{"url":"http://public2.vulnerablecode.io/api/packages/412203?format=json","purl":"pkg:apk/alpine/firefox-esr@102.10.0-r0?arch=ppc64le&distroversion=v3.20&reponame=community","type":"apk","namespace":"alpine","name":"firefox-esr","version":"102.10.0-r0","qualifiers":{"arch":"ppc64le","distroversion":"v3.20","reponame":"community"},"subpath":"","is_vulnerable":false,"next_non_vulnerable_version":"102.11.0-r0","latest_non_vulnerable_version":"115.17.0-r0","affected_by_vulnerabilities":[],"fixing_vulnerabilities":[{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/63093?format=json","vulnerability_id":"VCID-2a5d-8cac-mkft","summary":"A newline in a filename could have been used to bypass the file extension security mechanisms that replace malicious file extensions such as .lnk  with .download. This could have led to accidental execution of malicious code.*This bug only affects Firefox on Windows. Other versions of Firefox are unaffected.*","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-29542.json","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-29542.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2023-29542","reference_id":"","reference_type":"","scores":[{"value":"0.00107","scoring_system":"epss","scoring_elements":"0.29076","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00107","scoring_system":"epss","scoring_elements":"0.29026","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00107","scoring_system":"epss","scoring_elements":"0.28999","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00107","scoring_system":"epss","scoring_elements":"0.28995","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00107","scoring_system":"epss","scoring_elements":"0.28953","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00107","scoring_system":"epss","scoring_elements":"0.28885","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00126","scoring_system":"epss","scoring_elements":"0.31898","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00126","scoring_system":"epss","scoring_elements":"0.31864","published_at":"2026-04-13T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2023-29542"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2186107","reference_id":"2186107","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2186107"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2023-13","reference_id":"mfsa2023-13","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2023-13"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2023-13/","reference_id":"mfsa2023-13","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-12-11T15:45:52Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2023-13/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2023-14","reference_id":"mfsa2023-14","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2023-14"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2023-14/","reference_id":"mfsa2023-14","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-12-11T15:45:52Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2023-14/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2023-15","reference_id":"mfsa2023-15","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2023-15"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2023-15/","reference_id":"mfsa2023-15","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-12-11T15:45:52Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2023-15/"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1810793","reference_id":"show_bug.cgi?id=1810793","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-12-11T15:45:52Z/"}],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1810793"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1815062","reference_id":"show_bug.cgi?id=1815062","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-12-11T15:45:52Z/"}],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1815062"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/412203?format=json","purl":"pkg:apk/alpine/firefox-esr@102.10.0-r0?arch=ppc64le&distroversion=v3.20&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/firefox-esr@102.10.0-r0%3Farch=ppc64le&distroversion=v3.20&reponame=community"}],"aliases":["CVE-2023-29542"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-2a5d-8cac-mkft"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/18044?format=json","vulnerability_id":"VCID-5hzf-gdbj-8ud8","summary":"Double Free\nThere exists a use after free/double free in libwebp. An attacker can use the ApplyFiltersAndEncode() function and loop through to free best.bw and assign best = trial pointer. The second loop will then return 0 because of an Out of memory error in VP8 encoder, the pointer is still assigned to trial and the AddressSanitizer will attempt a double free.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-1999.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-1999.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2023-1999","reference_id":"","reference_type":"","scores":[{"value":"0.00376","scoring_system":"epss","scoring_elements":"0.59206","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00376","scoring_system":"epss","scoring_elements":"0.59224","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00376","scoring_system":"epss","scoring_elements":"0.59209","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00376","scoring_system":"epss","scoring_elements":"0.59222","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00376","scoring_system":"epss","scoring_elements":"0.59194","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00376","scoring_system":"epss","scoring_elements":"0.59158","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00376","scoring_system":"epss","scoring_elements":"0.5917","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00376","scoring_system":"epss","scoring_elements":"0.59242","published_at":"2026-04-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2023-1999"},{"reference_url":"https://chromium.googlesource.com/webm/libwebp","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-26T19:14:09Z/"}],"url":"https://chromium.googlesource.com/webm/libwebp"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0547","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0547"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1945","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1945"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1999","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1999"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-28427","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-28427"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29479","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29479"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29533","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29533"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29535","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29535"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29536","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29536"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29539","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29539"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29541","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29541"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29548","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29548"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29550","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29550"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1035371","reference_id":"1035371","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1035371"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2186102","reference_id":"2186102","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2186102"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2023-1999","reference_id":"CVE-2023-1999","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/detail/CVE-2023-1999"},{"reference_url":"https://security.gentoo.org/glsa/202305-35","reference_id":"GLSA-202305-35","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202305-35"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2023-13","reference_id":"mfsa2023-13","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2023-13"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2023-14","reference_id":"mfsa2023-14","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2023-14"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2023-15","reference_id":"mfsa2023-15","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2023-15"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1785","reference_id":"RHSA-2023:1785","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1785"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1786","reference_id":"RHSA-2023:1786","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1786"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1787","reference_id":"RHSA-2023:1787","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1787"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1788","reference_id":"RHSA-2023:1788","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1788"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1789","reference_id":"RHSA-2023:1789","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1789"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1790","reference_id":"RHSA-2023:1790","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1790"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1791","reference_id":"RHSA-2023:1791","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1791"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1792","reference_id":"RHSA-2023:1792","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1792"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1802","reference_id":"RHSA-2023:1802","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1802"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1803","reference_id":"RHSA-2023:1803","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1803"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1804","reference_id":"RHSA-2023:1804","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1804"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1805","reference_id":"RHSA-2023:1805","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1805"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1806","reference_id":"RHSA-2023:1806","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1806"