{"url":"http://public2.vulnerablecode.io/api/packages/388646?format=json","purl":"pkg:apk/alpine/firefox-esr@115.2.0-r0?arch=x86_64&distroversion=v3.20&reponame=community","type":"apk","namespace":"alpine","name":"firefox-esr","version":"115.2.0-r0","qualifiers":{"arch":"x86_64","distroversion":"v3.20","reponame":"community"},"subpath":"","is_vulnerable":false,"next_non_vulnerable_version":"115.2.1-r0","latest_non_vulnerable_version":"115.17.0-r0","affected_by_vulnerabilities":[],"fixing_vulnerabilities":[{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/51404?format=json","vulnerability_id":"VCID-19r2-4svk-uydr","summary":"Multiple vulnerabilities have been discovered in Mozilla Thunderbird, the worst of which could lead to remote code execution.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-4578.json","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-4578.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2023-4578","reference_id":"","reference_type":"","scores":[{"value":"0.0011","scoring_system":"epss","scoring_elements":"0.29121","published_at":"2026-04-24T12:55:00Z"},{"value":"0.0011","scoring_system":"epss","scoring_elements":"0.29238","published_at":"2026-04-21T12:55:00Z"},{"value":"0.0011","scoring_system":"epss","scoring_elements":"0.2901","published_at":"2026-04-26T12:55:00Z"},{"value":"0.0011","scoring_system":"epss","scoring_elements":"0.28937","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00151","scoring_system":"epss","scoring_elements":"0.35793","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00151","scoring_system":"epss","scoring_elements":"0.35882","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00151","scoring_system":"epss","scoring_elements":"0.35742","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00151","scoring_system":"epss","scoring_elements":"0.35815","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00151","scoring_system":"epss","scoring_elements":"0.35823","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00151","scoring_system":"epss","scoring_elements":"0.35783","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00151","scoring_system":"epss","scoring_elements":"0.3576","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00151","scoring_system":"epss","scoring_elements":"0.358","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00151","scoring_system":"epss","scoring_elements":"0.35789","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00151","scoring_system":"epss","scoring_elements":"0.35912","published_at":"2026-04-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2023-4578"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2236077","reference_id":"2236077","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2236077"},{"reference_url":"https://security.gentoo.org/glsa/202402-25","reference_id":"GLSA-202402-25","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202402-25"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2023-34","reference_id":"mfsa2023-34","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2023-34"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2023-34/","reference_id":"mfsa2023-34","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-19T20:02:09Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2023-34/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2023-36","reference_id":"mfsa2023-36","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2023-36"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2023-36/","reference_id":"mfsa2023-36","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-19T20:02:09Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2023-36/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2023-38","reference_id":"mfsa2023-38","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2023-38"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2023-38/","reference_id":"mfsa2023-38","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-19T20:02:09Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2023-38/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4945","reference_id":"RHSA-2023:4945","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4945"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4946","reference_id":"RHSA-2023:4946","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4946"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4947","reference_id":"RHSA-2023:4947","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4947"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4948","reference_id":"RHSA-2023:4948","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4948"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4949","reference_id":"RHSA-2023:4949","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4949"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4950","reference_id":"RHSA-2023:4950","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4950"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4951","reference_id":"RHSA-2023:4951","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4951"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4952","reference_id":"RHSA-2023:4952","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4952"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4954","reference_id":"RHSA-2023:4954","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4954"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4955","reference_id":"RHSA-2023:4955","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4955"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4956","reference_id":"RHSA-2023:4956","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4956"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4957","reference_id":"RHSA-2023:4957","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4957"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4958","reference_id":"RHSA-2023:4958","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4958"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4959","reference_id":"RHSA-2023:4959","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4959"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:5019","reference_id":"RHSA-2023:5019","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:5019"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1839007","reference_id":"show_bug.cgi?id=1839007","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-19T20:02:09Z/"}],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1839007"},{"reference_url":"https://usn.ubuntu.com/6320-1/","reference_id":"USN-6320-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6320-1/"},{"reference_url":"https://usn.ubuntu.com/6405-1/","reference_id":"USN-6405-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6405-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/388646?format=json","purl":"pkg:apk/alpine/firefox-esr@115.2.0-r0?arch=x86_64&distroversion=v3.20&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/firefox-esr@115.2.0-r0%3Farch=x86_64&distroversion=v3.20&reponame=community"}],"aliases":["CVE-2023-4578"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-19r2-4svk-uydr"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/51410?format=json","vulnerability_id":"VCID-6s88-vfr8-u3hj","summary":"Multiple vulnerabilities have been discovered in Mozilla Thunderbird, the worst of which could lead to remote code execution.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-4585.json","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-4585.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2023-4585","reference_id":"","reference_type":"","scores":[{"value":"0.00191","scoring_system":"epss","scoring_elements":"0.41078","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00191","scoring_system":"epss","scoring_elements":"0.41107","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00191","scoring_system":"epss","scoring_elements":"0.41082","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00191","scoring_system":"epss","scoring_elements":"0.41065","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00191","scoring_system":"epss","scoring_elements":"0.41081","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00191","scoring_system":"epss","scoring_elements":"0.41115","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00191","scoring_system":"epss","scoring_elements":"0.41096","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00191","scoring_system":"epss","scoring_elements":"0.41089","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00191","scoring_system":"epss","scoring_elements":"0.41113","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00191","scoring_system":"epss","scoring_elements":"0.4104","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00203","scoring_system":"epss","scoring_elements":"0.42242","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00203","scoring_system":"epss","scoring_elements":"0.42393","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00203","scoring_system":"epss","scoring_elements":"0.42329","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00203","scoring_system":"epss","scoring_elements":"0.42326","published_at":"2026-04-26T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2023-4585"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2236086","reference_id":"2236086","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2236086"},{"reference_url":"https://bugzilla.mozilla.org/buglist.cgi?bug_id=1751583%2C1841082%2C1847904%2C1848999","reference_id":"buglist.cgi?bug_id=1751583%2C1841082%2C1847904%2C1848999","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-09-19T19:08:38Z/"}],"url":"https://bugzilla.mozilla.org/buglist.cgi?bug_id=1751583%2C1841082%2C1847904%2C1848999"},{"reference_url":"https://security.gentoo.org/glsa/202402-25","reference_id":"GLSA-202402-25","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202402-25"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2023-34","reference_id":"mfsa2023-34","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2023-34"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2023-34/","reference_id":"mfsa2023-34","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-09-19T19:08:38Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2023-34/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2023-36","reference_id":"mfsa2023-36","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2023-36"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2023-36/","reference_id":"mfsa2023-36","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-09-19T19:08:38Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2023-36/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2023-38","reference_id":"mfsa2023-38","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2023-38"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2023-38/","reference_id":"mfsa2023-38","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-09-19T19:08:38Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2023-38/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4945","reference_id":"RHSA-2023:4945","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4945"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4946","reference_id":"RHSA-2023:4946","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4946"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4947","reference_id":"RHSA-2023:4947","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4947"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4948","reference_id":"RHSA-2023:4948","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4948"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4949","reference_id":"RHSA-2023:4949","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4949"