8.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-25743.json

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-25743.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2023-25743

reference_id

reference_type

scores

value	0.00084
scoring_system	epss
scoring_elements	0.24714
published_at	2026-06-14T12:55:00Z

value	0.00084
scoring_system	epss
scoring_elements	0.24522
published_at	2026-06-11T12:55:00Z

value	0.00084
scoring_system	epss
scoring_elements	0.24718
published_at	2026-06-12T12:55:00Z

value	0.00084
scoring_system	epss
scoring_elements	0.24729
published_at	2026-06-13T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2023-25743

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2170376
reference_id	2170376
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2170376

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2023-05

reference_id

mfsa2023-05

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2023-05

reference_url

https://www.mozilla.org/security/advisories/mfsa2023-05/

reference_id

mfsa2023-05

reference_type

scores

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-01-09T16:12:53Z/

url

https://www.mozilla.org/security/advisories/mfsa2023-05/

reference_url

https://www.mozilla.org/security/advisories/mfsa2023-06/

reference_id

mfsa2023-06

reference_type

scores

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-01-09T16:12:53Z/

url

https://www.mozilla.org/security/advisories/mfsa2023-06/

reference_url	https://access.redhat.com/errata/RHSA-2023:0805
reference_id	RHSA-2023:0805
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:0805

reference_url	https://access.redhat.com/errata/RHSA-2023:0806
reference_id	RHSA-2023:0806
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:0806

reference_url	https://access.redhat.com/errata/RHSA-2023:0807
reference_id	RHSA-2023:0807
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:0807

reference_url	https://access.redhat.com/errata/RHSA-2023:0808
reference_id	RHSA-2023:0808
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:0808

reference_url	https://access.redhat.com/errata/RHSA-2023:0809
reference_id	RHSA-2023:0809
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:0809

reference_url	https://access.redhat.com/errata/RHSA-2023:0810
reference_id	RHSA-2023:0810
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:0810

reference_url	https://access.redhat.com/errata/RHSA-2023:0811
reference_id	RHSA-2023:0811
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:0811

reference_url	https://access.redhat.com/errata/RHSA-2023:0812
reference_id	RHSA-2023:0812
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:0812

reference_url	https://access.redhat.com/errata/RHSA-2023:0817
reference_id	RHSA-2023:0817
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:0817

reference_url	https://access.redhat.com/errata/RHSA-2023:0818
reference_id	RHSA-2023:0818
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:0818

reference_url	https://access.redhat.com/errata/RHSA-2023:0819
reference_id	RHSA-2023:0819
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:0819

reference_url	https://access.redhat.com/errata/RHSA-2023:0820
reference_id	RHSA-2023:0820
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:0820

reference_url	https://access.redhat.com/errata/RHSA-2023:0821
reference_id	RHSA-2023:0821
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:0821

reference_url	https://access.redhat.com/errata/RHSA-2023:0822
reference_id	RHSA-2023:0822
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:0822

reference_url	https://access.redhat.com/errata/RHSA-2023:0823
reference_id	RHSA-2023:0823
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:0823

reference_url	https://access.redhat.com/errata/RHSA-2023:0824
reference_id	RHSA-2023:0824
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:0824

reference_url

https://bugzilla.mozilla.org/show_bug.cgi?id=1800203

reference_id

show_bug.cgi?id=1800203

reference_type

scores

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-01-09T16:12:53Z/

url

https://bugzilla.mozilla.org/show_bug.cgi?id=1800203

fixed_packages

aliases

CVE-2023-25743

risk_score

4.0

exploitability

0.5

weighted_severity

8.0

resource_url

http://public2.vulnerablecode.io/vulnerabilities/VCID-pwn9-e1hx-aybg

url

VCID-ruvd-z97u-xfbf

vulnerability_id

VCID-ruvd-z97u-xfbf

summary

Permission prompts for opening external schemes were only shown for <code>ContentPrincipals</code> resulting in extensions being able to open them without user interaction via <code>ExpandedPrincipals</code>. This could lead to further malicious actions such as downloading files or interacting with software already installed on the system. This vulnerability affects Firefox < 110, Thunderbird < 102.8, and Firefox ESR < 102.8.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-25729.json