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1809","reference_id":"RHSA-2023:1809","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1809"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1810","reference_id":"RHSA-2023:1810","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1810"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1811","reference_id":"RHSA-2023:1811","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1811"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:2072","reference_id":"RHSA-2023:2072","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:2072"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:2073","reference_id":"RHSA-2023:2073","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:2073"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:2075","reference_id":"RHSA-2023:2075","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:2075"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:2076","reference_id":"RHSA-2023:2076","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:2076"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:2077","reference_id":"RHSA-2023:2077","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:2077"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:2078","reference_id":"RHSA-2023:2078","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:2078"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:2084","reference_id":"RHSA-2023:2084","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:2084"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:2085","reference_id":"RHSA-2023:2085","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:2085"},{"reference_url":"https://usn.ubuntu.com/6078-1/","reference_id":"USN-6078-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6078-1/"},{"reference_url":"https://usn.ubuntu.com/6078-2/","reference_id":"USN-6078-2","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6078-2/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/412203?format=json","purl":"pkg:apk/alpine/firefox-esr@102.10.0-r0?arch=ppc64le&distroversion=v3.20&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/firefox-esr@102.10.0-r0%3Farch=ppc64le&distroversion=v3.20&reponame=community"}],"aliases":["CVE-2023-1999"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-5hzf-gdbj-8ud8"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/33939?format=json","vulnerability_id":"VCID-73wu-d7y3-7bge","summary":"Multiple vulnerabilities have been discovered in Mozilla Thunderbird, the worst of which could result in arbitrary code execution.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-1945.json","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-1945.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2023-1945","reference_id":"","reference_type":"","scores":[{"value":"0.00138","scoring_system":"epss","scoring_elements":"0.33868","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00138","scoring_system":"epss","scoring_elements":"0.33892","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00138","scoring_system":"epss","scoring_elements":"0.33976","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00138","scoring_system":"epss","scoring_elements":"0.33934","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00138","scoring_system":"epss","scoring_elements":"0.33936","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00138","scoring_system":"epss","scoring_elements":"0.33904","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00138","scoring_system":"epss","scoring_elements":"0.34007","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00138","scoring_system":"epss","scoring_elements":"0.33861","published_at":"2026-04-07T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2023-1945"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0547","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0547"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1945","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1945"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1999","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1999"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-28427","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-28427"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29479","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29479"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29533","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29533"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29535","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29535"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29536","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29536"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29539","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29539"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29541","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29541"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29548","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29548"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29550","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29550"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2186109","reference_id":"2186109","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2186109"},{"reference_url":"https://security.gentoo.org/glsa/202305-35","reference_id":"GLSA-202305-35","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202305-35"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2023-14","reference_id":"mfsa2023-14","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2023-14"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2023-14/","reference_id":"mfsa2023-14","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-09T16:55:03Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2023-14/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2023-15","reference_id":"mfsa2023-15","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2023-15"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2023-15/","reference_id":"mfsa2023-15","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-09T16:55:03Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2023-15/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1785","reference_id":"RHSA-2023:1785","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1785"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1786","reference_id":"RHSA-2023:1786","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1786"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1787","reference_id":"RHSA-2023:1787","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1787"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1788","reference_id":"RHSA-2023:1788","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1788"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1789","reference_id":"RHSA-2023:1789","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1789"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1790","reference_id":"RHSA-2023:1790","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1790"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1791","reference_id":"RHSA-2023:1791","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1791"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1792","reference_id":"RHSA-2023:1792","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1792"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1802","reference_id":"RHSA-2023:1802","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1802"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1803","reference_id":"RHSA-2023:1803","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1803"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1804","reference_id":"RHSA-2023:1804","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1804"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1805","reference_id":"RHSA-2023:1805","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1805"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1806","reference_id":"RHSA-2023:1806","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1806"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1809","reference_id":"RHSA-2023:1809","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1809"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1810","reference_id":"RHSA-2023:1810","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1810"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1811","reference_id":"RHSA-2023:1811","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1811"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1777588","reference_id":"show_bug.cgi?id=1777588","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-09T16:55:03Z/"}],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1777588"},{"reference_url":"https://usn.ubuntu.com/6015-1/","reference_id":"USN-6015-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6015-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/412203?format=json","purl":"pkg:apk/alpine/firefox-esr@102.10.0-r0?arch=ppc64le&distroversion=v3.20&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/firefox-esr@102.10.0-r0%3Farch=ppc64le&distroversion=v3.20&reponame=community"}],"aliases":["CVE-2023-1945"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-73wu-d7y3-7bge"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/33975?format=json","vulnerability_id":"VCID-7b8k-mgs3-cud5","summary":"Multiple vulnerabilities have been discovered in Mozilla Thunderbird, the worst of which could result in arbitrary code execution.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-29550.json","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-29550.