{"url":"http://public2.vulnerablecode.io/api/packages/41799?format=json","purl":"pkg:deb/debian/firefox-esr@0?distro=trixie","type":"deb","namespace":"debian","name":"firefox-esr","version":"0","qualifiers":{"distro":"trixie"},"subpath":"","is_vulnerable":false,"next_non_vulnerable_version":"45.0esr-1","latest_non_vulnerable_version":"140.11.0esr-1~deb13u1","affected_by_vulnerabilities":[],"fixing_vulnerabilities":[{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/9939?format=json","vulnerability_id":"VCID-11w9-tx9j-9ufb","summary":"","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-38497.json","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-38497.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2021-38497","reference_id":"","reference_type":"","scores":[{"value":"0.00197","scoring_system":"epss","scoring_elements":"0.41728","published_at":"2026-06-12T12:55:00Z"},{"value":"0.00197","scoring_system":"epss","scoring_elements":"0.41736","published_at":"2026-06-14T12:55:00Z"},{"value":"0.00197","scoring_system":"epss","scoring_elements":"0.41747","published_at":"2026-06-13T12:55:00Z"},{"value":"0.00197","scoring_system":"epss","scoring_elements":"0.41562","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2021-38497"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2011098","reference_id":"2011098","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2011098"},{"reference_url":"https://security.archlinux.org/AVG-2443","reference_id":"AVG-2443","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-2443"},{"reference_url":"https://security.archlinux.org/AVG-2459","reference_id":"AVG-2459","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-2459"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2021-43","reference_id":"mfsa2021-43","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2021-43"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2021-45","reference_id":"mfsa2021-45","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2021-45"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2021-47","reference_id":"mfsa2021-47","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2021-47"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:3755","reference_id":"RHSA-2021:3755","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:3755"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:3756","reference_id":"RHSA-2021:3756","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:3756"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:3757","reference_id":"RHSA-2021:3757","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:3757"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:3791","reference_id":"RHSA-2021:3791","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:3791"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:3838","reference_id":"RHSA-2021:3838","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:3838"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:3839","reference_id":"RHSA-2021:3839","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:3839"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:3840","reference_id":"RHSA-2021:3840","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:3840"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:3841","reference_id":"RHSA-2021:3841","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:3841"},{"reference_url":"https://usn.ubuntu.com/5107-1/","reference_id":"USN-5107-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5107-1/"},{"reference_url":"https://usn.ubuntu.com/5132-1/","reference_id":"USN-5132-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5132-1/"},{"reference_url":"https://usn.ubuntu.com/5248-1/","reference_id":"USN-5248-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5248-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/41799?format=json","purl":"pkg:deb/debian/firefox-esr@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/41784?format=json","purl":"pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/41782?format=json","purl":"pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zj6v-hmj8-syfy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/41786?format=json","purl":"pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zj6v-hmj8-syfy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/41785?format=json","purl":"pkg:deb/debian/firefox-esr@140.11.0esr-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zj6v-hmj8-syfy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.11.0esr-1%3Fdistro=trixie"}],"aliases":["CVE-2021-38497"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-11w9-tx9j-9ufb"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/183553?format=json","vulnerability_id":"VCID-19ba-mbhw-zqdw","summary":"Multiple vulnerabilities have been found in Mozilla Firefox and\n    Thunderbird the worst of which could lead to the execution of arbitrary\n    code.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-5271.json","reference_id":"","reference_type":"","scores":[{"value":"5.6","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-5271.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2016-5271","reference_id":"","reference_type":"","scores":[{"value":"0.00429","scoring_system":"epss","scoring_elements":"0.63054","published_at":"2026-06-14T12:55:00Z"},{"value":"0.00429","scoring_system":"epss","scoring_elements":"0.62944","published_at":"2026-06-11T12:55:00Z"},{"value":"0.00429","scoring_system":"epss","scoring_elements":"0.63046","published_at":"2026-06-12T12:55:00Z"},{"value":"0.00429","scoring_system":"epss","scoring_elements":"0.63058","published_at":"2026-06-13T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2016-5271"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1377661","reference_id":"1377661","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1377661"},{"reference_url":"https://security.archlinux.org/ASA-201609-22","reference_id":"ASA-201609-22","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201609-22"},{"reference_url":"https://security.archlinux.org/AVG-24","reference_id":"AVG-24","reference_type":"","scores":[{"value":"Critical","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-24"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2016-85","reference_id":"mfsa2016-85","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2016-85"},{"reference_url":"https://usn.ubuntu.com/3076-1/","reference_id":"USN-3076-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3076-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/41799?format=json","purl":"pkg:deb/debian/firefox-esr@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/41784?format=json","purl":"pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/41782?format=json","purl":"pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zj6v-hmj8-syfy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/41786?format=json","purl":"pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zj6v-hmj8-syfy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/41785?format=json","purl":"pkg:deb/debian/firefox-esr@140.11.0esr-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zj6v-hmj8-syfy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.11.0esr-1%3Fdistro=trixie"}],"aliases":["CVE-2016-5271"],"risk_score":4.5,"exploitability":"0.5","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-19ba-mbhw-zqdw"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/165015?format=json","vulnerability_id":"VCID-1bjk-1ga1-jbdf","summary":"The executable file warning was not presented when downloading .atloc and .ftploc files, which can run commands on a user's computer. <br>*Note: This issue only affected Mac OS operating systems. Other operating systems are unaffected.*. This vulnerability affects Firefox < 108, Firefox ESR < 102.6, and Thunderbird < 102.6.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-46875.json","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-46875.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-46875","reference_id":"","reference_type":"","scores":[{"value":"0.00396","scoring_system":"epss","scoring_elements":"0.60969","published_at":"2026-06-14T12:55:00Z"},{"value":"0.00396","scoring_system":"epss","scoring_elements":"0.60972","published_at":"2026-06-13T12:55:00Z"},{"value":"0.00396","scoring_system":"epss","scoring_elements":"0.60963","published_at":"2026-06-12T12:55:00Z"},{"value":"0.00396","scoring_system":"epss","scoring_elements":"0.60856","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-46875"},{"reference_url":"https://security.gentoo.org/glsa/202305-06","reference_id":"202305-06","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-15T13:56:00Z/"}],"url":"https://security.gentoo.org/glsa/202305-06"},{"reference_url":"https://security.gentoo.org/glsa/202305-13","reference_id":"202305-13","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-15T13:56:00Z/"}],"url":"https://security.gentoo.org/glsa/202305-13"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2153451","reference_id":"2153451","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2153451"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2022-51","reference_id":"mfsa2022-51","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2022-51"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2022-51/","reference_id":"mfsa2022-51","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-15T13:56:00Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2022-51/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2022-52","reference_id":"mfsa2022-52","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2022-52"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2022-52/","reference_id":"mfsa2022-52","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-15T13:56:00Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2022-52/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2022-53","reference_id":"mfsa2022-53","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2022-53"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2022-53/","reference_id":"mfsa2022-53","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-15T13:56:00Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2022-53/"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1786188","reference_id":"show_bug.cgi?id=1786188","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-15T13:56:00Z/"}],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1786188"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/41799?format=json","purl":"pkg:deb/debian/firefox-esr@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/41784?format=json","purl":"pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/41782?format=json","purl":"pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zj6v-hmj8-syfy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/41786?format=json","purl":"pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zj6v-hmj8-syfy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/41785?format=json","purl":"pkg:deb/debian/firefox-esr@140.11.0esr-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zj6v-hmj8-syfy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.11.0esr-1%3Fdistro=trixie"}],"aliases":["CVE-2022-46875"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-1bjk-1ga1-jbdf"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/18078?format=json","vulnerability_id":"VCID-1rxg-fmst-qkdu","summary":"","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-11698.json","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-11698.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-11698","reference_id":"","reference_type":"","scores":[{"value":"0.0024","scoring_system":"epss","scoring_elements":"0.47465","published_at":"2026-06-14T12:55:00Z"},{"value":"0.0024","scoring_system":"epss","scoring_elements":"0.47484","published_at":"2026-06-13T12:55:00Z"},{"value":"0.0024","scoring_system":"epss","scoring_elements":"0.47468","published_at":"2026-06-12T12:55:00Z"},{"value":"0.0024","scoring_system":"epss","scoring_elements":"0.47327","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-11698"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2328953","reference_id":"2328953","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2328953"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-63","reference_id":"mfsa2024-63","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-63"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2024-63/","reference_id":"mfsa2024-63","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-11-27T15:16:08Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2024-63/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-64","reference_id":"mfsa2024-64","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-64"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2024-64/","reference_id":"mfsa2024-64","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-11-27T15:16:08Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2024-64/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-67","reference_id":"mfsa2024-67","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-67"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2024-67/","reference_id":"mfsa2024-67","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-11-27T15:16:08Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2024-67/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-68","reference_id":"mfsa2024-68","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-68"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2024-68/","reference_id":"mfsa2024-68","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-11-27T15:16:08Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2024-68/"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1916152","reference_id":"show_bug.cgi?id=1916152","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-11-27T15:16:08Z/"}],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1916152"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/41799?format=json","purl":"pkg:deb/debian/firefox-esr@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/41784?format=json","purl":"pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/41782?format=json","purl":"pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zj6v-hmj8-syfy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/41786?format=json","purl":"pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zj6v-hmj8-syfy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/41785?format=json","purl":"pkg:deb/debian/firefox-esr@140.11.0esr-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zj6v-hmj8-syfy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.11.0esr-1%3Fdistro=trixie"}],"aliases":["CVE-2024-11698"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-1rxg-fmst-qkdu"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/8718?format=json","vulnerability_id":"VCID-22k4-c14e-83hf","summary":"","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-6827.json","reference_id":"","reference_type":"","scores":[{"value":"4.7","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:N/I:L/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-6827.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2020-6827","reference_id":"","reference_type":"","scores":[{"value":"0.00321","scoring_system":"epss","scoring_elements":"0.55661","published_at":"2026-06-14T12:55:00Z"},{"value":"0.00321","scoring_system":"epss","scoring_elements":"0.55539","published_at":"2026-06-11T12:55:00Z"},{"value":"0.00321","scoring_system":"epss","scoring_elements":"0.55659","published_at":"2026-06-12T12:55:00Z"},{"value":"0.00321","scoring_system":"epss","scoring_elements":"0.55674","published_at":"2026-06-13T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2020-6827"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"4.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:N/I:L/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1821968","reference_id":"1821968","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1821968"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2020-13","reference_id":"mfsa2020-13","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2020-13"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/41799?format=json","purl":"pkg:deb/debian/firefox-esr@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/41784?format=json","purl":"pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/41782?format=json","purl":"pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zj6v-hmj8-syfy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/41786?format=json","purl":"pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zj6v-hmj8-syfy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/41785?format=json","purl":"pkg:deb/debian/firefox-esr@140.11.0esr-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zj6v-hmj8-syfy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.11.0esr-1%3Fdistro=trixie"}],"aliases":["CVE-2020-6827"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-22k4-c14e-83hf"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/212829?format=json","vulnerability_id":"VCID-2eyc-g61c-dqes","summary":"The Mozilla Maintenance Service \"helper.exe\" application creates a temporary directory writable by non-privileged users. When this is combined with creation of a junction (a form of symbolic link), protected files in the target directory of the junction can be deleted by the Mozilla Maintenance Service, which has privileged access. Note: This attack requires local system access and only affects Windows. Other operating systems are not affected. This vulnerability affects Firefox ESR < 52.2 and Firefox < 54.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2017-7761","reference_id":"","reference_type":"","scores":[{"value":"0.00086","scoring_system":"epss","scoring_elements":"0.24801","published_at":"2026-06-11T12:55:00Z"},{"value":"0.00086","scoring_system":"epss","scoring_elements":"0.25","published_at":"2026-06-14T12:55:00Z"},{"value":"0.00086","scoring_system":"epss","scoring_elements":"0.25017","published_at":"2026-06-13T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2017-7761"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2017-15","reference_id":"mfsa2017-15","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2017-15"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2017-16","reference_id":"mfsa2017-16","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2017-16"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/41799?format=json","purl":"pkg:deb/debian/firefox-esr@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/41784?format=json","purl":"pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/41782?format=json","purl":"pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zj6v-hmj8-syfy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/41786?format=json","purl":"pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zj6v-hmj8-syfy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/41785?format=json","purl":"pkg:deb/debian/firefox-esr@140.11.0esr-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zj6v-hmj8-syfy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.11.0esr-1%3Fdistro=trixie"}],"aliases":["CVE-2017-7761"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-2eyc-g61c-dqes"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/212841?format=json","vulnerability_id":"VCID-2pqp-k5qy-xke8","summary":"The destructor function for the \"WindowsDllDetourPatcher\" class can be re-purposed by malicious code in concert with another vulnerability to write arbitrary data to an attacker controlled location in memory. This can be used to bypass existing memory protections in this situation. Note: This attack only affects Windows operating systems. Other operating systems are not affected. This vulnerability affects Thunderbird < 52.3, Firefox ESR < 52.3, and Firefox < 55.