reference_id

reference_type

scores

value	8.8
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-25729.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2023-25729

reference_id

reference_type

scores

value	0.00124
scoring_system	epss
scoring_elements	0.31285
published_at	2026-06-14T12:55:00Z

value	0.00124
scoring_system	epss
scoring_elements	0.31094
published_at	2026-06-11T12:55:00Z

value	0.00124
scoring_system	epss
scoring_elements	0.31289
published_at	2026-06-12T12:55:00Z

value	0.00124
scoring_system	epss
scoring_elements	0.31303
published_at	2026-06-13T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2023-25729

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-46871
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-46871

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-46877
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-46877

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0430
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0430

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0616
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0616

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0767
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0767

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-23598
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-23598

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-23601
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-23601

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-23602
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-23602

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-23603
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-23603

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-23605
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-23605

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25728
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25728

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25729
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25729

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25730
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25730

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25732
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25732

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25735
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25735

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25737
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25737

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25739
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25739

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25742
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25742

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25744
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25744

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25746
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25746

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2170382
reference_id	2170382
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2170382

reference_url	https://security.gentoo.org/glsa/202305-35
reference_id	GLSA-202305-35
reference_type
scores
url	https://security.gentoo.org/glsa/202305-35

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2023-05

reference_id

mfsa2023-05

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2023-05

reference_url

https://www.mozilla.org/security/advisories/mfsa2023-05/

reference_id

mfsa2023-05

reference_type

scores

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

value	Track*
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2025-01-10T17:35:34Z/

url

https://www.mozilla.org/security/advisories/mfsa2023-05/

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2023-06

reference_id

mfsa2023-06

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2023-06

reference_url

https://www.mozilla.org/security/advisories/mfsa2023-06/

reference_id

mfsa2023-06

reference_type

scores

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

value	Track*
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2025-01-10T17:35:34Z/

url

https://www.mozilla.org/security/advisories/mfsa2023-06/

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2023-07

reference_id

mfsa2023-07

reference_type

scores

value	low
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2023-07

reference_url

https://www.mozilla.org/security/advisories/mfsa2023-07/

reference_id

mfsa2023-07

reference_type

scores

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

value	Track*
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2025-01-10T17:35:34Z/

url

https://www.mozilla.org/security/advisories/mfsa2023-07/

reference_url	https://access.redhat.com/errata/RHSA-2023:0805
reference_id	RHSA-2023:0805
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:0805

reference_url	https://access.redhat.com/errata/RHSA-2023:0806
reference_id	RHSA-2023:0806
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:0806

reference_url	https://access.redhat.com/errata/RHSA-2023:0807
reference_id	RHSA-2023:0807
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:0807

reference_url	https://access.redhat.com/errata/RHSA-2023:0808
reference_id	RHSA-2023:0808
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:0808

reference_url	https://access.redhat.com/errata/RHSA-2023:0809
reference_id	RHSA-2023:0809
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:0809

reference_url	https://access.redhat.com/errata/RHSA-2023:0810
reference_id	RHSA-2023:0810
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:0810

reference_url	https://access.redhat.com/errata/RHSA-2023:0811
reference_id	RHSA-2023:0811
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:0811

reference_url	https://access.redhat.com/errata/RHSA-2023:0812
reference_id	RHSA-2023:0812
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:0812

reference_url	https://access.redhat.com/errata/RHSA-2023:0817
reference_id	RHSA-2023:0817
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:0817

reference_url	https://access.redhat.com/errata/RHSA-2023:0818
reference_id	RHSA-2023:0818
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:0818

reference_url	https://access.redhat.com/errata/RHSA-2023:0819
reference_id	RHSA-2023:0819
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:0819

reference_url	https://access.redhat.com/errata/RHSA-2023:0820
reference_id	RHSA-2023:0820
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:0820