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2023-29550","reference_id":"","reference_type":"","scores":[{"value":"0.0019","scoring_system":"epss","scoring_elements":"0.40853","published_at":"2026-04-13T12:55:00Z"},{"value":"0.0019","scoring_system":"epss","scoring_elements":"0.40872","published_at":"2026-04-12T12:55:00Z"},{"value":"0.0019","scoring_system":"epss","scoring_elements":"0.4088","published_at":"2026-04-02T12:55:00Z"},{"value":"0.0019","scoring_system":"epss","scoring_elements":"0.40907","published_at":"2026-04-11T12:55:00Z"},{"value":"0.0019","scoring_system":"epss","scoring_elements":"0.40891","published_at":"2026-04-09T12:55:00Z"},{"value":"0.0019","scoring_system":"epss","scoring_elements":"0.40884","published_at":"2026-04-08T12:55:00Z"},{"value":"0.0019","scoring_system":"epss","scoring_elements":"0.40908","published_at":"2026-04-04T12:55:00Z"},{"value":"0.0019","scoring_system":"epss","scoring_elements":"0.40835","published_at":"2026-04-07T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2023-29550"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0547","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0547"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1945","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1945"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1999","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1999"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-28427","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-28427"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29479","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29479"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29533","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29533"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29535","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29535"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29536","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29536"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29539","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29539"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29541","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29541"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29548","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29548"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29550","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29550"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2186111","reference_id":"2186111","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2186111"},{"reference_url":"https://bugzilla.mozilla.org/buglist.cgi?bug_id=1720594%2C1812498%2C1814217%2C1818357%2C1751945%2C1818762%2C1819493%2C1820389%2C1820602%2C1821448%2C1822413%2C1824828","reference_id":"buglist.cgi?bug_id=1720594%2C1812498%2C1814217%2C1818357%2C1751945%2C1818762%2C1819493%2C1820389%2C1820602%2C1821448%2C1822413%2C1824828","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-01-10T19:20:01Z/"}],"url":"https://bugzilla.mozilla.org/buglist.cgi?bug_id=1720594%2C1812498%2C1814217%2C1818357%2C1751945%2C1818762%2C1819493%2C1820389%2C1820602%2C1821448%2C1822413%2C1824828"},{"reference_url":"https://security.gentoo.org/glsa/202305-35","reference_id":"GLSA-202305-35","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202305-35"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2023-13","reference_id":"mfsa2023-13","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2023-13"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2023-13/","reference_id":"mfsa2023-13","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-01-10T19:20:01Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2023-13/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2023-14","reference_id":"mfsa2023-14","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2023-14"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2023-14/","reference_id":"mfsa2023-14","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-01-10T19:20:01Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2023-14/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2023-15","reference_id":"mfsa2023-15","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2023-15"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2023-15/","reference_id":"mfsa2023-15","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-01-10T19:20:01Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2023-15/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1785","reference_id":"RHSA-2023:1785","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1785"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1786","reference_id":"RHSA-2023:1786","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1786"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1787","reference_id":"RHSA-2023:1787","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1787"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1788","reference_id":"RHSA-2023:1788","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1788"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1789","reference_id":"RHSA-2023:1789","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1789"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1790","reference_id":"RHSA-2023:1790","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1790"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1791","reference_id":"RHSA-2023:1791","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1791"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1792","reference_id":"RHSA-2023:1792","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1792"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1802","reference_id":"RHSA-2023:1802","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1802"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1803","reference_id":"RHSA-2023:1803","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1803"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1804","reference_id":"RHSA-2023:1804","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1804"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1805","reference_id":"RHSA-2023:1805","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1805"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1806","reference_id":"RHSA-2023:1806","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1806"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1809","reference_id":"RHSA-2023:1809","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1809"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1810","reference_id":"RHSA-2023:1810","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1810"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1811","reference_id":"RHSA-2023:1811","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1811"},{"reference_url":"https://usn.ubuntu.com/6010-1/","reference_id":"USN-6010-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6010-1/"},{"reference_url":"https://usn.ubuntu.com/6015-1/","reference_id":"USN-6015-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6015-1/"},{"reference_url":"https://usn.ubuntu.com/6120-1/","reference_id":"USN-6120-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6120-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/412203?format=json","purl":"pkg:apk/alpine/firefox-esr@102.10.0-r0?arch=ppc64le&distroversion=v3.20&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/firefox-esr@102.10.0-r0%3Farch=ppc64le&distroversion=v3.20&reponame=community"}],"aliases":["CVE-2023-29550"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-7b8k-mgs3-cud5"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/33974?format=json","vulnerability_id":"VCID-a8gt-y9j7-zuhs","summary":"Multiple vulnerabilities have been discovered in Mozilla Thunderbird, the worst of which could result in arbitrary code execution.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-29548.json","reference_id":"","reference_type":"","scores":[{"value":"3.4","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:N/I:L/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-29548.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2023-29548","reference_id":"","reference_type":"","scores":[{"value":"0.00138","scoring_system":"epss","scoring_elements":"0.33783","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00138","scoring_system":"epss","scoring_elements":"0.33807","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00138","scoring_system":"epss","scoring_elements":"0.3389","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00138","scoring_system":"epss","scoring_elements":"0.33849","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00138","scoring_system":"epss","scoring_elements":"0.33851","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00138","scoring_system":"epss","scoring_elements":"0.33817","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00138","scoring_system":"epss","scoring_elements":"0.33922","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00138","scoring_system":"epss","scoring_elements":"0.33775","published_at":"2026-04-07T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2023-29548"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0547","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0547"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1945","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1945"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1999","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1999"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-28427","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-28427"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29479","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29479"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29533","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29533"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29535","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29535"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29536","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29536"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29539","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29539"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29541","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29541"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29548","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29548"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29550","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29550"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2186110","reference_id":"2186110","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2186110"},{"reference_url":"https://security.gentoo.org/glsa/202305-35","reference_id":"GLSA-202305-35","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202305-35"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2023-13","reference_id":"mfsa2023-13","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2023-13"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2023-13/","reference_id":"mfsa2023-13","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-10T19:16:05Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2023-13/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2023-14","reference_id":"mfsa2023-