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4950","reference_id":"RHSA-2023:4950","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4950"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4951","reference_id":"RHSA-2023:4951","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4951"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4952","reference_id":"RHSA-2023:4952","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4952"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4954","reference_id":"RHSA-2023:4954","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4954"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4955","reference_id":"RHSA-2023:4955","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4955"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4956","reference_id":"RHSA-2023:4956","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4956"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4957","reference_id":"RHSA-2023:4957","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4957"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4958","reference_id":"RHSA-2023:4958","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4958"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4959","reference_id":"RHSA-2023:4959","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4959"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:5019","reference_id":"RHSA-2023:5019","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:5019"},{"reference_url":"https://usn.ubuntu.com/6320-1/","reference_id":"USN-6320-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6320-1/"},{"reference_url":"https://usn.ubuntu.com/6405-1/","reference_id":"USN-6405-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6405-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/388646?format=json","purl":"pkg:apk/alpine/firefox-esr@115.2.0-r0?arch=x86_64&distroversion=v3.20&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/firefox-esr@115.2.0-r0%3Farch=x86_64&distroversion=v3.20&reponame=community"}],"aliases":["CVE-2023-4585"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-6s88-vfr8-u3hj"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/51399?format=json","vulnerability_id":"VCID-75sb-xb3r-3fa8","summary":"Multiple vulnerabilities have been discovered in Mozilla Thunderbird, the worst of which could lead to remote code execution.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-4573.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-4573.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2023-4573","reference_id":"","reference_type":"","scores":[{"value":"0.00137","scoring_system":"epss","scoring_elements":"0.33212","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00137","scoring_system":"epss","scoring_elements":"0.33293","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00137","scoring_system":"epss","scoring_elements":"0.33312","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00137","scoring_system":"epss","scoring_elements":"0.33472","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00189","scoring_system":"epss","scoring_elements":"0.40804","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00189","scoring_system":"epss","scoring_elements":"0.40777","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00189","scoring_system":"epss","scoring_elements":"0.40729","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00189","scoring_system":"epss","scoring_elements":"0.40779","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00189","scoring_system":"epss","scoring_elements":"0.40787","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00189","scoring_system":"epss","scoring_elements":"0.40805","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00189","scoring_system":"epss","scoring_elements":"0.40771","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00189","scoring_system":"epss","scoring_elements":"0.40752","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00189","scoring_system":"epss","scoring_elements":"0.40796","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00189","scoring_system":"epss","scoring_elements":"0.40765","published_at":"2026-04-18T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2023-4573"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-4573","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-4573"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-4574","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-4574"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-4575","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-4575"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-4581","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-4581"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-4584","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-4584"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2236071","reference_id":"2236071","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2236071"},{"reference_url":"https://security.gentoo.org/glsa/202402-25","reference_id":"GLSA-202402-25","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202402-25"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2023-34","reference_id":"mfsa2023-34","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2023-34"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2023-34/","reference_id":"mfsa2023-34","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-09-26T15:08:18Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2023-34/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2023-35","reference_id":"mfsa2023-35","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2023-35"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2023-35/","reference_id":"mfsa2023-35","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-09-26T15:08:18Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2023-35/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2023-36","reference_id":"mfsa2023-36","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2023-36"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2023-36/","reference_id":"mfsa2023-36","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-09-26T15:08:18Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2023-36/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2023-37","reference_id":"mfsa2023-37","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2023-37"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2023-37/","reference_id":"mfsa2023-37","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-09-26T15:08:18Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2023-37/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2023-38","reference_id":"mfsa2023-38","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2023-38"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2023-38/","reference_id":"mfsa2023-38","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-09-26T15:08:18Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2023-38/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4945","reference_id":"RHSA-2023:4945","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4945"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4946","reference_id":"RHSA-2023:4946","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4946"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4947","reference_id":"RHSA-2023:4947","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4947"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4948","reference_id":"RHSA-2023:4948","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4948"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4949","reference_id":"RHSA-2023:4949","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4949"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4950","reference_id":"RHSA-2023:4950","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4950"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4951","reference_id":"RHSA-2023:4951","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4951"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4952","reference_id":"RHSA-2023:4952","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4952"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4954","reference_id":"RHSA-2023:4954","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4954"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4955","reference_id":"RHSA-2023:4955","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4955"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4956","reference_id":"RHSA-2023:4956","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4956"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4957","reference_id":"RHSA-2023:4957","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4957"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4958","reference_id":"RHSA-2023:4958","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4958"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4959","reference_id":"RHSA-2023:4959","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4959"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:5019","reference_id":"RHSA-2023:5019","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:5019"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1846687","reference_id":"show_bug.cgi?id=1846687","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-09-26T15:08:18Z/"}],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1846687"},{"reference_url":"https://usn.ubuntu.com/6320-1/","reference_id":"USN-6320-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6320-1/"},{"reference_url":"https://usn.ubuntu.com/6368-1/","reference_id":"USN-6368-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6368-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/388646?format=json","purl":"pkg:apk/alpine/firefox-esr@115.2.0-r0?arch=x86_64&distroversion=v3.20&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/firefox-esr@115.2.0-r0%3Farch=x86_64&distroversion=v3.20&reponame=community"}],"aliases":["CVE-2023-4573"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-75sb-xb3r-3fa8"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/51405?format=json","vulnerability_id":"VCID-9dpt-xfu6-cuh5","summary":"Multiple vulnerabilities have been discovered in Mozilla Thunderbird, the worst of which could lead to remote code execution.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-4580.json","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-4580.