reference_url	https://access.redhat.com/errata/RHSA-2023:0821
reference_id	RHSA-2023:0821
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:0821

reference_url	https://access.redhat.com/errata/RHSA-2023:0822
reference_id	RHSA-2023:0822
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:0822

reference_url	https://access.redhat.com/errata/RHSA-2023:0823
reference_id	RHSA-2023:0823
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:0823

reference_url	https://access.redhat.com/errata/RHSA-2023:0824
reference_id	RHSA-2023:0824
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:0824

reference_url

https://bugzilla.mozilla.org/show_bug.cgi?id=1792138

reference_id

show_bug.cgi?id=1792138

reference_type

scores

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

value	Track*
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2025-01-10T17:35:34Z/

url

https://bugzilla.mozilla.org/show_bug.cgi?id=1792138

reference_url	https://usn.ubuntu.com/5880-1/
reference_id	USN-5880-1
reference_type
scores
url	https://usn.ubuntu.com/5880-1/

reference_url	https://usn.ubuntu.com/5943-1/
reference_id	USN-5943-1
reference_type
scores
url	https://usn.ubuntu.com/5943-1/

fixed_packages

aliases

CVE-2023-25729

risk_score

4.0

exploitability

0.5

weighted_severity

8.0

resource_url

http://public2.vulnerablecode.io/vulnerabilities/VCID-ruvd-z97u-xfbf

url

VCID-t4a9-4um6-m3az

vulnerability_id

VCID-t4a9-4um6-m3az

summary

When encoding data from an <code>inputStream</code> in <code>xpcom</code> the size of the input being encoded was not correctly calculated potentially leading to an out of bounds memory write. This vulnerability affects Firefox < 110, Thunderbird < 102.8, and Firefox ESR < 102.8.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-25732.json

reference_id

reference_type

scores

value	8.8
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-25732.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2023-25732

reference_id

reference_type

scores

value	0.00153
scoring_system	epss
scoring_elements	0.3592
published_at	2026-06-14T12:55:00Z

value	0.00153
scoring_system	epss
scoring_elements	0.3573
published_at	2026-06-11T12:55:00Z

value	0.00153
scoring_system	epss
scoring_elements	0.3591
published_at	2026-06-12T12:55:00Z

value	0.00153
scoring_system	epss
scoring_elements	0.35933
published_at	2026-06-13T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2023-25732

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-46871
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-46871

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-46877
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-46877

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0430
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0430

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0616
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0616

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0767
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0767

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-23598
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-23598

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-23601
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-23601

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-23602
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-23602

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-23603
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-23603

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-23605
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-23605

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25728
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25728

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25729
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25729

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25730
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25730

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25732
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25732

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25735
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25735

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25737
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25737

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25739
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25739

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25742
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25742

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25744
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25744

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25746
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25746

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2170383
reference_id	2170383
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2170383

reference_url	https://security.gentoo.org/glsa/202305-35
reference_id	GLSA-202305-35
reference_type
scores
url	https://security.gentoo.org/glsa/202305-35

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2023-05

reference_id

mfsa2023-05

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2023-05

reference_url

https://www.mozilla.org/security/advisories/mfsa2023-05/

reference_id

mfsa2023-05

reference_type

scores

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

value	Track*
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2025-01-09T21:12:13Z/

url

https://www.mozilla.org/security/advisories/mfsa2023-05/

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2023-06

reference_id

mfsa2023-06

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2023-06

reference_url

https://www.mozilla.org/security/advisories/mfsa2023-06/

reference_id

mfsa2023-06

reference_type

scores

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

value	Track*
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2025-01-09T21:12:13Z/

url

https://www.mozilla.org/security/advisories/mfsa2023-06/

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2023-07

reference_id

mfsa2023-07

reference_type

scores

value	low
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2023-07

reference_url

https://www.mozilla.org/security/advisories/mfsa2023-07/

reference_id

mfsa2023-07

reference_type

scores

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

value	Track*
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2025-01-09T21:12:13Z/