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2017-7804","reference_id":"","reference_type":"","scores":[{"value":"0.00689","scoring_system":"epss","scoring_elements":"0.72335","published_at":"2026-06-12T12:55:00Z"},{"value":"0.00689","scoring_system":"epss","scoring_elements":"0.72342","published_at":"2026-06-14T12:55:00Z"},{"value":"0.00689","scoring_system":"epss","scoring_elements":"0.72348","published_at":"2026-06-13T12:55:00Z"},{"value":"0.00689","scoring_system":"epss","scoring_elements":"0.72252","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2017-7804"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2017-18","reference_id":"mfsa2017-18","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2017-18"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2017-19","reference_id":"mfsa2017-19","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2017-19"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2017-20","reference_id":"mfsa2017-20","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2017-20"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/41799?format=json","purl":"pkg:deb/debian/firefox-esr@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/41784?format=json","purl":"pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/41782?format=json","purl":"pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zj6v-hmj8-syfy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/41786?format=json","purl":"pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zj6v-hmj8-syfy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/41785?format=json","purl":"pkg:deb/debian/firefox-esr@140.11.0esr-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zj6v-hmj8-syfy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.11.0esr-1%3Fdistro=trixie"}],"aliases":["CVE-2017-7804"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-2pqp-k5qy-xke8"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/9556?format=json","vulnerability_id":"VCID-2uen-1vwd-9qaw","summary":"","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-32810.json","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-32810.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2021-32810","reference_id":"","reference_type":"","scores":[{"value":"0.01094","scoring_system":"epss","scoring_elements":"0.78452","published_at":"2026-06-12T12:55:00Z"},{"value":"0.01094","scoring_system":"epss","scoring_elements":"0.78463","published_at":"2026-06-14T12:55:00Z"},{"value":"0.01094","scoring_system":"epss","scoring_elements":"0.78467","published_at":"2026-06-13T12:55:00Z"},{"value":"0.01094","scoring_system":"epss","scoring_elements":"0.78385","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2021-32810"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-32810","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-32810"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://github.com/crossbeam-rs/crossbeam","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/crossbeam-rs/crossbeam"},{"reference_url":"https://github.com/crossbeam-rs/crossbeam/security/advisories/GHSA-pqqp-xmhj-wgcw","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"CRITICAL","scoring_system":"cvssv3.1_qr","scoring_elements":""},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/crossbeam-rs/crossbeam/security/advisories/GHSA-pqqp-xmhj-wgcw"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/7EZILHZDRGDPOBQ4KTW3E5PPMKLHGH5N","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/7EZILHZDRGDPOBQ4KTW3E5PPMKLHGH5N"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/7EZILHZDRGDPOBQ4KTW3E5PPMKLHGH5N/","reference_id":"","reference_type":"","scores":[],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/7EZILHZDRGDPOBQ4KTW3E5PPMKLHGH5N/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AWHNNBJCU4EHA2X5ZAMJMGLDUYS5FEPP","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AWHNNBJCU4EHA2X5ZAMJMGLDUYS5FEPP"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AWHNNBJCU4EHA2X5ZAMJMGLDUYS5FEPP/","reference_id":"","reference_type":"","scores":[],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AWHNNBJCU4EHA2X5ZAMJMGLDUYS5FEPP/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AYBSLIYFANZLCYWOGTIYZUM26TJRH7WU","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AYBSLIYFANZLCYWOGTIYZUM26TJRH7WU"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AYBSLIYFANZLCYWOGTIYZUM26TJRH7WU/","reference_id":"","reference_type":"","scores":[],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AYBSLIYFANZLCYWOGTIYZUM26TJRH7WU/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CY5T3FCE4MUYSPKEWICLVJBBODGJ6SZE","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CY5T3FCE4MUYSPKEWICLVJBBODGJ6SZE"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CY5T3FCE4MUYSPKEWICLVJBBODGJ6SZE/","reference_id":"","reference_type":"","scores":[],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CY5T3FCE4MUYSPKEWICLVJBBODGJ6SZE/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/EW5B2VTDVMJ6B3DA4VLMAMW2GGDCE2BK","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/EW5B2VTDVMJ6B3DA4VLMAMW2GGDCE2BK"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/EW5B2VTDVMJ6B3DA4VLMAMW2GGDCE2BK/","reference_id":"","reference_type":"","scores":[],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/EW5B2VTDVMJ6B3DA4VLMAMW2GGDCE2BK/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LCIBFGBSL3JSVJQTNEDEIMZGZF23N2KE","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LCIBFGBSL3JSVJQTNEDEIMZGZF23N2KE"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LCIBFGBSL3JSVJQTNEDEIMZGZF23N2KE/","reference_id":"","reference_type":"","scores":[],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LCIBFGBSL3JSVJQTNEDEIMZGZF23N2KE/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OCLMH7B7B2MF55ET4NQNPH7JWISFX4RT","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OCLMH7B7B2MF55ET4NQNPH7JWISFX4RT"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OCLMH7B7B2MF55ET4NQNPH7JWISFX4RT/","reference_id":"","reference_type":"","scores":[],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OCLMH7B7B2MF55ET4NQNPH7JWISFX4RT/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RRPKBRXCRNGNMVFQPFD4LM3QKPEMBQQR","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RRPKBRXCRNGNMVFQPFD4LM3QKPEMBQQR"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RRPKBRXCRNGNMVFQPFD4LM3QKPEMBQQR/","reference_id":"","reference_type":"","scores":[],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RRPKBRXCRNGNMVFQPFD4LM3QKPEMBQQR/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TFUBWBYCPSSXTJGEAQ67CJUNQJBOCM26","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TFUBWBYCPSSXTJGEAQ67CJUNQJBOCM26"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TFUBWBYCPSSXTJGEAQ67CJUNQJBOCM26/","reference_id":"","reference_type":"","scores":[],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TFUBWBYCPSSXTJGEAQ67CJUNQJBOCM26/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/U3LSN3B43TJSFIOB3QLPBI3RCHRU5BLO","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/U3LSN3B43TJSFIOB3QLPBI3RCHRU5BLO"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/U3LSN3B43TJSFIOB3QLPBI3RCHRU5BLO/","reference_id":"","reference_type":"","scores":[],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/U3LSN3B43TJSFIOB3QLPBI3RCHRU5BLO/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VQZIEJQBV3S72BHD5GKJQF3NVYNRV5CF","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VQZIEJQBV3S72BHD5GKJQF3NVYNRV5CF"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VQZIEJQBV3S72BHD5GKJQF3NVYNRV5CF/","reference_id":"","reference_type":"","scores":[],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VQZIEJQBV3S72BHD5GKJQF3NVYNRV5CF/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WGB2H35CTZDHOV3VLC5BM6VFGURLLVRP","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WGB2H35CTZDHOV3VLC5BM6VFGURLLVRP"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WGB2H35CTZDHOV3VLC5BM6VFGURLLVRP/","reference_id":"","reference_type":"","scores":[],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WGB2H35CTZDHOV3VLC5BM6VFGURLLVRP/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XFBZWCLG7AGLJO4A7K5IMJVPLSWZ5TJP","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XFBZWCLG7AGLJO4A7K5IMJVPLSWZ5TJP"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XFBZWCLG7AGLJO4A7K5IMJVPLSWZ5TJP/","reference_id":"","reference_type":"","scores":[],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XFBZWCLG7AGLJO4A7K5IMJVPLSWZ5TJP/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZQDIBB7VR3ER52FMSMNJPAWNDO5SITCE","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZQDIBB7VR3ER52FMSMNJPAWNDO5SITCE"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZQDIBB7VR3ER52FMSMNJPAWNDO5SITCE/","reference_id":"","reference_type":"","scores":[],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZQDIBB7VR3ER52FMSMNJPAWNDO5SITCE/"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2021-32810","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2021-32810"},{"reference_url":"https://rustsec.org/advisories/RUSTSEC-2021-0093.html","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://rustsec.org/advisories/RUSTSEC-2021-0093.html"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1990342","reference_id":"1990342","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1990342"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=993146","reference_id":"993146","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=993146"},{"reference_url":"https://security.archlinux.org/AVG-2443","reference_id":"AVG-2443","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-2443"},{"reference_url":"https://security.archlinux.org/AVG-2459","reference_id":"AVG-2459","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-2459"},{"reference_url":"https://github.com/advisories/GHSA-pqqp-xmhj-wgcw","reference_id":"GHSA-pqqp-xmhj-wgcw","reference_type":"","scores":[{"value":"CRITICAL","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-pqqp-xmhj-wgcw"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2021-43","reference_id":"mfsa2021-43","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2021-43"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2021-45","reference_id":"mfsa2021-45","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2021-45"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2021-47","reference_id":"mfsa2021-47","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2021-47"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:3755","reference_id":"RHSA-2021:3755","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:3755"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:3756","reference_id":"RHSA-2021:3756","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:3756"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:3757","reference_id":"RHSA-2021:3757","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:3757"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:3791","reference_id":"RHSA-2021:3791","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:3791"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:3838","reference_id":"RHSA-2021:3838","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:3838"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:3839","reference_id":"RHSA-2021:3839","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:3839"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:3840","reference_id":"RHSA-2021:3840","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:3840"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:3841","reference_id":"RHSA-2021:3841","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:3841"},{"reference_url":"https://usn.ubuntu.com/5107-1/","reference_id":"USN-5107-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5107-1/"},{"reference_url":"https://usn.ubuntu.com/5132-1/","reference_id":"USN-5132-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5132-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/41799?format=json","purl":"pkg:deb/debian/firefox-esr@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/41784?format=json","purl":"pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/41782?format=json","purl":"pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zj6v-hmj8-syfy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/41786?format=json","purl":"pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zj6v-hmj8-syfy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/41785?format=json","purl":"pkg:deb/debian/firefox-esr@140.11.0esr-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zj6v-hmj8-syfy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.11.0esr-1%3Fdistro=trixie"}],"aliases":["CVE-2021-32810","GHSA-pqqp-xmhj-wgcw"],"risk_score":4.5,"exploitability":"0.5","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-2uen-1vwd-9qaw"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/1089?format=json","vulnerability_id":"VCID-31hs-etq8-gqdc","summary":"","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-2805.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-2805.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2016-2805","reference_id":"","reference_type":"","scores":[{"value":"0.00922","scoring_system":"epss","scoring_elements":"0.76444","published_at":"2026-06-11T12:55:00Z"},{"value":"0.00922","scoring_system":"epss","scoring_elements":"0.76515","published_at":"2026-06-12T12:55:00Z"},{"value":"0.00922","scoring_system":"epss","scoring_elements":"0.76529","published_at":"2026-06-13T12:55:00Z"},{"value":"0.00922","scoring_system":"epss","scoring_elements":"0.76524","published_at":"2026-06-14T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2016-2805"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1979","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1979"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2805","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2805"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2807","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2807"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2808","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2808"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2814","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2814"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.8","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:P/I:P/A:P"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1330266","reference_id":"1330266","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1330266"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2016-39","reference_id":"mfsa2016-39","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2016-39"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:0695","reference_id":"RHSA-2016:0695","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:0695"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:1041","reference_id":"RHSA-2016:1041","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:1041"},{"reference_url":"https://usn.ubuntu.com/2973-1/","reference_id":"USN-2973-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/2973-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/41799?format=json","purl":"pkg:deb/debian/firefox-esr@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/41784?format=json","purl":"pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/41782?format=json","purl":"pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zj6v-hmj8-syfy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/41786?format=json","purl":"pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zj6v-hmj8-syfy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/41785?format=json","purl":"pkg:deb/debian/firefox-esr@140.11.0esr-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zj6v-hmj8-syfy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.11.0esr-1%3Fdistro=trixie"}],"aliases":["CVE-2016-2805"],"risk_score":4.5,"exploitability":"0.5","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-31hs-etq8-gqdc"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/2035?format=json","vulnerability_id":"VCID-357f-bphq-8bde","summary":"","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-9071.json","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-9071.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2016-9071","reference_id":"","reference_type":"","scores":[{"value":"0.00259","scoring_system":"epss","scoring_elements":"0.49723","published_at":"2026-06-12T12:55:00Z"},{"value":"0.00259","scoring_system":"epss","scoring_elements":"0.4973","published_at":"2026-06-14T12:55:00Z"},{"value":"0.00259","scoring_system":"epss","scoring_elements":"0.49586","published_at":"2026-06-11T12:55:00Z"},{"value":"0.00259","scoring_system":"epss","scoring_elements":"0.49742","published_at":"2026-06-13T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2016-9071"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"2.6","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:H/Au:N/C:P/I:N/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1395100","reference_id":"1395100","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1395100"},{"reference_url":"https://security.archlinux.org/ASA-201611-16","reference_id":"ASA-201611-16","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201611-16"},{"reference_url":"https://security.archlinux.org/AVG-72","reference_id":"AVG-72","reference_type":"","scores":[{"value":"Critical","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-72"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2016-89","reference_id":"mfsa2016-89","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2016-89"},{"reference_url":"https://usn.ubuntu.com/3124-1/","reference_id":"USN-3124-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3124-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/41799?format=json","purl":"pkg:deb/debian/firefox-esr@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/41784?format=json","purl":"pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/41782?format=json","purl":"pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zj6v-hmj8-syfy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/41786?format=json","purl":"pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zj6v-hmj8-syfy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/41785?format=json","purl":"pkg:deb/debian/firefox-esr@140.11.0esr-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zj6v-hmj8-syfy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.11.0esr-1%3Fdistro=trixie"}],"aliases":["CVE-2016-9071"],"risk_score":4.5,"exploitability":"0.5","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-357f-bphq-8bde"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/139924?format=json","vulnerability_id":"VCID-3bsf-nmms-wkg9","summary":"A website could have obscured the full screen notification by using the file open dialog. This could have led to user confusion and possible spoofing attacks. This vulnerability affects Firefox < 116, Firefox ESR < 115.2, and Thunderbird < 115.2.