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2023-4580","reference_id":"","reference_type":"","scores":[{"value":"0.00069","scoring_system":"epss","scoring_elements":"0.21039","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00069","scoring_system":"epss","scoring_elements":"0.21165","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00069","scoring_system":"epss","scoring_elements":"0.21043","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00069","scoring_system":"epss","scoring_elements":"0.21011","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00082","scoring_system":"epss","scoring_elements":"0.23989","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00082","scoring_system":"epss","scoring_elements":"0.24104","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00082","scoring_system":"epss","scoring_elements":"0.23923","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00082","scoring_system":"epss","scoring_elements":"0.24036","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00082","scoring_system":"epss","scoring_elements":"0.24053","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00082","scoring_system":"epss","scoring_elements":"0.24011","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00082","scoring_system":"epss","scoring_elements":"0.23954","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00082","scoring_system":"epss","scoring_elements":"0.23964","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00082","scoring_system":"epss","scoring_elements":"0.23952","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00082","scoring_system":"epss","scoring_elements":"0.24142","published_at":"2026-04-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2023-4580"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2236079","reference_id":"2236079","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2236079"},{"reference_url":"https://security.gentoo.org/glsa/202402-25","reference_id":"GLSA-202402-25","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202402-25"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2023-34","reference_id":"mfsa2023-34","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2023-34"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2023-34/","reference_id":"mfsa2023-34","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-19T20:01:48Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2023-34/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2023-36","reference_id":"mfsa2023-36","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2023-36"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2023-36/","reference_id":"mfsa2023-36","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-19T20:01:48Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2023-36/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2023-38","reference_id":"mfsa2023-38","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2023-38"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2023-38/","reference_id":"mfsa2023-38","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-19T20:01:48Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2023-38/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4945","reference_id":"RHSA-2023:4945","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4945"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4946","reference_id":"RHSA-2023:4946","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4946"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4947","reference_id":"RHSA-2023:4947","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4947"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4948","reference_id":"RHSA-2023:4948","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4948"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4949","reference_id":"RHSA-2023:4949","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4949"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4950","reference_id":"RHSA-2023:4950","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4950"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4951","reference_id":"RHSA-2023:4951","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4951"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4952","reference_id":"RHSA-2023:4952","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4952"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4954","reference_id":"RHSA-2023:4954","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4954"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4955","reference_id":"RHSA-2023:4955","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4955"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4956","reference_id":"RHSA-2023:4956","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4956"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4957","reference_id":"RHSA-2023:4957","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4957"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4958","reference_id":"RHSA-2023:4958","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4958"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4959","reference_id":"RHSA-2023:4959","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4959"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:5019","reference_id":"RHSA-2023:5019","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:5019"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1843046","reference_id":"show_bug.cgi?id=1843046","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-19T20:01:48Z/"}],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1843046"},{"reference_url":"https://usn.ubuntu.com/6320-1/","reference_id":"USN-6320-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6320-1/"},{"reference_url":"https://usn.ubuntu.com/6405-1/","reference_id":"USN-6405-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6405-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/388646?format=json","purl":"pkg:apk/alpine/firefox-esr@115.2.0-r0?arch=x86_64&distroversion=v3.20&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/firefox-esr@115.2.0-r0%3Farch=x86_64&distroversion=v3.20&reponame=community"}],"aliases":["CVE-2023-4580"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-9dpt-xfu6-cuh5"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/51401?format=json","vulnerability_id":"VCID-bapg-hzuc-ykby","summary":"Multiple vulnerabilities have been discovered in Mozilla Thunderbird, the worst of which could lead to remote code execution.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-4575.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-4575.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2023-4575","reference_id":"","reference_type":"","scores":[{"value":"0.00137","scoring_system":"epss","scoring_elements":"0.33212","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00137","scoring_system":"epss","scoring_elements":"0.33293","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00137","scoring_system":"epss","scoring_elements":"0.33312","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00137","scoring_system":"epss","scoring_elements":"0.33472","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00189","scoring_system":"epss","scoring_elements":"0.40804","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00189","scoring_system":"epss","scoring_elements":"0.40777","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00189","scoring_system":"epss","scoring_elements":"0.40729","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00189","scoring_system":"epss","scoring_elements":"0.40779","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00189","scoring_system":"epss","scoring_elements":"0.40787","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00189","scoring_system":"epss","scoring_elements":"0.40805","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00189","scoring_system":"epss","scoring_elements":"0.40771","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00189","scoring_system":"epss","scoring_elements":"0.40752","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00189","scoring_system":"epss","scoring_elements":"0.40796","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00189","scoring_system":"epss","scoring_elements":"0.40765","published_at":"2026-04-18T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2023-4575"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-4573","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-4573"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-4574","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-4574"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-4575","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-4575"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-4581","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-4581"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-4584","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-4584"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2236073","reference_id":"2236073","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2236073"},{"reference_url":"https://security.gentoo.org/glsa/202402-25","reference_id":"GLSA-202402-25","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202402-25"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2023-34","reference_id":"mfsa2023-34","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2023-34"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2023-34/","reference_id":"mfsa2023-34","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-26T15:05:40Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2023-34/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2023-35","reference_id":"mfsa2023-35","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2023-35"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2023-35/","reference_id":"mfsa2023-35","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-26T15:05:40Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2023-35/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2023-36","reference_id":"mfsa2023-36","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2023-36"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2023-36/","reference_id":"mfsa2023-36","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-26T15:05:40Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2023-36/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2023-37","reference_id":"mfsa2023-37","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2023-37"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2023-37/","reference_id":"mfsa2023-37","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-26T15:05:40Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2023-37/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2023-38","reference_id":"mfsa2023-38","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2023-38"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2023-38/","reference_id":"mfsa2023-38","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-26T15:05:40Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2023-38/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4945","reference_id":"RHSA-2023:4945","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4945"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4946","reference_id":"RHSA-2023:4946","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4946"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4947","reference_id":"RHSA-2023:4947","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4947"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4948","reference_id":"RHSA-2023:4948","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4948"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4949","reference_id":"RHSA-2023:4949","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4949"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4950","reference_id":"RHSA-2023:4950","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4950"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4951","reference_id":"RHSA-2023:4951","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4951"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4952","reference_id":"RHSA-2023:4952","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4952"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4954","reference_id":"RHSA-2023:4954","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4954"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4955","reference_id":"RHSA-2023:4955","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4955"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4956","reference_id":"RHSA-2023:4956","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4956"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4957","reference_id":"RHSA-2023:4957","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4957"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4958","reference_id":"RHSA-2023:4958","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4958"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4959","reference_id":"RHSA-2023:4959","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4959"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:5019","reference_id":"RHSA-2023:5019","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:5019"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1846689","reference_id":"show_bug.cgi?id=1846689","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-26T15:05:40Z/"}],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1846689"},{"reference_url":"https://usn.ubuntu.com/6320-1/","reference_id":"USN-6320-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6320-1/"},{"reference_url":"https://usn.ubuntu.com/6368-1/","reference_id":"USN-6368-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6368-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/388646?format=json","purl":"pkg:apk/alpine/firefox-esr@115.2.0-r0?arch=x86_64&distroversion=v3.20&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/firefox-esr@115.2.0-r0%3Farch=x86_64&distroversion=v3.20&reponame=community"}],"aliases":["CVE-2023-4575"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-bapg-hzuc-ykby"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/51402?format=json","vulnerability_id":"VCID-cfqv-7r6b-g3e9","summary":"Multiple vulnerabilities have been discovered in Mozilla Thunderbird, the worst of which could lead to remote code execution.