url

https://www.mozilla.org/security/advisories/mfsa2023-07/

reference_url	https://access.redhat.com/errata/RHSA-2023:0805
reference_id	RHSA-2023:0805
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:0805

reference_url	https://access.redhat.com/errata/RHSA-2023:0806
reference_id	RHSA-2023:0806
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:0806

reference_url	https://access.redhat.com/errata/RHSA-2023:0807
reference_id	RHSA-2023:0807
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:0807

reference_url	https://access.redhat.com/errata/RHSA-2023:0808
reference_id	RHSA-2023:0808
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:0808

reference_url	https://access.redhat.com/errata/RHSA-2023:0809
reference_id	RHSA-2023:0809
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:0809

reference_url	https://access.redhat.com/errata/RHSA-2023:0810
reference_id	RHSA-2023:0810
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:0810

reference_url	https://access.redhat.com/errata/RHSA-2023:0811
reference_id	RHSA-2023:0811
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:0811

reference_url	https://access.redhat.com/errata/RHSA-2023:0812
reference_id	RHSA-2023:0812
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:0812

reference_url	https://access.redhat.com/errata/RHSA-2023:0817
reference_id	RHSA-2023:0817
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:0817

reference_url	https://access.redhat.com/errata/RHSA-2023:0818
reference_id	RHSA-2023:0818
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:0818

reference_url	https://access.redhat.com/errata/RHSA-2023:0819
reference_id	RHSA-2023:0819
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:0819

reference_url	https://access.redhat.com/errata/RHSA-2023:0820
reference_id	RHSA-2023:0820
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:0820

reference_url	https://access.redhat.com/errata/RHSA-2023:0821
reference_id	RHSA-2023:0821
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:0821

reference_url	https://access.redhat.com/errata/RHSA-2023:0822
reference_id	RHSA-2023:0822
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:0822

reference_url	https://access.redhat.com/errata/RHSA-2023:0823
reference_id	RHSA-2023:0823
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:0823

reference_url	https://access.redhat.com/errata/RHSA-2023:0824
reference_id	RHSA-2023:0824
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:0824

reference_url

https://bugzilla.mozilla.org/show_bug.cgi?id=1804564

reference_id

show_bug.cgi?id=1804564

reference_type

scores

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

value	Track*
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2025-01-09T21:12:13Z/

url

https://bugzilla.mozilla.org/show_bug.cgi?id=1804564

reference_url	https://usn.ubuntu.com/5880-1/
reference_id	USN-5880-1
reference_type
scores
url	https://usn.ubuntu.com/5880-1/

reference_url	https://usn.ubuntu.com/5943-1/
reference_id	USN-5943-1
reference_type
scores
url	https://usn.ubuntu.com/5943-1/

fixed_packages

aliases

CVE-2023-25732

risk_score

4.0

exploitability

0.5

weighted_severity

8.0

resource_url

http://public2.vulnerablecode.io/vulnerabilities/VCID-t4a9-4um6-m3az

url

VCID-u6u8-qjr6-6fdy

vulnerability_id

VCID-u6u8-qjr6-6fdy

summary

If a MIME email combines OpenPGP and OpenPGP MIME data in a certain way Thunderbird repeatedly attempts to process and display the message, which could cause Thunderbird's user interface to lock up and no longer respond to the user's actions. An attacker could send a crafted message with this structure to attempt a DoS attack. This vulnerability affects Thunderbird < 102.8.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-0616.json

reference_id

reference_type

scores

value	4.3
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-0616.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2023-0616

reference_id

reference_type

scores

value	0.00352
scoring_system	epss
scoring_elements	0.58111
published_at	2026-06-14T12:55:00Z

value	0.00352
scoring_system	epss
scoring_elements	0.57994
published_at	2026-06-11T12:55:00Z

value	0.00352
scoring_system	epss
scoring_elements	0.58107
published_at	2026-06-12T12:55:00Z

value	0.00352
scoring_system	epss
scoring_elements	0.58123
published_at	2026-06-13T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2023-0616

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-46871
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-46871

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-46877
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-46877

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0430
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0430