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-4051.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-4051.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2023-4051","reference_id":"","reference_type":"","scores":[{"value":"0.00168","scoring_system":"epss","scoring_elements":"0.37871","published_at":"2026-06-14T12:55:00Z"},{"value":"0.00168","scoring_system":"epss","scoring_elements":"0.37884","published_at":"2026-06-13T12:55:00Z"},{"value":"0.00168","scoring_system":"epss","scoring_elements":"0.37858","published_at":"2026-06-12T12:55:00Z"},{"value":"0.00168","scoring_system":"epss","scoring_elements":"0.37681","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2023-4051"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2236076","reference_id":"2236076","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2236076"},{"reference_url":"https://security.gentoo.org/glsa/202402-25","reference_id":"GLSA-202402-25","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202402-25"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2023-29","reference_id":"mfsa2023-29","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2023-29"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2023-29/","reference_id":"mfsa2023-29","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-22T14:40:45Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2023-29/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2023-36","reference_id":"mfsa2023-36","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2023-36"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2023-36/","reference_id":"mfsa2023-36","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-22T14:40:45Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2023-36/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2023-38","reference_id":"mfsa2023-38","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2023-38"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2023-38/","reference_id":"mfsa2023-38","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-22T14:40:45Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2023-38/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4945","reference_id":"RHSA-2023:4945","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4945"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4946","reference_id":"RHSA-2023:4946","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4946"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4947","reference_id":"RHSA-2023:4947","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4947"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4948","reference_id":"RHSA-2023:4948","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4948"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4949","reference_id":"RHSA-2023:4949","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4949"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4950","reference_id":"RHSA-2023:4950","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4950"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4951","reference_id":"RHSA-2023:4951","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4951"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4952","reference_id":"RHSA-2023:4952","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4952"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4954","reference_id":"RHSA-2023:4954","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4954"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4955","reference_id":"RHSA-2023:4955","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4955"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4956","reference_id":"RHSA-2023:4956","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4956"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4957","reference_id":"RHSA-2023:4957","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4957"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4958","reference_id":"RHSA-2023:4958","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4958"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4959","reference_id":"RHSA-2023:4959","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4959"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:5019","reference_id":"RHSA-2023:5019","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:5019"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1821884","reference_id":"show_bug.cgi?id=1821884","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-22T14:40:45Z/"}],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1821884"},{"reference_url":"https://usn.ubuntu.com/6267-1/","reference_id":"USN-6267-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6267-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/41799?format=json","purl":"pkg:deb/debian/firefox-esr@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/42184?format=json","purl":"pkg:deb/debian/firefox-esr@115.2.0esr-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@115.2.0esr-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/41784?format=json","purl":"pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/41782?format=json","purl":"pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zj6v-hmj8-syfy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/41786?format=json","purl":"pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zj6v-hmj8-syfy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/41785?format=json","purl":"pkg:deb/debian/firefox-esr@140.11.0esr-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zj6v-hmj8-syfy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.11.0esr-1%3Fdistro=trixie"}],"aliases":["CVE-2023-4051"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-3bsf-nmms-wkg9"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/8719?format=json","vulnerability_id":"VCID-3deh-j4ss-4fe8","summary":"","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-6828.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-6828.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2020-6828","reference_id":"","reference_type":"","scores":[{"value":"0.00355","scoring_system":"epss","scoring_elements":"0.58332","published_at":"2026-06-14T12:55:00Z"},{"value":"0.00355","scoring_system":"epss","scoring_elements":"0.58215","published_at":"2026-06-11T12:55:00Z"},{"value":"0.00355","scoring_system":"epss","scoring_elements":"0.58328","published_at":"2026-06-12T12:55:00Z"},{"value":"0.00355","scoring_system":"epss","scoring_elements":"0.58344","published_at":"2026-06-13T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2020-6828"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1821967","reference_id":"1821967","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1821967"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2020-13","reference_id":"mfsa2020-13","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2020-13"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/41799?format=json","purl":"pkg:deb/debian/firefox-esr@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/41784?format=json","purl":"pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/41782?format=json","purl":"pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zj6v-hmj8-syfy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/41786?format=json","purl":"pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zj6v-hmj8-syfy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/41785?format=json","purl":"pkg:deb/debian/firefox-esr@140.11.0esr-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zj6v-hmj8-syfy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.11.0esr-1%3Fdistro=trixie"}],"aliases":["CVE-2020-6828"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-3deh-j4ss-4fe8"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/19716?format=json","vulnerability_id":"VCID-3hky-9bcs-9bet","summary":"","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-3863.json","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-3863.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-3863","reference_id":"","reference_type":"","scores":[{"value":"0.00338","scoring_system":"epss","scoring_elements":"0.57132","published_at":"2026-06-14T12:55:00Z"},{"value":"0.00338","scoring_system":"epss","scoring_elements":"0.57139","published_at":"2026-06-13T12:55:00Z"},{"value":"0.00338","scoring_system":"epss","scoring_elements":"0.57124","published_at":"2026-06-12T12:55:00Z"},{"value":"0.00338","scoring_system":"epss","scoring_elements":"0.57005","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-3863"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2275554","reference_id":"2275554","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2275554"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-18","reference_id":"mfsa2024-18","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-18"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2024-18/","reference_id":"mfsa2024-18","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-05-07T15:24:10Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2024-18/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-19","reference_id":"mfsa2024-19","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-19"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2024-19/","reference_id":"mfsa2024-19","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-05-07T15:24:10Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2024-19/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-20","reference_id":"mfsa2024-20","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-20"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2024-20/","reference_id":"mfsa2024-20","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-05-07T15:24:10Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2024-20/"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1885855","reference_id":"show_bug.cgi?id=1885855","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-05-07T15:24:10Z/"}],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1885855"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/41799?format=json","purl":"pkg:deb/debian/firefox-esr@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/41784?format=json","purl":"pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/41782?format=json","purl":"pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zj6v-hmj8-syfy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/41786?format=json","purl":"pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zj6v-hmj8-syfy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/41785?format=json","purl":"pkg:deb/debian/firefox-esr@140.11.0esr-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zj6v-hmj8-syfy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.11.0esr-1%3Fdistro=trixie"}],"aliases":["CVE-2024-3863"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-3hky-9bcs-9bet"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/8697?format=json","vulnerability_id":"VCID-3mns-1kky-uuh4","summary":"","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-6799.json","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-6799.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2020-6799","reference_id":"","reference_type":"","scores":[{"value":"0.00471","scoring_system":"epss","scoring_elements":"0.65168","published_at":"2026-06-12T12:55:00Z"},{"value":"0.00471","scoring_system":"epss","scoring_elements":"0.65068","published_at":"2026-06-11T12:55:00Z"},{"value":"0.00471","scoring_system":"epss","scoring_elements":"0.65177","published_at":"2026-06-14T12:55:00Z"},{"value":"0.00471","scoring_system":"epss","scoring_elements":"0.65179","published_at":"2026-06-13T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2020-6799"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1801919","reference_id":"1801919","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1801919"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2020-05","reference_id":"mfsa2020-05","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2020-05"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2020-06","reference_id":"mfsa2020-06","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2020-06"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/41799?format=json","purl":"pkg:deb/debian/firefox-esr@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/41784?format=json","purl":"pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/41782?format=json","purl":"pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zj6v-hmj8-syfy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/41786?format=json","purl":"pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zj6v-hmj8-syfy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/41785?format=json","purl":"pkg:deb/debian/firefox-esr@140.11.0esr-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zj6v-hmj8-syfy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.11.0esr-1%3Fdistro=trixie"}],"aliases":["CVE-2020-6799"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-3mns-1kky-uuh4"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/3565?format=json","vulnerability_id":"VCID-3vbk-nx9h-kkf6","summary":"","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-5428.json","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-5428.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2017-5428","reference_id":"","reference_type":"","scores":[{"value":"0.00371","scoring_system":"epss","scoring_elements":"0.59408","published_at":"2026-06-12T12:55:00Z"},{"value":"0.00371","scoring_system":"epss","scoring_elements":"0.59411","published_at":"2026-06-14T12:55:00Z"},{"value":"0.00371","scoring_system":"epss","scoring_elements":"0.59298","published_at":"2026-06-11T12:55:00Z"},{"value":"0.00371","scoring_system":"epss","scoring_elements":"0.5942","published_at":"2026-06-13T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2017-5428"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:L/Au:N/C:P/I:P/A:P"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1433202","reference_id":"1433202","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1433202"},{"reference_url":"https://security.archlinux.org/ASA-201703-15","reference_id":"ASA-201703-15","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201703-15"},{"reference_url":"https://security.archlinux.org/AVG-219","reference_id":"AVG-219","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-219"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2017-08","reference_id":"mfsa2017-08","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2017-08"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:0558","reference_id":"RHSA-2017:0558","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:0558"},{"reference_url":"https://usn.ubuntu.com/3238-1/","reference_id":"USN-3238-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3238-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/41799?format=json","purl":"pkg:deb/debian/firefox-esr@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/41784?format=json","purl":"pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/41782?format=json","purl":"pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zj6v-hmj8-syfy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/41786?format=json","purl":"pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zj6v-hmj8-syfy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/41785?format=json","purl":"pkg:deb/debian/firefox-esr@140.11.0esr-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zj6v-hmj8-syfy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.11.0esr-1%3Fdistro=trixie"}],"aliases":["CVE-2017-5428"],"risk_score":4.5,"exploitability":"0.5","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-3vbk-nx9h-kkf6"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/9944?format=json","vulnerability_id":"VCID-3zq7-rgzd-q7hz","summary":"","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-38505.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-38505.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2021-38505","reference_id":"","reference_type":"","scores":[{"value":"0.00354","scoring_system":"epss","scoring_elements":"0.58236","published_at":"2026-06-12T12:55:00Z"},{"value":"0.00354","scoring_system":"epss","scoring_elements":"0.58242","published_at":"2026-06-14T12:55:00Z"},{"value":"0.00354","scoring_system":"epss","scoring_elements":"0.58252","published_at":"2026-06-13T12:55:00Z"},{"value":"0.00354","scoring_system":"epss","scoring_elements":"0.58122","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2021-38505"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2019623","reference_id":"2019623","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2019623"},{"reference_url":"https://security.archlinux.org/AVG-2512","reference_id":"AVG-2512","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-2512"},{"reference_url":"https://security.archlinux.org/AVG-2519","reference_id":"AVG-2519","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-2519"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2021-48","reference_id":"mfsa2021-48","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2021-48"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2021-49","reference_id":"mfsa2021-49","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2021-49"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2021-50","reference_id":"mfsa2021-50","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2021-50"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/41799?format=json","purl":"pkg:deb/debian/firefox-esr@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/41784?format=json","purl":"pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/41782?format=json","purl":"pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zj6v-hmj8-syfy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/41786?format=json","purl":"pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zj6v-hmj8-syfy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/41785?format=json","purl":"pkg:deb/debian/firefox-esr@140.11.0esr-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zj6v-hmj8-syfy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.11.0esr-1%3Fdistro=trixie"}],"aliases":["CVE-2021-38505"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-3zq7-rgzd-q7hz"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/6100?format=json","vulnerability_id":"VCID-43kk-mssb-uyes","summary":"","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-11694.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-11694.