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-4576.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-4576.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2023-4576","reference_id":"","reference_type":"","scores":[{"value":"0.00325","scoring_system":"epss","scoring_elements":"0.55538","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00325","scoring_system":"epss","scoring_elements":"0.55561","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00325","scoring_system":"epss","scoring_elements":"0.55521","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00325","scoring_system":"epss","scoring_elements":"0.55549","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00325","scoring_system":"epss","scoring_elements":"0.55559","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00325","scoring_system":"epss","scoring_elements":"0.55558","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00325","scoring_system":"epss","scoring_elements":"0.55497","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00325","scoring_system":"epss","scoring_elements":"0.55457","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00325","scoring_system":"epss","scoring_elements":"0.55483","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00325","scoring_system":"epss","scoring_elements":"0.55463","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00325","scoring_system":"epss","scoring_elements":"0.55539","published_at":"2026-04-21T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2023-4576"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2236074","reference_id":"2236074","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2236074"},{"reference_url":"https://security.gentoo.org/glsa/202402-25","reference_id":"GLSA-202402-25","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202402-25"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2023-34","reference_id":"mfsa2023-34","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2023-34"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2023-34/","reference_id":"mfsa2023-34","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-09-26T14:57:46Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2023-34/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2023-35","reference_id":"mfsa2023-35","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2023-35"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2023-35/","reference_id":"mfsa2023-35","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-09-26T14:57:46Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2023-35/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2023-36","reference_id":"mfsa2023-36","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2023-36"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2023-36/","reference_id":"mfsa2023-36","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-09-26T14:57:46Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2023-36/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2023-37","reference_id":"mfsa2023-37","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2023-37"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2023-37/","reference_id":"mfsa2023-37","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-09-26T14:57:46Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2023-37/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2023-38","reference_id":"mfsa2023-38","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2023-38"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2023-38/","reference_id":"mfsa2023-38","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-09-26T14:57:46Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2023-38/"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1846694","reference_id":"show_bug.cgi?id=1846694","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-09-26T14:57:46Z/"}],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1846694"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/388646?format=json","purl":"pkg:apk/alpine/firefox-esr@115.2.0-r0?arch=x86_64&distroversion=v3.20&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/firefox-esr@115.2.0-r0%3Farch=x86_64&distroversion=v3.20&reponame=community"}],"aliases":["CVE-2023-4576"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-cfqv-7r6b-g3e9"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/51400?format=json","vulnerability_id":"VCID-cj16-a2tv-cqd7","summary":"Multiple vulnerabilities have been discovered in Mozilla Thunderbird, the worst of which could lead to remote code execution.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-4574.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-4574.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2023-4574","reference_id":"","reference_type":"","scores":[{"value":"0.00137","scoring_system":"epss","scoring_elements":"0.33212","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00137","scoring_system":"epss","scoring_elements":"0.33293","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00137","scoring_system":"epss","scoring_elements":"0.33312","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00137","scoring_system":"epss","scoring_elements":"0.33472","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00145","scoring_system":"epss","scoring_elements":"0.34888","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00145","scoring_system":"epss","scoring_elements":"0.34861","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00145","scoring_system":"epss","scoring_elements":"0.34766","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00145","scoring_system":"epss","scoring_elements":"0.3481","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00145","scoring_system":"epss","scoring_elements":"0.34839","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00145","scoring_system":"epss","scoring_elements":"0.34844","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00145","scoring_system":"epss","scoring_elements":"0.34806","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00145","scoring_system":"epss","scoring_elements":"0.34782","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00145","scoring_system":"epss","scoring_elements":"0.34819","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00145","scoring_system":"epss","scoring_elements":"0.34803","published_at":"2026-04-18T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2023-4574"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-4573","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-4573"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-4574","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-4574"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-4575","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-4575"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-4581","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-4581"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-4584","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-4584"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2236072","reference_id":"2236072","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2236072"},{"reference_url":"https://security.gentoo.org/glsa/202402-25","reference_id":"GLSA-202402-25","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202402-25"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2023-34","reference_id":"mfsa2023-34","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2023-34"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2023-34/","reference_id":"mfsa2023-34","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-26T15:07:09Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2023-34/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2023-35","reference_id":"mfsa2023-35","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2023-35"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2023-35/","reference_id":"mfsa2023-35","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-26T15:07:09Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2023-35/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2023-36","reference_id":"mfsa2023-36","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2023-36"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2023-36/","reference_id":"mfsa2023-36","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-26T15:07:09Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2023-36/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2023-37","reference_id":"mfsa2023-37","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2023-37"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2023-37/","reference_id":"mfsa2023-37","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-26T15:07:09Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2023-37/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2023-38","reference_id":"mfsa2023-38","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2023-38"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2023-38/","reference_id":"mfsa2023-38","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-26T15:07:09Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2023-38/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4945","reference_id":"RHSA-2023:4945","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4945"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4946","reference_id":"RHSA-2023:4946","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4946"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4947","reference_id":"RHSA-2023:4947","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4947"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4948","reference_id":"RHSA-2023:4948","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4948"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4949","reference_id":"RHSA-2023:4949","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4949"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4950","reference_id":"RHSA-2023:4950","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4950"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4951","reference_id":"RHSA-2023:4951","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4951"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4952","reference_id":"RHSA-2023:4952","