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0616
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0616

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0767
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0767

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-23598
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-23598

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-23601
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-23601

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-23602
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-23602

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-23603
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-23603

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-23605
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-23605

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25728
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25728

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25729
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25729

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25730
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25730

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25732
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25732

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25735
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25735

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25737
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25737

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25739
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25739

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25742
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25742

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25744
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25744

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25746
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25746

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2171397
reference_id	2171397
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2171397

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2023-07

reference_id

mfsa2023-07

reference_type

scores

value	low
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2023-07

reference_url

https://www.mozilla.org/security/advisories/mfsa2023-07/

reference_id

mfsa2023-07

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-10T18:18:39Z/

url

https://www.mozilla.org/security/advisories/mfsa2023-07/

reference_url	https://access.redhat.com/errata/RHSA-2023:0817
reference_id	RHSA-2023:0817
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:0817

reference_url	https://access.redhat.com/errata/RHSA-2023:0818
reference_id	RHSA-2023:0818
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:0818

reference_url	https://access.redhat.com/errata/RHSA-2023:0819
reference_id	RHSA-2023:0819
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:0819

reference_url	https://access.redhat.com/errata/RHSA-2023:0820
reference_id	RHSA-2023:0820
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:0820

reference_url	https://access.redhat.com/errata/RHSA-2023:0821
reference_id	RHSA-2023:0821
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:0821

reference_url	https://access.redhat.com/errata/RHSA-2023:0822
reference_id	RHSA-2023:0822
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:0822

reference_url	https://access.redhat.com/errata/RHSA-2023:0823
reference_id	RHSA-2023:0823
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:0823

reference_url	https://access.redhat.com/errata/RHSA-2023:0824
reference_id	RHSA-2023:0824
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:0824

reference_url

https://bugzilla.mozilla.org/show_bug.cgi?id=1806507

reference_id

show_bug.cgi?id=1806507

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-10T18:18:39Z/

url

https://bugzilla.mozilla.org/show_bug.cgi?id=1806507

reference_url	https://usn.ubuntu.com/5943-1/
reference_id	USN-5943-1
reference_type
scores
url	https://usn.ubuntu.com/5943-1/

fixed_packages

aliases

CVE-2023-0616

risk_score

3.0

exploitability

0.5

weighted_severity

5.9

resource_url

http://public2.vulnerablecode.io/vulnerabilities/VCID-u6u8-qjr6-6fdy

url

VCID-xwzt-tr6t-zba9

vulnerability_id

VCID-xwzt-tr6t-zba9

summary

A background script invoking <code>requestFullscreen</code> and then blocking the main thread could force the browser into fullscreen mode indefinitely, resulting in potential user confusion or spoofing attacks. This vulnerability affects Firefox < 110, Thunderbird < 102.8, and Firefox ESR < 102.8.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-25730.json

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-25730.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2023-25730

reference_id

reference_type

scores

value	0.00106
scoring_system	epss
scoring_elements	0.28557
published_at	2026-06-14T12:55:00Z

value	0.00106
scoring_system	epss
scoring_elements	0.28345
published_at	2026-06-11T12:55:00Z

value	0.00106
scoring_system	epss
scoring_elements	0.28542
published_at	2026-06-12T12:55:00Z

value	0.00106
scoring_system	epss
scoring_elements	0.28567
published_at	2026-06-13T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2023-25730

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-46871
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-46871

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-46877
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-46877

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0430
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0430

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0616
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0616

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0767
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0767

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-23598
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-23598

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-23601
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-23601

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-23602
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-23602

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-23603
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-23603

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-23605
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-23605

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25728
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25728

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25729
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25729

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25730
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25730

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25732
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25732

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25735
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25735

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25737
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25737

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25739
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25739

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25742
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25742

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25744
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25744

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25746
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25746

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2170375
reference_id	2170375
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2170375

reference_url	https://security.gentoo.org/glsa/202305-35
reference_id	GLSA-202305-35
reference_type
scores
url	https://security.gentoo.org/glsa/202305-35