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2019-11694","reference_id":"","reference_type":"","scores":[{"value":"0.00309","scoring_system":"epss","scoring_elements":"0.54632","published_at":"2026-06-14T12:55:00Z"},{"value":"0.00309","scoring_system":"epss","scoring_elements":"0.54506","published_at":"2026-06-11T12:55:00Z"},{"value":"0.00309","scoring_system":"epss","scoring_elements":"0.54648","published_at":"2026-06-13T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2019-11694"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1712620","reference_id":"1712620","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1712620"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2019-13","reference_id":"mfsa2019-13","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2019-13"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2019-14","reference_id":"mfsa2019-14","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2019-14"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2019-15","reference_id":"mfsa2019-15","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2019-15"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/41799?format=json","purl":"pkg:deb/debian/firefox-esr@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/41784?format=json","purl":"pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/41782?format=json","purl":"pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zj6v-hmj8-syfy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/41786?format=json","purl":"pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zj6v-hmj8-syfy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/41785?format=json","purl":"pkg:deb/debian/firefox-esr@140.11.0esr-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zj6v-hmj8-syfy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.11.0esr-1%3Fdistro=trixie"}],"aliases":["CVE-2019-11694"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-43kk-mssb-uyes"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/2041?format=json","vulnerability_id":"VCID-44b3-nv3n-gudk","summary":"","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2016-9078","reference_id":"","reference_type":"","scores":[{"value":"0.01176","scoring_system":"epss","scoring_elements":"0.7921","published_at":"2026-06-14T12:55:00Z"},{"value":"0.01176","scoring_system":"epss","scoring_elements":"0.79135","published_at":"2026-06-11T12:55:00Z"},{"value":"0.01176","scoring_system":"epss","scoring_elements":"0.792","published_at":"2026-06-12T12:55:00Z"},{"value":"0.01176","scoring_system":"epss","scoring_elements":"0.79214","published_at":"2026-06-13T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2016-9078"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.8","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:P/I:P/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://security.archlinux.org/ASA-201612-1","reference_id":"ASA-201612-1","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201612-1"},{"reference_url":"https://security.archlinux.org/AVG-90","reference_id":"AVG-90","reference_type":"","scores":[{"value":"Critical","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-90"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2016-91","reference_id":"mfsa2016-91","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2016-91"},{"reference_url":"https://usn.ubuntu.com/3140-1/","reference_id":"USN-3140-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3140-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/41799?format=json","purl":"pkg:deb/debian/firefox-esr@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/41784?format=json","purl":"pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/41782?format=json","purl":"pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zj6v-hmj8-syfy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/41786?format=json","purl":"pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zj6v-hmj8-syfy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/41785?format=json","purl":"pkg:deb/debian/firefox-esr@140.11.0esr-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zj6v-hmj8-syfy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.11.0esr-1%3Fdistro=trixie"}],"aliases":["CVE-2016-9078"],"risk_score":4.5,"exploitability":"0.5","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-44b3-nv3n-gudk"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/1522?format=json","vulnerability_id":"VCID-4n6n-5t2p-83hr","summary":"","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-5292.json","reference_id":"","reference_type":"","scores":[{"value":"5.6","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-5292.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2016-5292","reference_id":"","reference_type":"","scores":[{"value":"0.00858","scoring_system":"epss","scoring_elements":"0.7551","published_at":"2026-06-12T12:55:00Z"},{"value":"0.00858","scoring_system":"epss","scoring_elements":"0.75519","published_at":"2026-06-14T12:55:00Z"},{"value":"0.00858","scoring_system":"epss","scoring_elements":"0.7544","published_at":"2026-06-11T12:55:00Z"},{"value":"0.00858","scoring_system":"epss","scoring_elements":"0.75524","published_at":"2026-06-13T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2016-5292"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.8","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:P/I:P/A:P"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1395057","reference_id":"1395057","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1395057"},{"reference_url":"https://security.archlinux.org/ASA-201611-16","reference_id":"ASA-201611-16","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201611-16"},{"reference_url":"https://security.archlinux.org/AVG-72","reference_id":"AVG-72","reference_type":"","scores":[{"value":"Critical","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-72"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2016-89","reference_id":"mfsa2016-89","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2016-89"},{"reference_url":"https://usn.ubuntu.com/3124-1/","reference_id":"USN-3124-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3124-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/41799?format=json","purl":"pkg:deb/debian/firefox-esr@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/41784?format=json","purl":"pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/41782?format=json","purl":"pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zj6v-hmj8-syfy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/41786?format=json","purl":"pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zj6v-hmj8-syfy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/41785?format=json","purl":"pkg:deb/debian/firefox-esr@140.11.0esr-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zj6v-hmj8-syfy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.11.0esr-1%3Fdistro=trixie"}],"aliases":["CVE-2016-5292"],"risk_score":4.5,"exploitability":"0.5","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-4n6n-5t2p-83hr"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/179674?format=json","vulnerability_id":"VCID-4nb5-15dg-2yck","summary":"Multiple vulnerabilities have been found in Mozilla Thunderbird, the worst of which could lead to remote code execution.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-32214.json","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-32214.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2023-32214","reference_id":"","reference_type":"","scores":[{"value":"0.00187","scoring_system":"epss","scoring_elements":"0.40381","published_at":"2026-06-11T12:55:00Z"},{"value":"0.00187","scoring_system":"epss","scoring_elements":"0.40549","published_at":"2026-06-12T12:55:00Z"},{"value":"0.00187","scoring_system":"epss","scoring_elements":"0.40572","published_at":"2026-06-13T12:55:00Z"},{"value":"0.00187","scoring_system":"epss","scoring_elements":"0.40558","published_at":"2026-06-14T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2023-32214"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2196743","reference_id":"2196743","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2196743"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2023-16","reference_id":"mfsa2023-16","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2023-16"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2023-17","reference_id":"mfsa2023-17","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2023-17"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2023-18","reference_id":"mfsa2023-18","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2023-18"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/41799?format=json","purl":"pkg:deb/debian/firefox-esr@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/41784?format=json","purl":"pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/41782?format=json","purl":"pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zj6v-hmj8-syfy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/41786?format=json","purl":"pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zj6v-hmj8-syfy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/41785?format=json","purl":"pkg:deb/debian/firefox-esr@140.11.0esr-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zj6v-hmj8-syfy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.11.0esr-1%3Fdistro=trixie"}],"aliases":["CVE-2023-32214"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-4nb5-15dg-2yck"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/139986?format=json","vulnerability_id":"VCID-4ntn-7zea-pqc6","summary":"Push notifications stored on disk in private browsing mode were not being encrypted potentially allowing the leak of sensitive information. This vulnerability affects Firefox < 117, Firefox ESR < 115.2, and Thunderbird < 115.2.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-4580.json","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-4580.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2023-4580","reference_id":"","reference_type":"","scores":[{"value":"0.00069","scoring_system":"epss","scoring_elements":"0.2151","published_at":"2026-06-14T12:55:00Z"},{"value":"0.00069","scoring_system":"epss","scoring_elements":"0.21536","published_at":"2026-06-13T12:55:00Z"},{"value":"0.00069","scoring_system":"epss","scoring_elements":"0.21522","published_at":"2026-06-12T12:55:00Z"},{"value":"0.00069","scoring_system":"epss","scoring_elements":"0.21338","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2023-4580"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2236079","reference_id":"2236079","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2236079"},{"reference_url":"https://security.gentoo.org/glsa/202402-25","reference_id":"GLSA-202402-25","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202402-25"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2023-34","reference_id":"mfsa2023-34","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2023-34"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2023-34/","reference_id":"mfsa2023-34","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-19T20:01:48Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2023-34/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2023-36","reference_id":"mfsa2023-36","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2023-36"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2023-36/","reference_id":"mfsa2023-36","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-19T20:01:48Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2023-36/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2023-38","reference_id":"mfsa2023-38","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2023-38"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2023-38/","reference_id":"mfsa2023-38","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-19T20:01:48Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2023-38/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4945","reference_id":"RHSA-2023:4945","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4945"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4946","reference_id":"RHSA-2023:4946","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4946"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4947","reference_id":"RHSA-2023:4947","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4947"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4948","reference_id":"RHSA-2023:4948","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4948"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4949","reference_id":"RHSA-2023:4949","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4949"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4950","reference_id":"RHSA-2023:4950","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4950"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4951","reference_id":"RHSA-2023:4951","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4951"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4952","reference_id":"RHSA-2023:4952","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4952"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4954","reference_id":"RHSA-2023:4954","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4954"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4955","reference_id":"RHSA-2023:4955","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4955"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4956","reference_id":"RHSA-2023:4956","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4956"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4957","reference_id":"RHSA-2023:4957","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4957"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4958","reference_id":"RHSA-2023:4958","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4958"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4959","reference_id":"RHSA-2023:4959","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4959"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:5019","reference_id":"RHSA-2023:5019","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:5019"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1843046","reference_id":"show_bug.cgi?id=1843046","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-19T20:01:48Z/"}],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1843046"},{"reference_url":"https://usn.ubuntu.com/6320-1/","reference_id":"USN-6320-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6320-1/"},{"reference_url":"https://usn.ubuntu.com/6405-1/","reference_id":"USN-6405-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6405-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/41799?format=json","purl":"pkg:deb/debian/firefox-esr@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/42184?format=json","purl":"pkg:deb/debian/firefox-esr@115.2.0esr-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@115.2.0esr-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/41784?format=json","purl":"pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/41782?format=json","purl":"pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zj6v-hmj8-syfy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/41786?format=json","purl":"pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zj6v-hmj8-syfy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/41785?format=json","purl":"pkg:deb/debian/firefox-esr@140.11.0esr-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zj6v-hmj8-syfy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.11.0esr-1%3Fdistro=trixie"}],"aliases":["CVE-2023-4580"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-4ntn-7zea-pqc6"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/39267?format=json","vulnerability_id":"VCID-5d5f-rvnf-qkgz","summary":"On Windows 10, when using the 'Save As' functionality, an attacker could have tricked the browser into saving the file with a disallowed extension such as `.url` by including an invalid character in the extension. *Note:* This issue only affected Windows operating systems. Other operating systems are unaffected. This vulnerability affects Firefox < 127, Firefox ESR < 115.12, and Thunderbird < 115.12.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-5692.json","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-5692.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-5692","reference_id":"","reference_type":"","scores":[{"value":"0.00316","scoring_system":"epss","scoring_elements":"0.55269","published_at":"2026-06-14T12:55:00Z"},{"value":"0.00316","scoring_system":"epss","scoring_elements":"0.55145","published_at":"2026-06-11T12:55:00Z"},{"value":"0.00316","scoring_system":"epss","scoring_elements":"0.55266","published_at":"2026-06-12T12:55:00Z"},{"value":"0.00316","scoring_system":"epss","scoring_elements":"0.55282","published_at":"2026-06-13T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-5692"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2291398","reference_id":"2291398","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2291398"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-25","reference_id":"mfsa2024-25","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-25"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2024-25/","reference_id":"mfsa2024-25","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-01-09T16:54:09Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2024-25/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-26","reference_id":"mfsa2024-26","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-26"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2024-26/","reference_id":"mfsa2024-26","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-01-09T16:54:09Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2024-26/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-28","reference_id":"mfsa2024-28","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-28"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2024-28/","reference_id":"mfsa2024-28","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-01-09T16:54:09Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2024-28/"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1891234","reference_id":"show_bug.cgi?id=1891234","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-01-09T16:54:09Z/"}],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1891234"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/41799?format=json","purl":"pkg:deb/debian/firefox-esr@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/41784?format=json","purl":"pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/41782?format=json","purl":"pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zj6v-hmj8-syfy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/41786?format=json","purl":"pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zj6v-hmj8-syfy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/41785?format=json","purl":"pkg:deb/debian/firefox-esr@140.11.0esr-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zj6v-hmj8-syfy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.11.0esr-1%3Fdistro=trixie"}],"aliases":["CVE-2024-5692"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-5d5f-rvnf-qkgz"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/29890?format=json","vulnerability_id":"VCID-5f21-qac3-yfg1","summary":"","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-4712.json","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-4712.