14","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2023-14"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2023-14/","reference_id":"mfsa2023-14","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-10T19:16:05Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2023-14/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2023-15","reference_id":"mfsa2023-15","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2023-15"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2023-15/","reference_id":"mfsa2023-15","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-10T19:16:05Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2023-15/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1785","reference_id":"RHSA-2023:1785","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1785"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1786","reference_id":"RHSA-2023:1786","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1786"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1787","reference_id":"RHSA-2023:1787","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1787"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1788","reference_id":"RHSA-2023:1788","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1788"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1789","reference_id":"RHSA-2023:1789","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1789"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1790","reference_id":"RHSA-2023:1790","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1790"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1791","reference_id":"RHSA-2023:1791","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1791"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1792","reference_id":"RHSA-2023:1792","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1792"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1802","reference_id":"RHSA-2023:1802","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1802"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1803","reference_id":"RHSA-2023:1803","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1803"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1804","reference_id":"RHSA-2023:1804","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1804"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1805","reference_id":"RHSA-2023:1805","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1805"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1806","reference_id":"RHSA-2023:1806","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1806"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1809","reference_id":"RHSA-2023:1809","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1809"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1810","reference_id":"RHSA-2023:1810","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1810"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1811","reference_id":"RHSA-2023:1811","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1811"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1822754","reference_id":"show_bug.cgi?id=1822754","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-10T19:16:05Z/"}],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1822754"},{"reference_url":"https://usn.ubuntu.com/6010-1/","reference_id":"USN-6010-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6010-1/"},{"reference_url":"https://usn.ubuntu.com/6015-1/","reference_id":"USN-6015-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6015-1/"},{"reference_url":"https://usn.ubuntu.com/6120-1/","reference_id":"USN-6120-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6120-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/412203?format=json","purl":"pkg:apk/alpine/firefox-esr@102.10.0-r0?arch=ppc64le&distroversion=v3.20&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/firefox-esr@102.10.0-r0%3Farch=ppc64le&distroversion=v3.20&reponame=community"}],"aliases":["CVE-2023-29548"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-a8gt-y9j7-zuhs"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/33972?format=json","vulnerability_id":"VCID-as8g-vnyj-u7hk","summary":"Multiple vulnerabilities have been discovered in Mozilla Thunderbird, the worst of which could result in arbitrary code execution.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-29539.json","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-29539.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2023-29539","reference_id":"","reference_type":"","scores":[{"value":"0.00209","scoring_system":"epss","scoring_elements":"0.43239","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00209","scoring_system":"epss","scoring_elements":"0.43291","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00209","scoring_system":"epss","scoring_elements":"0.43302","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00209","scoring_system":"epss","scoring_elements":"0.43273","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00209","scoring_system":"epss","scoring_elements":"0.43326","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00209","scoring_system":"epss","scoring_elements":"0.43305","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00221","scoring_system":"epss","scoring_elements":"0.4477","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00221","scoring_system":"epss","scoring_elements":"0.44772","published_at":"2026-04-13T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2023-29539"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0547","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0547"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1945","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1945"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1999","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1999"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-28427","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-28427"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29479","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29479"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29533","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29533"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29535","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29535"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29536","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29536"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29539","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29539"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29541","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29541"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29548","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29548"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29550","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29550"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2186105","reference_id":"2186105","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2186105"},{"reference_url":"https://security.gentoo.org/glsa/202305-35","reference_id":"GLSA-202305-35","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202305-35"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2023-13","reference_id":"mfsa2023-13","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2023-13"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2023-13/","reference_id":"mfsa2023-13","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-01-09T15:43:44Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2023-13/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2023-14","reference_id":"mfsa2023-14","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2023-14"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2023-14/","reference_id":"mfsa2023-14","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-01-09T15:43:44Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2023-14/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2023-15","reference_id":"mfsa2023-15","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2023-15"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2023-15/","reference_id":"mfsa2023-15","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-01-09T15:43:44Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2023-15/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1785","reference_id":"RHSA-2023:1785","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1785"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1786","reference_id":"RHSA-2023:1786","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1786"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1787","reference_id":"RHSA-2023:1787","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1787"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1788","reference_id":"RHSA-2023:1788","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1788"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1789","reference_id":"RHSA-2023:1789","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1789"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1790","reference_id":"RHSA-2023:1790","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1790"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1791","reference_id":"RHSA-2023:1791","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1791"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1792","reference_id":"RHSA-2023:1792","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1792"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1802","reference_id":"RHSA-2023:1802","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1802"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1803","reference_id":"RHSA-2023:1803","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1803"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1804","reference_id":"RHSA-2023:1804","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1804"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1805","reference_id":"RHSA-2023:1805","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1805"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1806","reference_id":"RHSA-2023:1806","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1806"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1809","reference_id":"RHSA-2023:1809","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1809"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1810","reference_id":"RHSA-2023:1810","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1810"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1811","reference_id":"RHSA-2023:1811","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1811"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1784348","reference_id":"show_bug.cgi?id=1784348","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-01-09T15:43:44Z/"}],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1784348"},{"reference_url":"https://usn.ubuntu.com/6010-1/","reference_id":"USN-6010-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6010-1/"},{"reference_url":"https://usn.ubuntu.com/6015-1/","reference_id":"USN-6015-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6015-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/412203?format=json","purl":"pkg:apk/alpine/firefox-esr@102.10.0-r0?arch=ppc64le&distroversion=v3.20&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/firefox-esr@102.10.0-r0%3Farch=ppc64le&distroversion=v3.20&reponame=community"}],"aliases":["CVE-2023-29539"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-as8g-vnyj-u7hk"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/33973?format=json","vulnerability_id":"VCID-bc7q-srps-sfd7","summary":"Multiple vulnerabilities have been discovered in Mozilla Thunderbird, the worst of which could result in arbitrary code execution.