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2023-05

reference_id

mfsa2023-05

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2023-05

reference_url

https://www.mozilla.org/security/advisories/mfsa2023-05/

reference_id

mfsa2023-05

reference_type

scores

value	5.4
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-10T17:32:33Z/

url

https://www.mozilla.org/security/advisories/mfsa2023-05/

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2023-06

reference_id

mfsa2023-06

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2023-06

reference_url

https://www.mozilla.org/security/advisories/mfsa2023-06/

reference_id

mfsa2023-06

reference_type

scores

value	5.4
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-10T17:32:33Z/

url

https://www.mozilla.org/security/advisories/mfsa2023-06/

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2023-07

reference_id

mfsa2023-07

reference_type

scores

value	low
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2023-07

reference_url

https://www.mozilla.org/security/advisories/mfsa2023-07/

reference_id

mfsa2023-07

reference_type

scores

value	5.4
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-10T17:32:33Z/

url

https://www.mozilla.org/security/advisories/mfsa2023-07/

reference_url	https://access.redhat.com/errata/RHSA-2023:0805
reference_id	RHSA-2023:0805
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:0805

reference_url	https://access.redhat.com/errata/RHSA-2023:0806
reference_id	RHSA-2023:0806
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:0806

reference_url	https://access.redhat.com/errata/RHSA-2023:0807
reference_id	RHSA-2023:0807
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:0807

reference_url	https://access.redhat.com/errata/RHSA-2023:0808
reference_id	RHSA-2023:0808
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:0808

reference_url	https://access.redhat.com/errata/RHSA-2023:0809
reference_id	RHSA-2023:0809
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:0809

reference_url	https://access.redhat.com/errata/RHSA-2023:0810
reference_id	RHSA-2023:0810
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:0810

reference_url	https://access.redhat.com/errata/RHSA-2023:0811
reference_id	RHSA-2023:0811
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:0811

reference_url	https://access.redhat.com/errata/RHSA-2023:0812
reference_id	RHSA-2023:0812
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:0812

reference_url	https://access.redhat.com/errata/RHSA-2023:0817
reference_id	RHSA-2023:0817
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:0817

reference_url	https://access.redhat.com/errata/RHSA-2023:0818
reference_id	RHSA-2023:0818
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:0818

reference_url	https://access.redhat.com/errata/RHSA-2023:0819
reference_id	RHSA-2023:0819
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:0819

reference_url	https://access.redhat.com/errata/RHSA-2023:0820
reference_id	RHSA-2023:0820
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:0820

reference_url	https://access.redhat.com/errata/RHSA-2023:0821
reference_id	RHSA-2023:0821
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:0821

reference_url	https://access.redhat.com/errata/RHSA-2023:0822
reference_id	RHSA-2023:0822
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:0822

reference_url	https://access.redhat.com/errata/RHSA-2023:0823
reference_id	RHSA-2023:0823
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:0823

reference_url	https://access.redhat.com/errata/RHSA-2023:0824
reference_id	RHSA-2023:0824
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:0824

reference_url

https://bugzilla.mozilla.org/show_bug.cgi?id=1794622

reference_id

show_bug.cgi?id=1794622

reference_type

scores

value	5.4
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-10T17:32:33Z/

url

https://bugzilla.mozilla.org/show_bug.cgi?id=1794622

reference_url	https://usn.ubuntu.com/5880-1/
reference_id	USN-5880-1
reference_type
scores
url	https://usn.ubuntu.com/5880-1/

reference_url	https://usn.ubuntu.com/5943-1/
reference_id	USN-5943-1
reference_type
scores
url	https://usn.ubuntu.com/5943-1/

fixed_packages

aliases

CVE-2023-25730

risk_score

4.0

exploitability

0.5

weighted_severity

8.0

resource_url

http://public2.vulnerablecode.io/vulnerabilities/VCID-xwzt-tr6t-zba9

Fixing_vulnerabilities

Risk_score 4.0

Resource_url http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/thunderbird@102.8.0-2%3Farch=el9_1

Package Instance