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-4712","reference_id":"","reference_type":"","scores":[{"value":"0.00016","scoring_system":"epss","scoring_elements":"0.03843","published_at":"2026-06-14T12:55:00Z"},{"value":"0.00016","scoring_system":"epss","scoring_elements":"0.03831","published_at":"2026-06-13T12:55:00Z"},{"value":"0.00016","scoring_system":"epss","scoring_elements":"0.03841","published_at":"2026-06-12T12:55:00Z"},{"value":"0.00018","scoring_system":"epss","scoring_elements":"0.04973","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-4712"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2450728","reference_id":"2450728","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2450728"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-20","reference_id":"mfsa2026-20","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-20"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-20/","reference_id":"mfsa2026-20","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-25T17:49:31Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-20/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-22","reference_id":"mfsa2026-22","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-22"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-22/","reference_id":"mfsa2026-22","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-25T17:49:31Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-22/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-23","reference_id":"mfsa2026-23","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-23"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-23/","reference_id":"mfsa2026-23","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-25T17:49:31Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-23/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-24","reference_id":"mfsa2026-24","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-24"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-24/","reference_id":"mfsa2026-24","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-25T17:49:31Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-24/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:5930","reference_id":"RHSA-2026:5930","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:5930"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:5931","reference_id":"RHSA-2026:5931","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:5931"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:5932","reference_id":"RHSA-2026:5932","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:5932"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:6188","reference_id":"RHSA-2026:6188","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:6188"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:6342","reference_id":"RHSA-2026:6342","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:6342"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:6917","reference_id":"RHSA-2026:6917","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:6917"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:7837","reference_id":"RHSA-2026:7837","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:7837"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:7838","reference_id":"RHSA-2026:7838","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:7838"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:7839","reference_id":"RHSA-2026:7839","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:7839"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:7840","reference_id":"RHSA-2026:7840","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:7840"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:7841","reference_id":"RHSA-2026:7841","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:7841"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:7842","reference_id":"RHSA-2026:7842","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:7842"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:7843","reference_id":"RHSA-2026:7843","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:7843"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:7845","reference_id":"RHSA-2026:7845","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:7845"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:7858","reference_id":"RHSA-2026:7858","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:7858"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:8284","reference_id":"RHSA-2026:8284","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:8284"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:8285","reference_id":"RHSA-2026:8285","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:8285"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:8286","reference_id":"RHSA-2026:8286","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:8286"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:8287","reference_id":"RHSA-2026:8287","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:8287"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:8288","reference_id":"RHSA-2026:8288","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:8288"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:8289","reference_id":"RHSA-2026:8289","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:8289"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:8290","reference_id":"RHSA-2026:8290","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:8290"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:8315","reference_id":"RHSA-2026:8315","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:8315"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:8427","reference_id":"RHSA-2026:8427","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:8427"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:8850","reference_id":"RHSA-2026:8850","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:8850"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=2017666","reference_id":"show_bug.cgi?id=2017666","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-25T17:49:31Z/"}],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=2017666"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/41799?format=json","purl":"pkg:deb/debian/firefox-esr@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/41784?format=json","purl":"pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/41782?format=json","purl":"pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zj6v-hmj8-syfy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/41786?format=json","purl":"pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zj6v-hmj8-syfy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/41785?format=json","purl":"pkg:deb/debian/firefox-esr@140.11.0esr-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zj6v-hmj8-syfy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.11.0esr-1%3Fdistro=trixie"}],"aliases":["CVE-2026-4712"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-5f21-qac3-yfg1"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/1095?format=json","vulnerability_id":"VCID-5qe6-vvry-9yaz","summary":"","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-2811.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-2811.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2016-2811","reference_id":"","reference_type":"","scores":[{"value":"0.01744","scoring_system":"epss","scoring_elements":"0.82943","published_at":"2026-06-11T12:55:00Z"},{"value":"0.01744","scoring_system":"epss","scoring_elements":"0.83004","published_at":"2026-06-12T12:55:00Z"},{"value":"0.01744","scoring_system":"epss","scoring_elements":"0.83013","published_at":"2026-06-13T12:55:00Z"},{"value":"0.01744","scoring_system":"epss","scoring_elements":"0.83008","published_at":"2026-06-14T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2016-2811"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.1","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:N/I:N/A:C"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1330275","reference_id":"1330275","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1330275"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2811","reference_id":"CVE-2016-2811","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2811"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2016-42","reference_id":"mfsa2016-42","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2016-42"},{"reference_url":"https://usn.ubuntu.com/2936-1/","reference_id":"USN-2936-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/2936-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/41799?format=json","purl":"pkg:deb/debian/firefox-esr@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/41784?format=json","purl":"pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/41782?format=json","purl":"pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zj6v-hmj8-syfy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/41786?format=json","purl":"pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zj6v-hmj8-syfy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/41785?format=json","purl":"pkg:deb/debian/firefox-esr@140.11.0esr-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zj6v-hmj8-syfy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.11.0esr-1%3Fdistro=trixie"}],"aliases":["CVE-2016-2811"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-5qe6-vvry-9yaz"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/212935?format=json","vulnerability_id":"VCID-62jd-wpqg-wbfh","summary":"Out of bounds read in ANGLE allowed a remote attacker to obtain sensitive data via a crafted HTML page.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-16048.json","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-16048.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2020-16048","reference_id":"","reference_type":"","scores":[{"value":"0.00195","scoring_system":"epss","scoring_elements":"0.41368","published_at":"2026-06-11T12:55:00Z"},{"value":"0.00195","scoring_system":"epss","scoring_elements":"0.41534","published_at":"2026-06-12T12:55:00Z"},{"value":"0.00195","scoring_system":"epss","scoring_elements":"0.41552","published_at":"2026-06-13T12:55:00Z"},{"value":"0.00195","scoring_system":"epss","scoring_elements":"0.41542","published_at":"2026-06-14T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2020-16048"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1926979","reference_id":"1926979","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1926979"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2021-06","reference_id":"mfsa2021-06","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2021-06"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/41799?format=json","purl":"pkg:deb/debian/firefox-esr@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/41784?format=json","purl":"pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/41782?format=json","purl":"pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zj6v-hmj8-syfy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/41786?format=json","purl":"pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zj6v-hmj8-syfy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/41785?format=json","purl":"pkg:deb/debian/firefox-esr@140.11.0esr-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zj6v-hmj8-syfy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.11.0esr-1%3Fdistro=trixie"}],"aliases":["CVE-2020-16048"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-62jd-wpqg-wbfh"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/2040?format=json","vulnerability_id":"VCID-67pz-pdta-a7gp","summary":"","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-9077.json","reference_id":"","reference_type":"","scores":[{"value":"7.0","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-9077.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2016-9077","reference_id":"","reference_type":"","scores":[{"value":"0.00171","scoring_system":"epss","scoring_elements":"0.38332","published_at":"2026-06-12T12:55:00Z"},{"value":"0.00171","scoring_system":"epss","scoring_elements":"0.38344","published_at":"2026-06-14T12:55:00Z"},{"value":"0.00171","scoring_system":"epss","scoring_elements":"0.38157","published_at":"2026-06-11T12:55:00Z"},{"value":"0.00171","scoring_system":"epss","scoring_elements":"0.38355","published_at":"2026-06-13T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2016-9077"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"2.6","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:H/Au:N/C:P/I:N/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1395099","reference_id":"1395099","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1395099"},{"reference_url":"https://security.archlinux.org/ASA-201611-16","reference_id":"ASA-201611-16","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201611-16"},{"reference_url":"https://security.archlinux.org/AVG-72","reference_id":"AVG-72","reference_type":"","scores":[{"value":"Critical","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-72"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2016-89","reference_id":"mfsa2016-89","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2016-89"},{"reference_url":"https://usn.ubuntu.com/3124-1/","reference_id":"USN-3124-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3124-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/41799?format=json","purl":"pkg:deb/debian/firefox-esr@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/41784?format=json","purl":"pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/41782?format=json","purl":"pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zj6v-hmj8-syfy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/41786?format=json","purl":"pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zj6v-hmj8-syfy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/41785?format=json","purl":"pkg:deb/debian/firefox-esr@140.11.0esr-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zj6v-hmj8-syfy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.11.0esr-1%3Fdistro=trixie"}],"aliases":["CVE-2016-9077"],"risk_score":4.5,"exploitability":"0.5","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-67pz-pdta-a7gp"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/196998?format=json","vulnerability_id":"VCID-67sg-az4a-pue7","summary":"multiple issues","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2017-5379","reference_id":"","reference_type":"","scores":[{"value":"0.01753","scoring_system":"epss","scoring_elements":"0.82985","published_at":"2026-06-11T12:55:00Z"},{"value":"0.01753","scoring_system":"epss","scoring_elements":"0.83046","published_at":"2026-06-12T12:55:00Z"},{"value":"0.01753","scoring_system":"epss","scoring_elements":"0.83055","published_at":"2026-06-13T12:55:00Z"},{"value":"0.01753","scoring_system":"epss","scoring_elements":"0.8305","published_at":"2026-06-14T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2017-5379"},{"reference_url":"https://security.archlinux.org/ASA-201701-39","reference_id":"ASA-201701-39","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201701-39"},{"reference_url":"https://security.archlinux.org/AVG-157","reference_id":"AVG-157","reference_type":"","scores":[{"value":"Critical","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-157"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2017-01","reference_id":"mfsa2017-01","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2017-01"},{"reference_url":"https://usn.ubuntu.com/3175-1/","reference_id":"USN-3175-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3175-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/41799?format=json","purl":"pkg:deb/debian/firefox-esr@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/41784?format=json","purl":"pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/41782?format=json","purl":"pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zj6v-hmj8-syfy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/41786?format=json","purl":"pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zj6v-hmj8-syfy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/41785?format=json","purl":"pkg:deb/debian/firefox-esr@140.11.0esr-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zj6v-hmj8-syfy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.11.0esr-1%3Fdistro=trixie"}],"aliases":["CVE-2017-5379"],"risk_score":4.5,"exploitability":"0.5","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-67sg-az4a-pue7"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/185120?format=json","vulnerability_id":"VCID-69ak-pqyb-5fc2","summary":"Multiple vulnerabilities have been found in Mozilla Firefox, the\n    worst of which may allow execution of arbitrary code.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-12381.json","reference_id":"","reference_type":"","scores":[{"value":"4.4","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-12381.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2018-12381","reference_id":"","reference_type":"","scores":[{"value":"0.00637","scoring_system":"epss","scoring_elements":"0.71074","published_at":"2026-06-14T12:55:00Z"},{"value":"0.00637","scoring_system":"epss","scoring_elements":"0.70973","published_at":"2026-06-11T12:55:00Z"},{"value":"0.00637","scoring_system":"epss","scoring_elements":"0.71063","published_at":"2026-06-12T12:55:00Z"},{"value":"0.00637","scoring_system":"epss","scoring_elements":"0.71076","published_at":"2026-06-13T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2018-12381"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1625529","reference_id":"1625529","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1625529"},{"reference_url":"https://security.gentoo.org/glsa/201810-01","reference_id":"GLSA-201810-01","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201810-01"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2018-20","reference_id":"mfsa2018-20","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2018-20"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2018-21","reference_id":"mfsa2018-21","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2018-21"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/41799?format=json","purl":"pkg:deb/debian/firefox-esr@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/41784?format=json","purl":"pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/41782?format=json","purl":"pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zj6v-hmj8-syfy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/41786?format=json","purl":"pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zj6v-hmj8-syfy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/41785?format=json","purl":"pkg:deb/debian/firefox-esr@140.11.0esr-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zj6v-hmj8-syfy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.11.0esr-1%3Fdistro=trixie"}],"aliases":["CVE-2018-12381"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-69ak-pqyb-5fc2"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/183558?format=json","vulnerability_id":"VCID-6jpw-vg58-gked","summary":"Multiple vulnerabilities have been found in Mozilla Firefox and\n    Thunderbird the worst of which could lead to the execution of arbitrary\n    code.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-5283.json","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-5283.