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-29541.json","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-29541.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2023-29541","reference_id":"","reference_type":"","scores":[{"value":"0.002","scoring_system":"epss","scoring_elements":"0.42057","published_at":"2026-04-13T12:55:00Z"},{"value":"0.002","scoring_system":"epss","scoring_elements":"0.42082","published_at":"2026-04-12T12:55:00Z"},{"value":"0.002","scoring_system":"epss","scoring_elements":"0.42068","published_at":"2026-04-02T12:55:00Z"},{"value":"0.002","scoring_system":"epss","scoring_elements":"0.4212","published_at":"2026-04-11T12:55:00Z"},{"value":"0.002","scoring_system":"epss","scoring_elements":"0.42097","published_at":"2026-04-09T12:55:00Z"},{"value":"0.002","scoring_system":"epss","scoring_elements":"0.42085","published_at":"2026-04-08T12:55:00Z"},{"value":"0.002","scoring_system":"epss","scoring_elements":"0.42095","published_at":"2026-04-04T12:55:00Z"},{"value":"0.002","scoring_system":"epss","scoring_elements":"0.42033","published_at":"2026-04-07T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2023-29541"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0547","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0547"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1945","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1945"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1999","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1999"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-28427","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-28427"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29479","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29479"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29533","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29533"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29535","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29535"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29536","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29536"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29539","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29539"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29541","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29541"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29548","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29548"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29550","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29550"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2186106","reference_id":"2186106","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2186106"},{"reference_url":"https://security.gentoo.org/glsa/202305-35","reference_id":"GLSA-202305-35","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202305-35"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2023-13","reference_id":"mfsa2023-13","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2023-13"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2023-13/","reference_id":"mfsa2023-13","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-10T19:08:52Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2023-13/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2023-14","reference_id":"mfsa2023-14","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2023-14"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2023-14/","reference_id":"mfsa2023-14","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-10T19:08:52Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2023-14/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2023-15","reference_id":"mfsa2023-15","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2023-15"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2023-15/","reference_id":"mfsa2023-15","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-10T19:08:52Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2023-15/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1785","reference_id":"RHSA-2023:1785","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1785"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1786","reference_id":"RHSA-2023:1786","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1786"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1787","reference_id":"RHSA-2023:1787","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1787"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1788","reference_id":"RHSA-2023:1788","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1788"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1789","reference_id":"RHSA-2023:1789","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1789"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1790","reference_id":"RHSA-2023:1790","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1790"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1791","reference_id":"RHSA-2023:1791","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1791"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1792","reference_id":"RHSA-2023:1792","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1792"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1802","reference_id":"RHSA-2023:1802","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1802"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1803","reference_id":"RHSA-2023:1803","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1803"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1804","reference_id":"RHSA-2023:1804","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1804"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1805","reference_id":"RHSA-2023:1805","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1805"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1806","reference_id":"RHSA-2023:1806","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1806"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1809","reference_id":"RHSA-2023:1809","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1809"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1810","reference_id":"RHSA-2023:1810","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1810"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1811","reference_id":"RHSA-2023:1811","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1811"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1810191","reference_id":"show_bug.cgi?id=1810191","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-10T19:08:52Z/"}],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1810191"},{"reference_url":"https://usn.ubuntu.com/6010-1/","reference_id":"USN-6010-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6010-1/"},{"reference_url":"https://usn.ubuntu.com/6015-1/","reference_id":"USN-6015-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6015-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/412203?format=json","purl":"pkg:apk/alpine/firefox-esr@102.10.0-r0?arch=ppc64le&distroversion=v3.20&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/firefox-esr@102.10.0-r0%3Farch=ppc64le&distroversion=v3.20&reponame=community"}],"aliases":["CVE-2023-29541"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-bc7q-srps-sfd7"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/63090?format=json","vulnerability_id":"VCID-cmnc-fyxb-rfd4","summary":"An attacker could have caused an out of bounds memory access using WebGL APIs, leading to memory corruption and a potentially exploitable crash.*This bug only affects Firefox for macOS. Other operating systems are unaffected.*","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-29531.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-29531.