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4952"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4954","reference_id":"RHSA-2023:4954","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4954"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4955","reference_id":"RHSA-2023:4955","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4955"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4956","reference_id":"RHSA-2023:4956","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4956"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4957","reference_id":"RHSA-2023:4957","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4957"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4958","reference_id":"RHSA-2023:4958","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4958"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4959","reference_id":"RHSA-2023:4959","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4959"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:5019","reference_id":"RHSA-2023:5019","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:5019"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1846688","reference_id":"show_bug.cgi?id=1846688","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-26T15:07:09Z/"}],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1846688"},{"reference_url":"https://usn.ubuntu.com/6320-1/","reference_id":"USN-6320-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6320-1/"},{"reference_url":"https://usn.ubuntu.com/6368-1/","reference_id":"USN-6368-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6368-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/388646?format=json","purl":"pkg:apk/alpine/firefox-esr@115.2.0-r0?arch=x86_64&distroversion=v3.20&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/firefox-esr@115.2.0-r0%3Farch=x86_64&distroversion=v3.20&reponame=community"}],"aliases":["CVE-2023-4574"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-cj16-a2tv-cqd7"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/51409?format=json","vulnerability_id":"VCID-j1yh-f1np-wbcv","summary":"Multiple vulnerabilities have been discovered in Mozilla Thunderbird, the worst of which could lead to remote code execution.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-4584.json","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-4584.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2023-4584","reference_id":"","reference_type":"","scores":[{"value":"0.00275","scoring_system":"epss","scoring_elements":"0.5101","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00275","scoring_system":"epss","scoring_elements":"0.51004","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00275","scoring_system":"epss","scoring_elements":"0.50966","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00275","scoring_system":"epss","scoring_elements":"0.50982","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00275","scoring_system":"epss","scoring_elements":"0.50923","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00275","scoring_system":"epss","scoring_elements":"0.50949","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00275","scoring_system":"epss","scoring_elements":"0.50907","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00275","scoring_system":"epss","scoring_elements":"0.50964","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00275","scoring_system":"epss","scoring_elements":"0.51003","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00275","scoring_system":"epss","scoring_elements":"0.50961","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00292","scoring_system":"epss","scoring_elements":"0.52541","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00292","scoring_system":"epss","scoring_elements":"0.52618","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00292","scoring_system":"epss","scoring_elements":"0.52568","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00292","scoring_system":"epss","scoring_elements":"0.52579","published_at":"2026-04-26T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2023-4584"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-4573","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-4573"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-4574","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-4574"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-4575","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-4575"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-4581","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-4581"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-4584","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-4584"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2236084","reference_id":"2236084","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2236084"},{"reference_url":"https://security.gentoo.org/glsa/202402-25","reference_id":"GLSA-202402-25","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202402-25"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2023-34","reference_id":"mfsa2023-34","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2023-34"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2023-35","reference_id":"mfsa2023-35","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2023-35"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2023-36","reference_id":"mfsa2023-36","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2023-36"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2023-37","reference_id":"mfsa2023-37","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2023-37"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2023-38","reference_id":"mfsa2023-38","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2023-38"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4945","reference_id":"RHSA-2023:4945","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4945"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4946","reference_id":"RHSA-2023:4946","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4946"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4947","reference_id":"RHSA-2023:4947","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4947"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4948","reference_id":"RHSA-2023:4948","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4948"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4949","reference_id":"RHSA-2023:4949","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4949"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4950","reference_id":"RHSA-2023:4950","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4950"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4951","reference_id":"RHSA-2023:4951","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4951"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4952","reference_id":"RHSA-2023:4952","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4952"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4954","reference_id":"RHSA-2023:4954","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4954"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4955","reference_id":"RHSA-2023:4955","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4955"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4956","reference_id":"RHSA-2023:4956","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4956"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4957","reference_id":"RHSA-2023:4957","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4957"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4958","reference_id":"RHSA-2023:4958","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4958"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4959","reference_id":"RHSA-2023:4959","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4959"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:5019","reference_id":"RHSA-2023:5019","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:5019"},{"reference_url":"https://usn.ubuntu.com/6320-1/","reference_id":"USN-6320-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6320-1/"},{"reference_url":"https://usn.ubuntu.com/6368-1/","reference_id":"USN-6368-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6368-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/388646?format=json","purl":"pkg:apk/alpine/firefox-esr@115.2.0-r0?arch=x86_64&distroversion=v3.20&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/firefox-esr@115.2.0-r0%3Farch=x86_64&distroversion=v3.20&reponame=community"}],"aliases":["CVE-2023-4584"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-j1yh-f1np-wbcv"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/51403?format=json","vulnerability_id":"VCID-pv9q-fcta-ffbq","summary":"Multiple vulnerabilities have been discovered in Mozilla Thunderbird, the worst of which could lead to remote code execution.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-4577.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-4577.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2023-4577","reference_id":"","reference_type":"","scores":[{"value":"0.00102","scoring_system":"epss","scoring_elements":"0.27644","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00102","scoring_system":"epss","scoring_elements":"0.2803","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00102","scoring_system":"epss","scoring_elements":"0.27973","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00102","scoring_system":"epss","scoring_elements":"0.27981","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00102","scoring_system":"epss","scoring_elements":"0.27963","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00102","scoring_system":"epss","scoring_elements":"0.27915","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00102","scoring_system":"epss","scoring_elements":"0.2783","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00102","scoring_system":"epss","scoring_elements":"0.27718","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00102","scoring_system":"epss","scoring_elements":"0.28118","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00102","scoring_system":"epss","scoring_elements":"0.28161","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00102","scoring_system":"epss","scoring_elements":"0.27958","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00102","scoring_system":"epss","scoring_elements":"0.28025","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00102","scoring_system":"epss","scoring_elements":"0.28067","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00102","scoring_system":"epss","scoring_elements":"0.28073","published_at":"2026-04-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2023-4577"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2236075","reference_id":"2236075","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2236075"},{"reference_url":"https://security.gentoo.org/glsa/202402-25","reference_id":"GLSA-202402-25","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202402-25"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2023-34","reference_id":"mfsa2023-34","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2023-34"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2023-34/","reference_id":"mfsa2023-34","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-19T20:02:33Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2023-34/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2023-36","reference_id":"mfsa2023-36","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2023-36"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2023-36/","reference_id":"mfsa2023-36","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-19T20:02:33Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