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2016-5283","reference_id":"","reference_type":"","scores":[{"value":"0.00275","scoring_system":"epss","scoring_elements":"0.51362","published_at":"2026-06-14T12:55:00Z"},{"value":"0.00275","scoring_system":"epss","scoring_elements":"0.5123","published_at":"2026-06-11T12:55:00Z"},{"value":"0.00275","scoring_system":"epss","scoring_elements":"0.51361","published_at":"2026-06-12T12:55:00Z"},{"value":"0.00275","scoring_system":"epss","scoring_elements":"0.51375","published_at":"2026-06-13T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2016-5283"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1377670","reference_id":"1377670","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1377670"},{"reference_url":"https://security.archlinux.org/ASA-201609-22","reference_id":"ASA-201609-22","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201609-22"},{"reference_url":"https://security.archlinux.org/AVG-24","reference_id":"AVG-24","reference_type":"","scores":[{"value":"Critical","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-24"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2016-85","reference_id":"mfsa2016-85","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2016-85"},{"reference_url":"https://usn.ubuntu.com/3076-1/","reference_id":"USN-3076-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3076-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/41799?format=json","purl":"pkg:deb/debian/firefox-esr@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/41784?format=json","purl":"pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/41782?format=json","purl":"pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zj6v-hmj8-syfy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/41786?format=json","purl":"pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zj6v-hmj8-syfy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/41785?format=json","purl":"pkg:deb/debian/firefox-esr@140.11.0esr-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zj6v-hmj8-syfy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.11.0esr-1%3Fdistro=trixie"}],"aliases":["CVE-2016-5283"],"risk_score":4.5,"exploitability":"0.5","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-6jpw-vg58-gked"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/212838?format=json","vulnerability_id":"VCID-6vu7-kuzb-9fen","summary":"An error in the \"WindowsDllDetourPatcher\" where a RWX (\"Read/Write/Execute\") 4k block is allocated but never protected, violating DEP protections. Note: This attack only affects Windows operating systems. Other operating systems are not affected. This vulnerability affects Thunderbird < 52.3, Firefox ESR < 52.3, and Firefox < 55.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2017-7782","reference_id":"","reference_type":"","scores":[{"value":"0.0051","scoring_system":"epss","scoring_elements":"0.66826","published_at":"2026-06-11T12:55:00Z"},{"value":"0.0051","scoring_system":"epss","scoring_elements":"0.66919","published_at":"2026-06-12T12:55:00Z"},{"value":"0.0051","scoring_system":"epss","scoring_elements":"0.66933","published_at":"2026-06-14T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2017-7782"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2017-18","reference_id":"mfsa2017-18","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2017-18"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2017-19","reference_id":"mfsa2017-19","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2017-19"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2017-20","reference_id":"mfsa2017-20","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2017-20"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/41799?format=json","purl":"pkg:deb/debian/firefox-esr@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/41784?format=json","purl":"pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/41782?format=json","purl":"pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zj6v-hmj8-syfy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/41786?format=json","purl":"pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zj6v-hmj8-syfy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/41785?format=json","purl":"pkg:deb/debian/firefox-esr@140.11.0esr-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zj6v-hmj8-syfy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.11.0esr-1%3Fdistro=trixie"}],"aliases":["CVE-2017-7782"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-6vu7-kuzb-9fen"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/212921?format=json","vulnerability_id":"VCID-6xs5-m7ar-g3cj","summary":"The 'Copy as cURL' feature of Devtools' network tab did not properly escape the HTTP method of a request, which can be controlled by the website. If a user used the 'Copy as cURL' feature and pasted the command into a terminal, it could have resulted in command injection and arbitrary command execution. *Note: this issue only affects Firefox on Windows operating systems.*. This vulnerability affects Firefox ESR < 68.8, Firefox < 76, and Thunderbird < 68.8.0.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-12393.json","reference_id":"","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-12393.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2020-12393","reference_id":"","reference_type":"","scores":[{"value":"0.00467","scoring_system":"epss","scoring_elements":"0.64887","published_at":"2026-06-11T12:55:00Z"},{"value":"0.00467","scoring_system":"epss","scoring_elements":"0.64988","published_at":"2026-06-12T12:55:00Z"},{"value":"0.00467","scoring_system":"epss","scoring_elements":"0.65","published_at":"2026-06-13T12:55:00Z"},{"value":"0.00467","scoring_system":"epss","scoring_elements":"0.64996","published_at":"2026-06-14T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2020-12393"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1831946","reference_id":"1831946","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1831946"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2020-16","reference_id":"mfsa2020-16","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2020-16"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2020-17","reference_id":"mfsa2020-17","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2020-17"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2020-18","reference_id":"mfsa2020-18","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2020-18"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/41799?format=json","purl":"pkg:deb/debian/firefox-esr@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/41784?format=json","purl":"pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/41782?format=json","purl":"pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zj6v-hmj8-syfy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/41786?format=json","purl":"pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zj6v-hmj8-syfy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/41785?format=json","purl":"pkg:deb/debian/firefox-esr@140.11.0esr-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zj6v-hmj8-syfy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.11.0esr-1%3Fdistro=trixie"}],"aliases":["CVE-2020-12393"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-6xs5-m7ar-g3cj"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/1116?format=json","vulnerability_id":"VCID-6ypx-faq3-xyf8","summary":"","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-2834.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-2834.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2016-2834","reference_id":"","reference_type":"","scores":[{"value":"0.00399","scoring_system":"epss","scoring_elements":"0.61075","published_at":"2026-06-11T12:55:00Z"},{"value":"0.00399","scoring_system":"epss","scoring_elements":"0.61181","published_at":"2026-06-12T12:55:00Z"},{"value":"0.00399","scoring_system":"epss","scoring_elements":"0.6119","published_at":"2026-06-13T12:55:00Z"},{"value":"0.00399","scoring_system":"epss","scoring_elements":"0.61185","published_at":"2026-06-14T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2016-2834"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4000","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4000"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7181","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7181"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7182","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7182"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7575","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7575"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1938","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1938"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1950","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1950"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1978","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1978"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1979","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1979"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2834","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2834"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.1","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:H/Au:N/C:P/I:P/A:P"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1347908","reference_id":"1347908","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1347908"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2016-61","reference_id":"mfsa2016-61","reference_type":"","scores":[{"value":"none","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2016-61"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:2779","reference_id":"RHSA-2016:2779","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:2779"},{"reference_url":"https://usn.ubuntu.com/2993-1/","reference_id":"USN-2993-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/2993-1/"},{"reference_url":"https://usn.ubuntu.com/3029-1/","reference_id":"USN-3029-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3029-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/41799?format=json","purl":"pkg:deb/debian/firefox-esr@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/41784?format=json","purl":"pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/41782?format=json","purl":"pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zj6v-hmj8-syfy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/41786?format=json","purl":"pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zj6v-hmj8-syfy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/41785?format=json","purl":"pkg:deb/debian/firefox-esr@140.11.0esr-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zj6v-hmj8-syfy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.11.0esr-1%3Fdistro=trixie"}],"aliases":["CVE-2016-2834"],"risk_score":1.2,"exploitability":"0.5","weighted_severity":"2.5","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-6ypx-faq3-xyf8"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/7886?format=json","vulnerability_id":"VCID-7cj1-e8h5-vfdm","summary":"","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-15663.json","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-15663.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2020-15663","reference_id":"","reference_type":"","scores":[{"value":"0.00768","scoring_system":"epss","scoring_elements":"0.74009","published_at":"2026-06-12T12:55:00Z"},{"value":"0.00768","scoring_system":"epss","scoring_elements":"0.73936","published_at":"2026-06-11T12:55:00Z"},{"value":"0.00768","scoring_system":"epss","scoring_elements":"0.74024","published_at":"2026-06-14T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2020-15663"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1872530","reference_id":"1872530","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1872530"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2020-36","reference_id":"mfsa2020-36","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2020-36"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2020-37","reference_id":"mfsa2020-37","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2020-37"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2020-38","reference_id":"mfsa2020-38","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2020-38"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2020-40","reference_id":"mfsa2020-40","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2020-40"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2020-41","reference_id":"mfsa2020-41","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2020-41"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/41799?format=json","purl":"pkg:deb/debian/firefox-esr@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/41784?format=json","purl":"pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/41782?format=json","purl":"pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zj6v-hmj8-syfy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/41786?format=json","purl":"pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zj6v-hmj8-syfy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/41785?format=json","purl":"pkg:deb/debian/firefox-esr@140.11.0esr-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zj6v-hmj8-syfy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.11.0esr-1%3Fdistro=trixie"}],"aliases":["CVE-2020-15663"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-7cj1-e8h5-vfdm"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/2211?format=json","vulnerability_id":"VCID-7jjh-whu4-ryaj","summary":"","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2016-9894","reference_id":"","reference_type":"","scores":[{"value":"0.01889","scoring_system":"epss","scoring_elements":"0.83654","published_at":"2026-06-14T12:55:00Z"},{"value":"0.01889","scoring_system":"epss","scoring_elements":"0.83588","published_at":"2026-06-11T12:55:00Z"},{"value":"0.01889","scoring_system":"epss","scoring_elements":"0.83647","published_at":"2026-06-12T12:55:00Z"},{"value":"0.01889","scoring_system":"epss","scoring_elements":"0.83657","published_at":"2026-06-13T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2016-9894"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.8","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:P/I:P/A:P"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://security.archlinux.org/ASA-201612-15","reference_id":"ASA-201612-15","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201612-15"},{"reference_url":"https://security.archlinux.org/AVG-106","reference_id":"AVG-106","reference_type":"","scores":[{"value":"Critical","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-106"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2016-94","reference_id":"mfsa2016-94","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2016-94"},{"reference_url":"https://usn.ubuntu.com/3155-1/","reference_id":"USN-3155-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3155-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/41799?format=json","purl":"pkg:deb/debian/firefox-esr@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/41784?format=json","purl":"pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/41782?format=json","purl":"pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zj6v-hmj8-syfy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/41786?format=json","purl":"pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zj6v-hmj8-syfy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/41785?format=json","purl":"pkg:deb/debian/firefox-esr@140.11.0esr-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zj6v-hmj8-syfy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.11.0esr-1%3Fdistro=trixie"}],"aliases":["CVE-2016-9894"],"risk_score":4.5,"exploitability":"0.5","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-7jjh-whu4-ryaj"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/9940?format=json","vulnerability_id":"VCID-7mwh-wn9x-mbff","summary":"","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-38498.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-38498.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2021-38498","reference_id":"","reference_type":"","scores":[{"value":"0.00645","scoring_system":"epss","scoring_elements":"0.71267","published_at":"2026-06-12T12:55:00Z"},{"value":"0.00645","scoring_system":"epss","scoring_elements":"0.71278","published_at":"2026-06-14T12:55:00Z"},{"value":"0.00645","scoring_system":"epss","scoring_elements":"0.7128","published_at":"2026-06-13T12:55:00Z"},{"value":"0.00645","scoring_system":"epss","scoring_elements":"0.71177","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2021-38498"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2011099","reference_id":"2011099","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2011099"},{"reference_url":"https://security.archlinux.org/AVG-2443","reference_id":"AVG-2443","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-2443"},{"reference_url":"https://security.archlinux.org/AVG-2459","reference_id":"AVG-2459","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-2459"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2021-43","reference_id":"mfsa2021-43","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2021-43"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2021-45","reference_id":"mfsa2021-45","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2021-45"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2021-47","reference_id":"mfsa2021-47","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2021-47"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:3755","reference_id":"RHSA-2021:3755","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:3755"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:3756","reference_id":"RHSA-2021:3756","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:3756"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:3757","reference_id":"RHSA-2021:3757","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:3757"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:3791","reference_id":"RHSA-2021:3791","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:3791"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:3838","reference_id":"RHSA-2021:3838","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:3838"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:3839","reference_id":"RHSA-2021:3839","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:3839"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:3840","reference_id":"RHSA-2021:3840","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:3840"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:3841","reference_id":"RHSA-2021:3841","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:3841"},{"reference_url":"https://usn.ubuntu.com/5107-1/","reference_id":"USN-5107-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5107-1/"},{"reference_url":"https://usn.ubuntu.com/5132-1/","reference_id":"USN-5132-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5132-1/"},{"reference_url":"https://usn.ubuntu.com/5248-1/","reference_id":"USN-5248-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5248-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/41799?format=json","purl":"pkg:deb/debian/firefox-esr@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/41784?format=json","purl":"pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/41782?format=json","purl":"pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zj6v-hmj8-syfy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/41786?format=json","purl":"pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zj6v-hmj8-syfy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/41785?format=json","purl":"pkg:deb/debian/firefox-esr@140.11.0esr-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zj6v-hmj8-syfy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.11.0esr-1%3Fdistro=trixie"}],"aliases":["CVE-2021-38498"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-7mwh-wn9x-mbff"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/212913?format=json","vulnerability_id":"VCID-7njh-b1b6-87ey","summary":"During the initialization of a new content process, a pointer offset can be manipulated leading to memory corruption and a potentially exploitable crash in the parent process. *Note: this issue only occurs on Windows. Other operating systems are unaffected.