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2023-29531","reference_id":"","reference_type":"","scores":[{"value":"0.00553","scoring_system":"epss","scoring_elements":"0.68034","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00553","scoring_system":"epss","scoring_elements":"0.68068","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00553","scoring_system":"epss","scoring_elements":"0.67996","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00553","scoring_system":"epss","scoring_elements":"0.68082","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00553","scoring_system":"epss","scoring_elements":"0.68059","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00553","scoring_system":"epss","scoring_elements":"0.68044","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00553","scoring_system":"epss","scoring_elements":"0.67993","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00553","scoring_system":"epss","scoring_elements":"0.68015","published_at":"2026-04-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2023-29531"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2186099","reference_id":"2186099","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2186099"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2023-13","reference_id":"mfsa2023-13","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2023-13"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2023-13/","reference_id":"mfsa2023-13","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-12-11T15:34:50Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2023-13/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2023-14","reference_id":"mfsa2023-14","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2023-14"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2023-14/","reference_id":"mfsa2023-14","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-12-11T15:34:50Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2023-14/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2023-15","reference_id":"mfsa2023-15","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2023-15"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2023-15/","reference_id":"mfsa2023-15","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-12-11T15:34:50Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2023-15/"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1794292","reference_id":"show_bug.cgi?id=1794292","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-12-11T15:34:50Z/"}],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1794292"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/412203?format=json","purl":"pkg:apk/alpine/firefox-esr@102.10.0-r0?arch=ppc64le&distroversion=v3.20&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/firefox-esr@102.10.0-r0%3Farch=ppc64le&distroversion=v3.20&reponame=community"}],"aliases":["CVE-2023-29531"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-cmnc-fyxb-rfd4"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/63094?format=json","vulnerability_id":"VCID-ebhp-kzkz-euhu","summary":"Similar to CVE-2023-28163, this time when choosing 'Save Link As', suggested filenames containing environment variable names would have resolved those in the context of the current user. *This bug only affects Firefox on Windows. Other versions of Firefox are unaffected.*","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-29545.json","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-29545.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2023-29545","reference_id":"","reference_type":"","scores":[{"value":"0.00344","scoring_system":"epss","scoring_elements":"0.57024","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00344","scoring_system":"epss","scoring_elements":"0.57048","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00344","scoring_system":"epss","scoring_elements":"0.57007","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00344","scoring_system":"epss","scoring_elements":"0.57029","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00344","scoring_system":"epss","scoring_elements":"0.57056","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00344","scoring_system":"epss","scoring_elements":"0.57006","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00344","scoring_system":"epss","scoring_elements":"0.57069","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00344","scoring_system":"epss","scoring_elements":"0.57058","published_at":"2026-04-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2023-29545"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2186108","reference_id":"2186108","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2186108"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2023-13","reference_id":"mfsa2023-13","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2023-13"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2023-13/","reference_id":"mfsa2023-13","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-12-11T15:48:18Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2023-13/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2023-14","reference_id":"mfsa2023-14","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2023-14"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2023-14/","reference_id":"mfsa2023-14","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-12-11T15:48:18Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2023-14/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2023-15","reference_id":"mfsa2023-15","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2023-15"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2023-15/","reference_id":"mfsa2023-15","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-12-11T15:48:18Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2023-15/"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1823077","reference_id":"show_bug.cgi?id=1823077","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-12-11T15:48:18Z/"}],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1823077"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/412203?format=json","purl":"pkg:apk/alpine/firefox-esr@102.10.0-r0?arch=ppc64le&distroversion=v3.20&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/firefox-esr@102.10.0-r0%3Farch=ppc64le&distroversion=v3.20&reponame=community"}],"aliases":["CVE-2023-29545"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-ebhp-kzkz-euhu"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/63091?format=json","vulnerability_id":"VCID-f8c7-p8nz-bbap","summary":"A local attacker can trick the Mozilla Maintenance Service into applying an unsigned update file by pointing the service at an update file on a malicious SMB server. The update file can be replaced after the signature check, before the use, because the write-lock requested by the service does not work on a SMB server.*Note: This attack requires local system access and only affects Windows. Other operating systems are not affected.*","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-29532.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-29532.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2023-29532","reference_id":"","reference_type":"","scores":[{"value":"0.00075","scoring_system":"epss","scoring_elements":"0.22685","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00075","scoring_system":"epss","scoring_elements":"0.22627","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00075","scoring_system":"epss","scoring_elements":"0.22611","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00075","scoring_system":"epss","scoring_elements":"0.22557","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00075","scoring_system":"epss","scoring_elements":"0.22475","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00075","scoring_system":"epss","scoring_elements":"0.22642","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00079","scoring_system":"epss","scoring_elements":"0.23508","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00079","scoring_system":"epss","scoring_elements":"0.23453","published_at":"2026-04-13T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2023-29532"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2186100","reference_id":"2186100","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2186100"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2023-13","reference_id":"mfsa2023-13","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2023-13"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2023-13/","reference_id":"mfsa2023-13","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-12-11T15:43:12Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2023-13/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2023-14","reference_id":"mfsa2023-14","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2023-14"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2023-14/","reference_id":"mfsa2023-14","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-12-11T15:43:12Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2023-14/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2023-15","reference_id":"mfsa2023-15","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2023-15"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2023-15/","reference_id":"mfsa2023-15","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-12-11T15:43:12Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2023-15/"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1806394","reference_id":"show_bug.cgi?id=1806394","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-12-11T15:43:12Z/"}],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1806394"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/412203?format=json","purl":"pkg:apk/alpine/firefox-esr@102.10.0-r0?arch=ppc64le&distroversion=v3.20&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/firefox-esr@102.10.0-r0%3Farch=ppc64le&distroversion=v3.20&reponame=community"}],"aliases":["CVE-2023-29532"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-f8c7-p8nz-bbap"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/33970?format=json","vulnerability_id":"VCID-w814-2cmz-ruhz","summary":"Multiple vulnerabilities have been discovered in Mozilla Thunderbird, the worst of which could result in arbitrary code execution.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-29535.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-29535.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2023-29535","reference_id":"","reference_type":"","scores":[{"value":"0.0033","scoring_system":"epss","scoring_elements":"0.56009","published_at":"2026-04-09T12:55:00Z"},{"value":"0.0033","scoring_system":"epss","scoring_elements":"0.56006","published_at":"2026-04-08T12:55:00Z"},{"value":"0.0033","scoring_system":"epss","scoring_elements":"0.56019","published_at":"2026-04-11T12:55:00Z"},{"value":"0.0035","scoring_system":"epss","scoring_elements":"0.57517","published_at":"2026-04-12T12:55:00Z"},{"value":"0.0035","scoring_system":"epss","scoring_elements":"0.57497","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00419","scoring_system":"epss","scoring_elements":"0.61857","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00419","scoring_system":"epss","scoring_elements":"0.61855","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00419","scoring_system":"epss","scoring_elements":"0.61885","published_at":"2026-04-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2023-29535"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0547","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0547"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1945","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1945"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1999","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1999"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-28427","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-28427"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29479","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29479"