2023-36/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2023-38","reference_id":"mfsa2023-38","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2023-38"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2023-38/","reference_id":"mfsa2023-38","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-19T20:02:33Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2023-38/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4945","reference_id":"RHSA-2023:4945","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4945"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4946","reference_id":"RHSA-2023:4946","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4946"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4947","reference_id":"RHSA-2023:4947","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4947"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4948","reference_id":"RHSA-2023:4948","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4948"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4949","reference_id":"RHSA-2023:4949","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4949"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4950","reference_id":"RHSA-2023:4950","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4950"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4951","reference_id":"RHSA-2023:4951","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4951"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4952","reference_id":"RHSA-2023:4952","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4952"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4954","reference_id":"RHSA-2023:4954","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4954"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4955","reference_id":"RHSA-2023:4955","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4955"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4956","reference_id":"RHSA-2023:4956","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4956"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4957","reference_id":"RHSA-2023:4957","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4957"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4958","reference_id":"RHSA-2023:4958","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4958"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4959","reference_id":"RHSA-2023:4959","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4959"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:5019","reference_id":"RHSA-2023:5019","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:5019"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1847397","reference_id":"show_bug.cgi?id=1847397","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-19T20:02:33Z/"}],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1847397"},{"reference_url":"https://usn.ubuntu.com/6320-1/","reference_id":"USN-6320-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6320-1/"},{"reference_url":"https://usn.ubuntu.com/6405-1/","reference_id":"USN-6405-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6405-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/388646?format=json","purl":"pkg:apk/alpine/firefox-esr@115.2.0-r0?arch=x86_64&distroversion=v3.20&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/firefox-esr@115.2.0-r0%3Farch=x86_64&distroversion=v3.20&reponame=community"}],"aliases":["CVE-2023-4577"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-pv9q-fcta-ffbq"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/51406?format=json","vulnerability_id":"VCID-sfyj-m6xa-8bbc","summary":"Multiple vulnerabilities have been discovered in Mozilla Thunderbird, the worst of which could lead to remote code execution.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-4581.json","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-4581.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2023-4581","reference_id":"","reference_type":"","scores":[{"value":"0.0016","scoring_system":"epss","scoring_elements":"0.36506","published_at":"2026-04-29T12:55:00Z"},{"value":"0.0016","scoring_system":"epss","scoring_elements":"0.36594","published_at":"2026-04-26T12:55:00Z"},{"value":"0.0016","scoring_system":"epss","scoring_elements":"0.36626","published_at":"2026-04-24T12:55:00Z"},{"value":"0.0016","scoring_system":"epss","scoring_elements":"0.36844","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00169","scoring_system":"epss","scoring_elements":"0.38196","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00169","scoring_system":"epss","scoring_elements":"0.38173","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00169","scoring_system":"epss","scoring_elements":"0.38066","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00169","scoring_system":"epss","scoring_elements":"0.38116","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00169","scoring_system":"epss","scoring_elements":"0.38124","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00169","scoring_system":"epss","scoring_elements":"0.38142","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00169","scoring_system":"epss","scoring_elements":"0.38106","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00169","scoring_system":"epss","scoring_elements":"0.38082","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00169","scoring_system":"epss","scoring_elements":"0.38128","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00169","scoring_system":"epss","scoring_elements":"0.38108","published_at":"2026-04-18T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2023-4581"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-4573","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-4573"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-4574","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-4574"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-4575","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-4575"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-4581","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-4581"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-4584","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-4584"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2236080","reference_id":"2236080","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2236080"},{"reference_url":"https://security.gentoo.org/glsa/202402-25","reference_id":"GLSA-202402-25","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202402-25"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2023-34","reference_id":"mfsa2023-34","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2023-34"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2023-34/","reference_id":"mfsa2023-34","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-26T16:02:47Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2023-34/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2023-35","reference_id":"mfsa2023-35","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2023-35"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2023-35/","reference_id":"mfsa2023-35","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-26T16:02:47Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2023-35/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2023-36","reference_id":"mfsa2023-36","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2023-36"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2023-36/","reference_id":"mfsa2023-36","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-26T16:02:47Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2023-36/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2023-37","reference_id":"mfsa2023-37","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2023-37"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2023-37/","reference_id":"mfsa2023-37","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-26T16:02:47Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2023-37/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2023-38","reference_id":"mfsa2023-38","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2023-38"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2023-38/","reference_id":"mfsa2023-38","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-26T16:02:47Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2023-38/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4945","reference_id":"RHSA-2023:4945","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4945"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4946","reference_id":"RHSA-2023:4946","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4946"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4947","reference_id":"RHSA-2023:4947","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4947"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4948","reference_id":"RHSA-2023:4948","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4948"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4949","reference_id":"RHSA-2023:4949","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4949"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4950","reference_id":"RHSA-2023:4950","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4950"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4951","reference_id":"RHSA-2023:4951","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4951"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4952","reference_id":"RHSA-2023:4952","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4952"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4954","reference_id":"RHSA-2023:4954","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4954"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4955","reference_id":"RHSA-2023:4955","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4955"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4956","reference_id":"RHSA-2023:4956","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4956"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4957","reference_id":"RHSA-2023:4957","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4957"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4958","reference_id":"RHSA-2023:4958","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4958"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4959","reference_id":"RHSA-2023:4959","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4959"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:5019","reference_id":"RHSA-2023:5019","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:5019"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1843758","reference_id":"show_bug.cgi?id=1843758","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-26T16:02:47Z/"}],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1843758"},{"reference_url":"https://usn.ubuntu.com/6320-1/","reference_id":"USN-6320-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6320-1/"},{"reference_url":"https://usn.ubuntu.com/6368-1/","reference_id":"USN-6368-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6368-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/388646?format=json","purl":"pkg:apk/alpine/firefox-esr@115.2.0-r0?arch=x86_64&distroversion=v3.20&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/firefox-esr@115.2.0-r0%3Farch=x86_64&distroversion=v3.20&reponame=community"}],"aliases":["CVE-2023-4581"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-sfyj-m6xa-8bbc"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/51407?format=json","vulnerability_id":"VCID-snbc-j4e3-uff1","summary":"Multiple vulnerabilities have been discovered in Mozilla Thunderbird, the worst of which could lead to remote code execution.