*. This vulnerability affects Firefox ESR < 68.4 and Firefox < 72.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-17015.json","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-17015.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2019-17015","reference_id":"","reference_type":"","scores":[{"value":"0.00932","scoring_system":"epss","scoring_elements":"0.76578","published_at":"2026-06-11T12:55:00Z"},{"value":"0.00932","scoring_system":"epss","scoring_elements":"0.76647","published_at":"2026-06-12T12:55:00Z"},{"value":"0.00932","scoring_system":"epss","scoring_elements":"0.76662","published_at":"2026-06-13T12:55:00Z"},{"value":"0.00932","scoring_system":"epss","scoring_elements":"0.76657","published_at":"2026-06-14T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2019-17015"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1788722","reference_id":"1788722","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1788722"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2020-01","reference_id":"mfsa2020-01","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2020-01"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2020-02","reference_id":"mfsa2020-02","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2020-02"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2020-04","reference_id":"mfsa2020-04","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2020-04"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/41799?format=json","purl":"pkg:deb/debian/firefox-esr@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/41784?format=json","purl":"pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/41782?format=json","purl":"pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zj6v-hmj8-syfy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/41786?format=json","purl":"pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zj6v-hmj8-syfy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/41785?format=json","purl":"pkg:deb/debian/firefox-esr@140.11.0esr-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zj6v-hmj8-syfy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.11.0esr-1%3Fdistro=trixie"}],"aliases":["CVE-2019-17015"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-7njh-b1b6-87ey"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/17876?format=json","vulnerability_id":"VCID-824p-a2wh-h7b9","summary":"","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-5727.json","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-5727.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2023-5727","reference_id":"","reference_type":"","scores":[{"value":"0.00212","scoring_system":"epss","scoring_elements":"0.4399","published_at":"2026-06-14T12:55:00Z"},{"value":"0.00212","scoring_system":"epss","scoring_elements":"0.43828","published_at":"2026-06-11T12:55:00Z"},{"value":"0.00212","scoring_system":"epss","scoring_elements":"0.43983","published_at":"2026-06-12T12:55:00Z"},{"value":"0.00212","scoring_system":"epss","scoring_elements":"0.44002","published_at":"2026-06-13T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2023-5727"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2245902","reference_id":"2245902","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2245902"},{"reference_url":"https://security.gentoo.org/glsa/202402-25","reference_id":"GLSA-202402-25","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202402-25"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2023-45","reference_id":"mfsa2023-45","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2023-45"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2023-45/","reference_id":"mfsa2023-45","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-11T18:47:05Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2023-45/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2023-46","reference_id":"mfsa2023-46","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2023-46"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2023-46/","reference_id":"mfsa2023-46","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-11T18:47:05Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2023-46/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2023-47","reference_id":"mfsa2023-47","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2023-47"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2023-47/","reference_id":"mfsa2023-47","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-11T18:47:05Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2023-47/"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1847180","reference_id":"show_bug.cgi?id=1847180","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-11T18:47:05Z/"}],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1847180"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/41799?format=json","purl":"pkg:deb/debian/firefox-esr@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/41784?format=json","purl":"pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/41782?format=json","purl":"pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zj6v-hmj8-syfy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/41786?format=json","purl":"pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zj6v-hmj8-syfy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/41785?format=json","purl":"pkg:deb/debian/firefox-esr@140.11.0esr-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zj6v-hmj8-syfy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.11.0esr-1%3Fdistro=trixie"}],"aliases":["CVE-2023-5727"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-824p-a2wh-h7b9"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/18364?format=json","vulnerability_id":"VCID-87gy-7875-7fg2","summary":"","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-2605.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-2605.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-2605","reference_id":"","reference_type":"","scores":[{"value":"0.0018","scoring_system":"epss","scoring_elements":"0.39609","published_at":"2026-06-14T12:55:00Z"},{"value":"0.0018","scoring_system":"epss","scoring_elements":"0.39619","published_at":"2026-06-13T12:55:00Z"},{"value":"0.0018","scoring_system":"epss","scoring_elements":"0.39595","published_at":"2026-06-12T12:55:00Z"},{"value":"0.0018","scoring_system":"epss","scoring_elements":"0.39424","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-2605"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2270659","reference_id":"2270659","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2270659"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-12","reference_id":"mfsa2024-12","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-12"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2024-12/","reference_id":"mfsa2024-12","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-03-19T14:48:39Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2024-12/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-13","reference_id":"mfsa2024-13","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-13"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2024-13/","reference_id":"mfsa2024-13","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-03-19T14:48:39Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2024-13/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-14","reference_id":"mfsa2024-14","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-14"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2024-14/","reference_id":"mfsa2024-14","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-03-19T14:48:39Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2024-14/"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1872920","reference_id":"show_bug.cgi?id=1872920","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-03-19T14:48:39Z/"}],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1872920"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/41799?format=json","purl":"pkg:deb/debian/firefox-esr@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/41784?format=json","purl":"pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/41782?format=json","purl":"pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zj6v-hmj8-syfy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/41786?format=json","purl":"pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zj6v-hmj8-syfy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/41785?format=json","purl":"pkg:deb/debian/firefox-esr@140.11.0esr-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zj6v-hmj8-syfy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.11.0esr-1%3Fdistro=trixie"}],"aliases":["CVE-2024-2605"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-87gy-7875-7fg2"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/25532?format=json","vulnerability_id":"VCID-8966-aewf-27f6","summary":"","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-5265.json","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-5265.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-5265","reference_id":"","reference_type":"","scores":[{"value":"0.00059","scoring_system":"epss","scoring_elements":"0.18936","published_at":"2026-06-14T12:55:00Z"},{"value":"0.00059","scoring_system":"epss","scoring_elements":"0.1896","published_at":"2026-06-13T12:55:00Z"},{"value":"0.00059","scoring_system":"epss","scoring_elements":"0.18943","published_at":"2026-06-12T12:55:00Z"},{"value":"0.00059","scoring_system":"epss","scoring_elements":"0.18779","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-5265"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"4.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2368748","reference_id":"2368748","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2368748"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-42","reference_id":"mfsa2025-42","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-42"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2025-42/","reference_id":"mfsa2025-42","reference_type":"","scores":[{"value":"4.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-05-28T03:55:57Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2025-42/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-43","reference_id":"mfsa2025-43","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-43"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2025-43/","reference_id":"mfsa2025-43","reference_type":"","scores":[{"value":"4.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-05-28T03:55:57Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2025-43/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-44","reference_id":"mfsa2025-44","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-44"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2025-44/","reference_id":"mfsa2025-44","reference_type":"","scores":[{"value":"4.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-05-28T03:55:57Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2025-44/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-45","reference_id":"mfsa2025-45","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-45"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2025-45/","reference_id":"mfsa2025-45","reference_type":"","scores":[{"value":"4.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-05-28T03:55:57Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2025-45/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-46","reference_id":"mfsa2025-46","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-46"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2025-46/","reference_id":"mfsa2025-46","reference_type":"","scores":[{"value":"4.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-05-28T03:55:57Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2025-46/"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1962301","reference_id":"show_bug.cgi?id=1962301","reference_type":"","scores":[{"value":"4.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-05-28T03:55:57Z/"}],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1962301"},{"reference_url":"https://usn.ubuntu.com/7663-1/","reference_id":"USN-7663-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7663-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/41799?format=json","purl":"pkg:deb/debian/firefox-esr@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/41784?format=json","purl":"pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/41782?format=json","purl":"pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zj6v-hmj8-syfy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/41786?format=json","purl":"pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zj6v-hmj8-syfy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/41785?format=json","purl":"pkg:deb/debian/firefox-esr@140.11.0esr-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zj6v-hmj8-syfy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.11.0esr-1%3Fdistro=trixie"}],"aliases":["CVE-2025-5265"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-8966-aewf-27f6"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/139822?format=json","vulnerability_id":"VCID-8f5p-vpt4-yyb5","summary":"Due to large allocation checks in Angle for glsl shaders being too lenient a buffer overflow could have occured when allocating too much private shader memory on mac OS. \n*This bug only affects Firefox on macOS. Other operating systems are unaffected.* This vulnerability affects Firefox < 117, Firefox ESR < 115.2, and Thunderbird < 115.2.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-4582.json","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-4582.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2023-4582","reference_id":"","reference_type":"","scores":[{"value":"0.00657","scoring_system":"epss","scoring_elements":"0.71599","published_at":"2026-06-14T12:55:00Z"},{"value":"0.00657","scoring_system":"epss","scoring_elements":"0.71503","published_at":"2026-06-11T12:55:00Z"},{"value":"0.00657","scoring_system":"epss","scoring_elements":"0.71589","published_at":"2026-06-12T12:55:00Z"},{"value":"0.00657","scoring_system":"epss","scoring_elements":"0.71601","published_at":"2026-06-13T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2023-4582"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2236081","reference_id":"2236081","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2236081"},{"reference_url":"https://security.gentoo.org/glsa/202402-25","reference_id":"GLSA-202402-25","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202402-25"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2023-34","reference_id":"mfsa2023-34","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2023-34"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2023-34/","reference_id":"mfsa2023-34","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-09-19T20:00:26Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2023-34/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2023-36","reference_id":"mfsa2023-36","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2023-36"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2023-36/","reference_id":"mfsa2023-36","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-09-19T20:00:26Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2023-36/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2023-38","reference_id":"mfsa2023-38","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2023-38"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2023-38/","reference_id":"mfsa2023-38","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-09-19T20:00:26Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2023-38/"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1773874","reference_id":"show_bug.cgi?id=1773874","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-09-19T20:00:26Z/"}],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1773874"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/41799?format=json","purl":"pkg:deb/debian/firefox-esr@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/41784?format=json","purl":"pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/41782?format=json","purl":"pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zj6v-hmj8-syfy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/41786?format=json","purl":"pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zj6v-hmj8-syfy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/41785?format=json","purl":"pkg:deb/debian/firefox-esr@140.11.0esr-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zj6v-hmj8-syfy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.11.0esr-1%3Fdistro=trixie"}],"aliases":["CVE-2023-4582"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-8f5p-vpt4-yyb5"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/128983?format=json","vulnerability_id":"VCID-8jdx-sc77-tybh","summary":"After downloading a Windows <code>.url</code> shortcut from the local filesystem, an attacker could supply a remote path that would lead to unexpected network requests from the operating system. This also had the potential to leak NTLM credentials to the resource.<br>*This bug only affects Firefox on Windows. Other operating systems are unaffected.*. This vulnerability affects Firefox < 110, Thunderbird < 102.8, and Firefox ESR < 102.8.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-25734.json","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-25734.