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29533","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29533"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29535","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29535"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29536","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29536"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29539","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29539"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29541","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29541"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29548","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29548"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29550","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29550"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2186103","reference_id":"2186103","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2186103"},{"reference_url":"https://security.gentoo.org/glsa/202305-35","reference_id":"GLSA-202305-35","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202305-35"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2023-13","reference_id":"mfsa2023-13","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2023-13"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2023-13/","reference_id":"mfsa2023-13","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-09T15:51:21Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2023-13/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2023-14","reference_id":"mfsa2023-14","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2023-14"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2023-14/","reference_id":"mfsa2023-14","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-09T15:51:21Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2023-14/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2023-15","reference_id":"mfsa2023-15","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2023-15"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2023-15/","reference_id":"mfsa2023-15","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-09T15:51:21Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2023-15/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1785","reference_id":"RHSA-2023:1785","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1785"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1786","reference_id":"RHSA-2023:1786","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1786"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1787","reference_id":"RHSA-2023:1787","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1787"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1788","reference_id":"RHSA-2023:1788","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1788"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1789","reference_id":"RHSA-2023:1789","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1789"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1790","reference_id":"RHSA-2023:1790","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1790"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1791","reference_id":"RHSA-2023:1791","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1791"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1792","reference_id":"RHSA-2023:1792","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1792"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1802","reference_id":"RHSA-2023:1802","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1802"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1803","reference_id":"RHSA-2023:1803","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1803"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1804","reference_id":"RHSA-2023:1804","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1804"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1805","reference_id":"RHSA-2023:1805","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1805"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1806","reference_id":"RHSA-2023:1806","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1806"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1809","reference_id":"RHSA-2023:1809","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1809"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1810","reference_id":"RHSA-2023:1810","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1810"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1811","reference_id":"RHSA-2023:1811","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1811"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1820543","reference_id":"show_bug.cgi?id=1820543","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-09T15:51:21Z/"}],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1820543"},{"reference_url":"https://usn.ubuntu.com/6010-1/","reference_id":"USN-6010-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6010-1/"},{"reference_url":"https://usn.ubuntu.com/6015-1/","reference_id":"USN-6015-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6015-1/"},{"reference_url":"https://usn.ubuntu.com/6120-1/","reference_id":"USN-6120-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6120-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/412203?format=json","purl":"pkg:apk/alpine/firefox-esr@102.10.0-r0?arch=ppc64le&distroversion=v3.20&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/firefox-esr@102.10.0-r0%3Farch=ppc64le&distroversion=v3.20&reponame=community"}],"aliases":["CVE-2023-29535"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-w814-2cmz-ruhz"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/33969?format=json","vulnerability_id":"VCID-yhj1-h62u-mud5","summary":"Multiple vulnerabilities have been discovered in Mozilla Thunderbird, the worst of which could result in arbitrary code execution.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-29533.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-29533.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2023-29533","reference_id":"","reference_type":"","scores":[{"value":"0.00138","scoring_system":"epss","scoring_elements":"0.33952","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00138","scoring_system":"epss","scoring_elements":"0.33976","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00138","scoring_system":"epss","scoring_elements":"0.34058","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00138","scoring_system":"epss","scoring_elements":"0.34019","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00138","scoring_system":"epss","scoring_elements":"0.33988","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00138","scoring_system":"epss","scoring_elements":"0.33946","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00138","scoring_system":"epss","scoring_elements":"0.34088","published_at":"2026-04-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2023-29533"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0547","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0547"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1945","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1945"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1999","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1999"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-28427","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-28427"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29479","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29479"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29533","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29533"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29535","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29535"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29536","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29536"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29539","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29539"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29541","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29541"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29548","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29548"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29550","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29550"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2186101","reference_id":"2186101","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2186101"},{"reference_url":"https://security.gentoo.org/glsa/202305-35","reference_id":"GLSA-202305-35","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202305-35"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2023-13","reference_id":"mfsa2023-13","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2023-13"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2023-13/","reference_id":"mfsa2023-13","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-09T15:57:06Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2023-13/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2023-14","reference_id":"mfsa2023-14","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2023-14"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2023-14/","reference_id":"mfsa2023-14","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-09T15:57:06Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2023-14/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2023-15","reference_id":"mfsa2023-15","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2023-15"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2023-15/","reference_id":"mfsa2023-15","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-09T15:57:06Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2023-15/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1785","reference_id":"RHSA-2023:1785","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1785"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1786","reference_id":"RHSA-2023:1786","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1786"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1787","reference_id":"RHSA-2023:1787","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1787"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1788","reference_id":"RHSA-2023:1788","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1788"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1789","reference_id":"RHSA-2023:1789","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1789"