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-4582.json","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-4582.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2023-4582","reference_id":"","reference_type":"","scores":[{"value":"0.00503","scoring_system":"epss","scoring_elements":"0.66159","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00503","scoring_system":"epss","scoring_elements":"0.6616","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00657","scoring_system":"epss","scoring_elements":"0.71103","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00718","scoring_system":"epss","scoring_elements":"0.72395","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00798","scoring_system":"epss","scoring_elements":"0.73995","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00798","scoring_system":"epss","scoring_elements":"0.73966","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00798","scoring_system":"epss","scoring_elements":"0.74","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00798","scoring_system":"epss","scoring_elements":"0.74014","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00798","scoring_system":"epss","scoring_elements":"0.74036","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00798","scoring_system":"epss","scoring_elements":"0.74018","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00798","scoring_system":"epss","scoring_elements":"0.74011","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00798","scoring_system":"epss","scoring_elements":"0.7405","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00798","scoring_system":"epss","scoring_elements":"0.74059","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00798","scoring_system":"epss","scoring_elements":"0.74051","published_at":"2026-04-21T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2023-4582"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2236081","reference_id":"2236081","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2236081"},{"reference_url":"https://security.gentoo.org/glsa/202402-25","reference_id":"GLSA-202402-25","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202402-25"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2023-34","reference_id":"mfsa2023-34","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2023-34"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2023-34/","reference_id":"mfsa2023-34","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-09-19T20:00:26Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2023-34/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2023-36","reference_id":"mfsa2023-36","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2023-36"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2023-36/","reference_id":"mfsa2023-36","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-09-19T20:00:26Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2023-36/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2023-38","reference_id":"mfsa2023-38","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2023-38"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2023-38/","reference_id":"mfsa2023-38","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-09-19T20:00:26Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2023-38/"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1773874","reference_id":"show_bug.cgi?id=1773874","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-09-19T20:00:26Z/"}],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1773874"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/388646?format=json","purl":"pkg:apk/alpine/firefox-esr@115.2.0-r0?arch=x86_64&distroversion=v3.20&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/firefox-esr@115.2.0-r0%3Farch=x86_64&distroversion=v3.20&reponame=community"}],"aliases":["CVE-2023-4582"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-snbc-j4e3-uff1"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/51408?format=json","vulnerability_id":"VCID-tq43-rx5u-eybv","summary":"Multiple vulnerabilities have been discovered in Mozilla Thunderbird, the worst of which could lead to remote code execution.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-4583.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-4583.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2023-4583","reference_id":"","reference_type":"","scores":[{"value":"0.00146","scoring_system":"epss","scoring_elements":"0.3459","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00146","scoring_system":"epss","scoring_elements":"0.34933","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00146","scoring_system":"epss","scoring_elements":"0.34978","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00146","scoring_system":"epss","scoring_elements":"0.35007","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00146","scoring_system":"epss","scoring_elements":"0.35011","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00146","scoring_system":"epss","scoring_elements":"0.34975","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00146","scoring_system":"epss","scoring_elements":"0.34951","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00146","scoring_system":"epss","scoring_elements":"0.3499","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00146","scoring_system":"epss","scoring_elements":"0.34974","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00146","scoring_system":"epss","scoring_elements":"0.34931","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00146","scoring_system":"epss","scoring_elements":"0.34701","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00146","scoring_system":"epss","scoring_elements":"0.34682","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00146","scoring_system":"epss","scoring_elements":"0.35026","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00146","scoring_system":"epss","scoring_elements":"0.35053","published_at":"2026-04-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2023-4583"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2236082","reference_id":"2236082","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2236082"},{"reference_url":"https://security.gentoo.org/glsa/202402-25","reference_id":"GLSA-202402-25","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202402-25"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2023-34","reference_id":"mfsa2023-34","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2023-34"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2023-34/","reference_id":"mfsa2023-34","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-09-19T19:09:13Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2023-34/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2023-36","reference_id":"mfsa2023-36","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2023-36"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2023-36/","reference_id":"mfsa2023-36","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-09-19T19:09:13Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2023-36/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2023-38","reference_id":"mfsa2023-38","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2023-38"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2023-38/","reference_id":"mfsa2023-38","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-09-19T19:09:13Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2023-38/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4945","reference_id":"RHSA-2023:4945","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4945"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4946","reference_id":"RHSA-2023:4946","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4946"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4947","reference_id":"RHSA-2023:4947","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4947"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4948","reference_id":"RHSA-2023:4948","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4948"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4949","reference_id":"RHSA-2023:4949","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4949"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4950","reference_id":"RHSA-2023:4950","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4950"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4951","reference_id":"RHSA-2023:4951","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4951"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4952","reference_id":"RHSA-2023:4952","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4952"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4954","reference_id":"RHSA-2023:4954","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4954"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4955","reference_id":"RHSA-2023:4955","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4955"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4956","reference_id":"RHSA-2023:4956","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4956"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4957","reference_id":"RHSA-2023:4957","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4957"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4958","reference_id":"RHSA-2023:4958","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4958"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4959","reference_id":"RHSA-2023:4959","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4959"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:5019","reference_id":"RHSA-2023:5019","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:5019"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1842030","reference_id":"show_bug.cgi?id=1842030","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-09-19T19:09:13Z/"}],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1842030"},{"reference_url":"https://usn.ubuntu.com/6320-1/","reference_id":"USN-6320-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6320-1/"},{"reference_url":"https://usn.ubuntu.com/6405-1/","reference_id":"USN-6405-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6405-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/388646?format=json","purl":"pkg:apk/alpine/firefox-esr@115.2.0-r0?arch=x86_64&distroversion=v3.20&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/firefox-esr@115.2.0-r0%3Farch=x86_64&distroversion=v3.20&reponame=community"}],"aliases":["CVE-2023-4583"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-tq43-rx5u-eybv"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/51392?format=json","vulnerability_id":"VCID-xrg1-azru-5qf1","summary":"Multiple vulnerabilities have been discovered in Mozilla Thunderbird, the worst of which could lead to remote code execution.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-4051.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-4051.