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1790","reference_id":"RHSA-2023:1790","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1790"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1791","reference_id":"RHSA-2023:1791","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1791"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1792","reference_id":"RHSA-2023:1792","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1792"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1802","reference_id":"RHSA-2023:1802","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1802"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1803","reference_id":"RHSA-2023:1803","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1803"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1804","reference_id":"RHSA-2023:1804","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1804"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1805","reference_id":"RHSA-2023:1805","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1805"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1806","reference_id":"RHSA-2023:1806","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1806"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1809","reference_id":"RHSA-2023:1809","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1809"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1810","reference_id":"RHSA-2023:1810","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1810"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1811","reference_id":"RHSA-2023:1811","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1811"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1798219","reference_id":"show_bug.cgi?id=1798219","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-09T15:57:06Z/"}],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1798219"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1814597","reference_id":"show_bug.cgi?id=1814597","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-09T15:57:06Z/"}],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1814597"},{"reference_url":"https://usn.ubuntu.com/6010-1/","reference_id":"USN-6010-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6010-1/"},{"reference_url":"https://usn.ubuntu.com/6015-1/","reference_id":"USN-6015-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6015-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/412203?format=json","purl":"pkg:apk/alpine/firefox-esr@102.10.0-r0?arch=ppc64le&distroversion=v3.20&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/firefox-esr@102.10.0-r0%3Farch=ppc64le&distroversion=v3.20&reponame=community"}],"aliases":["CVE-2023-29533"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-yhj1-h62u-mud5"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/33971?format=json","vulnerability_id":"VCID-yjyu-u73t-u7bh","summary":"Multiple vulnerabilities have been discovered in Mozilla Thunderbird, the worst of which could result in arbitrary code execution.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-29536.json","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-29536.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2023-29536","reference_id":"","reference_type":"","scores":[{"value":"0.0019","scoring_system":"epss","scoring_elements":"0.40853","published_at":"2026-04-13T12:55:00Z"},{"value":"0.0019","scoring_system":"epss","scoring_elements":"0.40872","published_at":"2026-04-12T12:55:00Z"},{"value":"0.0019","scoring_system":"epss","scoring_elements":"0.4088","published_at":"2026-04-02T12:55:00Z"},{"value":"0.0019","scoring_system":"epss","scoring_elements":"0.40907","published_at":"2026-04-11T12:55:00Z"},{"value":"0.0019","scoring_system":"epss","scoring_elements":"0.40891","published_at":"2026-04-09T12:55:00Z"},{"value":"0.0019","scoring_system":"epss","scoring_elements":"0.40884","published_at":"2026-04-08T12:55:00Z"},{"value":"0.0019","scoring_system":"epss","scoring_elements":"0.40908","published_at":"2026-04-04T12:55:00Z"},{"value":"0.0019","scoring_system":"epss","scoring_elements":"0.40835","published_at":"2026-04-07T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2023-29536"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0547","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0547"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1945","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1945"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1999","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1999"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-28427","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-28427"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29479","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29479"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29533","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29533"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29535","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29535"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29536","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29536"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29539","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29539"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29541","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29541"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29548","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29548"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29550","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29550"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2186104","reference_id":"2186104","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2186104"},{"reference_url":"https://security.gentoo.org/glsa/202305-35","reference_id":"GLSA-202305-35","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202305-35"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2023-13","reference_id":"mfsa2023-13","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2023-13"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2023-13/","reference_id":"mfsa2023-13","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-01-09T15:50:03Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2023-13/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2023-14","reference_id":"mfsa2023-14","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2023-14"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2023-14/","reference_id":"mfsa2023-14","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-01-09T15:50:03Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2023-14/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2023-15","reference_id":"mfsa2023-15","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2023-15"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2023-15/","reference_id":"mfsa2023-15","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-01-09T15:50:03Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2023-15/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1785","reference_id":"RHSA-2023:1785","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1785"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1786","reference_id":"RHSA-2023:1786","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1786"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1787","reference_id":"RHSA-2023:1787","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1787"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1788","reference_id":"RHSA-2023:1788","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1788"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1789","reference_id":"RHSA-2023:1789","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1789"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1790","reference_id":"RHSA-2023:1790","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1790"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1791","reference_id":"RHSA-2023:1791","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1791"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1792","reference_id":"RHSA-2023:1792","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1792"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1802","reference_id":"RHSA-2023:1802","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1802"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1803","reference_id":"RHSA-2023:1803","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1803"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1804","reference_id":"RHSA-2023:1804","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1804"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1805","reference_id":"RHSA-2023:1805","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1805"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1806","reference_id":"RHSA-2023:1806","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1806"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1809","reference_id":"RHSA-2023:1809","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1809"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1810","reference_id":"RHSA-2023:1810","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1810"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1811","reference_id":"RHSA-2023:1811","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1811"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1821959","reference_id":"show_bug.cgi?id=1821959","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-01-09T15:50:03Z/"}],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1821959"},{"reference_url":"https://usn.ubuntu.com/6010-1/","reference_id":"USN-6010-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6010-1/"},{"reference_url":"https://usn.ubuntu.com/6015-1/","reference_id":"USN-6015-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6015-1/"},{"reference_url":"https://usn.ubuntu.com/6120-1/","reference_id":"USN-6120-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6120-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/412203?format=json","purl":"pkg:apk/alpine/firefox-esr@102.10.0-r0?arch=ppc64le&distroversion=v3.20&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/firefox-esr@102.10.0-r0%3Farch=ppc64le&distroversion=v3.20&reponame=community"}],"aliases":["CVE-2023-29536"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-yjyu-u73t-u7bh"}],"risk_score":null,"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/firefox-esr@102.10.0-r0%3Farch=ppc64le&distroversion=v3.20&reponame=community"}