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2023-4051","reference_id":"","reference_type":"","scores":[{"value":"0.0014","scoring_system":"epss","scoring_elements":"0.34193","published_at":"2026-04-18T12:55:00Z"},{"value":"0.0014","scoring_system":"epss","scoring_elements":"0.34205","published_at":"2026-04-16T12:55:00Z"},{"value":"0.0014","scoring_system":"epss","scoring_elements":"0.34269","published_at":"2026-04-02T12:55:00Z"},{"value":"0.0014","scoring_system":"epss","scoring_elements":"0.34172","published_at":"2026-04-13T12:55:00Z"},{"value":"0.0014","scoring_system":"epss","scoring_elements":"0.34196","published_at":"2026-04-12T12:55:00Z"},{"value":"0.0014","scoring_system":"epss","scoring_elements":"0.34236","published_at":"2026-04-11T12:55:00Z"},{"value":"0.0014","scoring_system":"epss","scoring_elements":"0.34207","published_at":"2026-04-08T12:55:00Z"},{"value":"0.0014","scoring_system":"epss","scoring_elements":"0.34165","published_at":"2026-04-07T12:55:00Z"},{"value":"0.0014","scoring_system":"epss","scoring_elements":"0.34301","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00157","scoring_system":"epss","scoring_elements":"0.36115","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00157","scoring_system":"epss","scoring_elements":"0.3646","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00157","scoring_system":"epss","scoring_elements":"0.36232","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00157","scoring_system":"epss","scoring_elements":"0.36202","published_at":"2026-04-26T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2023-4051"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2236076","reference_id":"2236076","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2236076"},{"reference_url":"https://security.gentoo.org/glsa/202402-25","reference_id":"GLSA-202402-25","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202402-25"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2023-29","reference_id":"mfsa2023-29","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2023-29"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2023-29/","reference_id":"mfsa2023-29","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-22T14:40:45Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2023-29/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2023-36","reference_id":"mfsa2023-36","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2023-36"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2023-36/","reference_id":"mfsa2023-36","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-22T14:40:45Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2023-36/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2023-38","reference_id":"mfsa2023-38","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2023-38"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2023-38/","reference_id":"mfsa2023-38","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-22T14:40:45Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2023-38/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4945","reference_id":"RHSA-2023:4945","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4945"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4946","reference_id":"RHSA-2023:4946","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4946"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4947","reference_id":"RHSA-2023:4947","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4947"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4948","reference_id":"RHSA-2023:4948","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4948"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4949","reference_id":"RHSA-2023:4949","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4949"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4950","reference_id":"RHSA-2023:4950","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4950"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4951","reference_id":"RHSA-2023:4951","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4951"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4952","reference_id":"RHSA-2023:4952","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4952"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4954","reference_id":"RHSA-2023:4954","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4954"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4955","reference_id":"RHSA-2023:4955","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4955"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4956","reference_id":"RHSA-2023:4956","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4956"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4957","reference_id":"RHSA-2023:4957","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4957"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4958","reference_id":"RHSA-2023:4958","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4958"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4959","reference_id":"RHSA-2023:4959","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4959"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:5019","reference_id":"RHSA-2023:5019","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:5019"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1821884","reference_id":"show_bug.cgi?id=1821884","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-22T14:40:45Z/"}],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1821884"},{"reference_url":"https://usn.ubuntu.com/6267-1/","reference_id":"USN-6267-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6267-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/388646?format=json","purl":"pkg:apk/alpine/firefox-esr@115.2.0-r0?arch=x86_64&distroversion=v3.20&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/firefox-esr@115.2.0-r0%3Farch=x86_64&distroversion=v3.20&reponame=community"}],"aliases":["CVE-2023-4051"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-xrg1-azru-5qf1"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/51394?format=json","vulnerability_id":"VCID-ygrd-4scr-wkau","summary":"Multiple vulnerabilities have been discovered in Mozilla Thunderbird, the worst of which could lead to remote code execution.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-4053.json","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-4053.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2023-4053","reference_id":"","reference_type":"","scores":[{"value":"0.00145","scoring_system":"epss","scoring_elements":"0.3446","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00145","scoring_system":"epss","scoring_elements":"0.3485","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00145","scoring_system":"epss","scoring_elements":"0.34826","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00145","scoring_system":"epss","scoring_elements":"0.34865","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00145","scoring_system":"epss","scoring_elements":"0.34849","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00145","scoring_system":"epss","scoring_elements":"0.34805","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00145","scoring_system":"epss","scoring_elements":"0.34567","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00145","scoring_system":"epss","scoring_elements":"0.34547","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00145","scoring_system":"epss","scoring_elements":"0.34904","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00145","scoring_system":"epss","scoring_elements":"0.34931","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00145","scoring_system":"epss","scoring_elements":"0.3481","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00145","scoring_system":"epss","scoring_elements":"0.34855","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00145","scoring_system":"epss","scoring_elements":"0.34884","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00145","scoring_system":"epss","scoring_elements":"0.34887","published_at":"2026-04-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2023-4053"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2236078","reference_id":"2236078","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2236078"},{"reference_url":"https://security.gentoo.org/glsa/202402-25","reference_id":"GLSA-202402-25","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202402-25"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2023-29","reference_id":"mfsa2023-29","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2023-29"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2023-29/","reference_id":"mfsa2023-29","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-22T14:37:53Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2023-29/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2023-36","reference_id":"mfsa2023-36","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2023-36"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2023-36/","reference_id":"mfsa2023-36","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-22T14:37:53Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2023-36/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2023-38","reference_id":"mfsa2023-38","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2023-38"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2023-38/","reference_id":"mfsa2023-38","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-22T14:37:53Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2023-38/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4945","reference_id":"RHSA-2023:4945","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4945"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4946","reference_id":"RHSA-2023:4946","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4946"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4947","reference_id":"RHSA-2023:4947","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4947"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4948","reference_id":"RHSA-2023:4948","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4948"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4949","reference_id":"RHSA-2023:4949","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4949"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4950","reference_id":"RHSA-2023:4950","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4950"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4951","reference_id":"RHSA-2023:4951","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4951"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4952","reference_id":"RHSA-2023:4952","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4952"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4954","reference_id":"RHSA-2023:4954","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4954"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4955","reference_id":"RHSA-2023:4955","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4955"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4956","reference_id":"RHSA-2023:4956","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4956"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4957","reference_id":"RHSA-2023:4957","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4957"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4958","reference_id":"RHSA-2023:4958","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4958"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4959","reference_id":"RHSA-2023:4959","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4959"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:5019","reference_id":"RHSA-2023:5019","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:5019"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1839079","reference_id":"show_bug.cgi?id=1839079","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-22T14:37:53Z/"}],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1839079"},{"reference_url":"https://usn.ubuntu.com/6267-1/","reference_id":"USN-6267-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6267-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/388646?format=json","purl":"pkg:apk/alpine/firefox-esr@115.2.0-r0?arch=x86_64&distroversion=v3.20&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/firefox-esr@115.2.0-r0%3Farch=x86_64&distroversion=v3.20&reponame=community"}],"aliases":["CVE-2023-4053"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-ygrd-4scr-wkau"}],"risk_score":null,"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/firefox-esr@115.2.0-r0%3Farch=x86_64&distroversion=v3.20&reponame=community"}