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2023-25734","reference_id":"","reference_type":"","scores":[{"value":"0.00179","scoring_system":"epss","scoring_elements":"0.39478","published_at":"2026-06-14T12:55:00Z"},{"value":"0.00179","scoring_system":"epss","scoring_elements":"0.3949","published_at":"2026-06-13T12:55:00Z"},{"value":"0.00179","scoring_system":"epss","scoring_elements":"0.39465","published_at":"2026-06-12T12:55:00Z"},{"value":"0.00179","scoring_system":"epss","scoring_elements":"0.39295","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2023-25734"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2170384","reference_id":"2170384","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2170384"},{"reference_url":"https://security.gentoo.org/glsa/202305-35","reference_id":"GLSA-202305-35","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202305-35"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2023-05","reference_id":"mfsa2023-05","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2023-05"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2023-05/","reference_id":"mfsa2023-05","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N"},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2025-01-09T20:59:56Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2023-05/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2023-06","reference_id":"mfsa2023-06","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2023-06"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2023-06/","reference_id":"mfsa2023-06","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N"},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2025-01-09T20:59:56Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2023-06/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2023-07","reference_id":"mfsa2023-07","reference_type":"","scores":[{"value":"low","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2023-07"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2023-07/","reference_id":"mfsa2023-07","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N"},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2025-01-09T20:59:56Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2023-07/"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1784451","reference_id":"show_bug.cgi?id=1784451","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N"},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2025-01-09T20:59:56Z/"}],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1784451"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1809923","reference_id":"show_bug.cgi?id=1809923","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N"},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2025-01-09T20:59:56Z/"}],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1809923"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1810143","reference_id":"show_bug.cgi?id=1810143","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N"},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2025-01-09T20:59:56Z/"}],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1810143"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1812338","reference_id":"show_bug.cgi?id=1812338","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N"},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2025-01-09T20:59:56Z/"}],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1812338"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/41799?format=json","purl":"pkg:deb/debian/firefox-esr@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/41784?format=json","purl":"pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/41782?format=json","purl":"pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zj6v-hmj8-syfy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/41786?format=json","purl":"pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zj6v-hmj8-syfy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/41785?format=json","purl":"pkg:deb/debian/firefox-esr@140.11.0esr-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zj6v-hmj8-syfy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.11.0esr-1%3Fdistro=trixie"}],"aliases":["CVE-2023-25734"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-8jdx-sc77-tybh"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/4623?format=json","vulnerability_id":"VCID-8r46-96b2-xbd7","summary":"","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-12368.json","reference_id":"","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-12368.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2018-12368","reference_id":"","reference_type":"","scores":[{"value":"0.01854","scoring_system":"epss","scoring_elements":"0.83492","published_at":"2026-06-12T12:55:00Z"},{"value":"0.01854","scoring_system":"epss","scoring_elements":"0.83432","published_at":"2026-06-11T12:55:00Z"},{"value":"0.01854","scoring_system":"epss","scoring_elements":"0.83498","published_at":"2026-06-14T12:55:00Z"},{"value":"0.01854","scoring_system":"epss","scoring_elements":"0.83501","published_at":"2026-06-13T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2018-12368"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1595033","reference_id":"1595033","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1595033"},{"reference_url":"https://security.gentoo.org/glsa/201810-01","reference_id":"GLSA-201810-01","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201810-01"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2018-15","reference_id":"mfsa2018-15","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2018-15"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2018-16","reference_id":"mfsa2018-16","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2018-16"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2018-17","reference_id":"mfsa2018-17","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2018-17"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2018-18","reference_id":"mfsa2018-18","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2018-18"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2018-19","reference_id":"mfsa2018-19","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2018-19"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/41799?format=json","purl":"pkg:deb/debian/firefox-esr@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/41784?format=json","purl":"pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/41782?format=json","purl":"pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zj6v-hmj8-syfy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/41786?format=json","purl":"pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zj6v-hmj8-syfy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/41785?format=json","purl":"pkg:deb/debian/firefox-esr@140.11.0esr-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zj6v-hmj8-syfy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.11.0esr-1%3Fdistro=trixie"}],"aliases":["CVE-2018-12368"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-8r46-96b2-xbd7"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/212835?format=json","vulnerability_id":"VCID-94gd-8ska-tueq","summary":"The Mozilla Maintenance Service can be invoked by an unprivileged user to read 32 bytes of any arbitrary file on the local system by convincing the service that it is reading a status file provided by the Mozilla Windows Updater. The Mozilla Maintenance Service executes with privileged access, bypassing system protections against unprivileged users. Note: This attack requires local system access and only affects Windows. Other operating systems are not affected. This vulnerability affects Firefox ESR < 52.2 and Firefox < 54.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2017-7768","reference_id":"","reference_type":"","scores":[{"value":"0.00046","scoring_system":"epss","scoring_elements":"0.14764","published_at":"2026-06-11T12:55:00Z"},{"value":"0.00046","scoring_system":"epss","scoring_elements":"0.14885","published_at":"2026-06-12T12:55:00Z"},{"value":"0.00046","scoring_system":"epss","scoring_elements":"0.14884","published_at":"2026-06-13T12:55:00Z"},{"value":"0.00046","scoring_system":"epss","scoring_elements":"0.14855","published_at":"2026-06-14T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2017-7768"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2017-15","reference_id":"mfsa2017-15","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2017-15"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2017-16","reference_id":"mfsa2017-16","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2017-16"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/41799?format=json","purl":"pkg:deb/debian/firefox-esr@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/41784?format=json","purl":"pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/41782?format=json","purl":"pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zj6v-hmj8-syfy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/41786?format=json","purl":"pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zj6v-hmj8-syfy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/41785?format=json","purl":"pkg:deb/debian/firefox-esr@140.11.0esr-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zj6v-hmj8-syfy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.11.0esr-1%3Fdistro=trixie"}],"aliases":["CVE-2017-7768"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-94gd-8ska-tueq"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/5112?format=json","vulnerability_id":"VCID-99dw-9mfj-9kge","summary":"","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-18335.json","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-18335.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2018-18335","reference_id":"","reference_type":"","scores":[{"value":"0.04343","scoring_system":"epss","scoring_elements":"0.89216","published_at":"2026-06-14T12:55:00Z"},{"value":"0.04343","scoring_system":"epss","scoring_elements":"0.8917","published_at":"2026-06-11T12:55:00Z"},{"value":"0.04343","scoring_system":"epss","scoring_elements":"0.89208","published_at":"2026-06-12T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2018-18335"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-17480","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-17480"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-17481","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-17481"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-18335","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-18335"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-18336","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-18336"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-18337","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-18337"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-18338","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-18338"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-18339","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-18339"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-18340","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-18340"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-18341","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-18341"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-18342","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-18342"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-18343","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-18343"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-18344","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-18344"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-18345","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-18345"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-18346","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-18346"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-18347","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-18347"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-18348","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-18348"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-18349","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-18349"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-18350","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-18350"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-18351","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-18351"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-18352","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-18352"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-18353","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-18353"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-18354","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-18354"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-18355","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-18355"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-18356","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-18356"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-18357","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-18357"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-18358","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-18358"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-18359","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-18359"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20065","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20065"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20066","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20066"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20067","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20067"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20068","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20068"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20070","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20070"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20346","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20346"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1656549","reference_id":"1656549","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1656549"},{"reference_url":"https://security.archlinux.org/ASA-201812-2","reference_id":"ASA-201812-2","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201812-2"},{"reference_url":"https://security.archlinux.org/ASA-201902-23","reference_id":"ASA-201902-23","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201902-23"},{"reference_url":"https://security.archlinux.org/AVG-824","reference_id":"AVG-824","reference_type":"","scores":[{"value":"Critical","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-824"},{"reference_url":"https://security.archlinux.org/AVG-908","reference_id":"AVG-908","reference_type":"","scores":[{"value":"Critical","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-908"},{"reference_url":"https://security.gentoo.org/glsa/201904-07","reference_id":"GLSA-201904-07","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201904-07"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2019-05","reference_id":"mfsa2019-05","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2019-05"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2019-06","reference_id":"mfsa2019-06","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2019-06"},{"reference_url":"https://access.redhat.com/errata/RHSA-2018:3803","reference_id":"RHSA-2018:3803","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2018:3803"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/41799?format=json","purl":"pkg:deb/debian/firefox-esr@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/41784?format=json","purl":"pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/41782?format=json","purl":"pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zj6v-hmj8-syfy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/41786?format=json","purl":"pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zj6v-hmj8-syfy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/41785?format=json","purl":"pkg:deb/debian/firefox-esr@140.11.0esr-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zj6v-hmj8-syfy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.11.0esr-1%3Fdistro=trixie"}],"aliases":["CVE-2018-18335"],"risk_score":4.5,"exploitability":"0.5","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-99dw-9mfj-9kge"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/212918?format=json","vulnerability_id":"VCID-9c48-jz6g-8yh3","summary":"Firefox will accept any registered Program ID as an external protocol handler and offer to launch this local application when given a matching URL on Windows operating systems. This should only happen if the program has specifically registered itself as a \"URL Handler\" in the Windows registry. *Note: This issue only affects Windows operating systems. Other operating systems are unaffected.*. This vulnerability affects Thunderbird < 60.6, Firefox ESR < 60.6, and Firefox < 66.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-9801.json","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-9801.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2019-9801","reference_id":"","reference_type":"","scores":[{"value":"0.00273","scoring_system":"epss","scoring_elements":"0.50968","published_at":"2026-06-11T12:55:00Z"},{"value":"0.00273","scoring_system":"epss","scoring_elements":"0.51099","published_at":"2026-06-12T12:55:00Z"},{"value":"0.00273","scoring_system":"epss","scoring_elements":"0.51112","published_at":"2026-06-13T12:55:00Z"},{"value":"0.00273","scoring_system":"epss","scoring_elements":"0.511","published_at":"2026-06-14T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2019-9801"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1690682","reference_id":"1690682","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1690682"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2019-07","reference_id":"mfsa2019-07","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2019-07"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2019-08","reference_id":"mfsa2019-08","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2019-08"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2019-11","reference_id":"mfsa2019-11","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2019-11"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/41799?format=json","purl":"pkg:deb/debian/firefox-esr@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/41784?format=json","purl":"pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/41782?format=json","purl":"pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zj6v-hmj8-syfy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/41786?format=json","purl":"pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zj6v-hmj8-syfy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/41785?format=json","purl":"pkg:deb/debian/firefox-esr@140.11.0esr-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zj6v-hmj8-syfy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.11.0esr-1%3Fdistro=trixie"}],"aliases":["CVE-2019-9801"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-9c48-jz6g-8yh3"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/9936?format=json","vulnerability_id":"VCID-9qws-hebg-uqce","summary":"","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-38492.json","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-38492.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2021-38492","reference_id":"","reference_type":"","scores":[{"value":"0.00406","scoring_system":"epss","scoring_elements":"0.61595","published_at":"2026-06-12T12:55:00Z"},{"value":"0.00406","scoring_system":"epss","scoring_elements":"0.61599","published_at":"2026-06-14T12:55:00Z"},{"value":"0.00406","scoring_system":"epss","scoring_elements":"0.61603","published_at":"2026-06-13T12:55:00Z"},{"value":"0.00406","scoring_system":"epss","scoring_elements":"0.61492","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2021-38492"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2002118","reference_id":"2002118","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2002118"},{"reference_url":"https://security.archlinux.org/AVG-2351","reference_id":"AVG-2351","reference_type":"","scores":[{"value":"Medium","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-2351"},{"reference_url":"https://security.archlinux.org/AVG-2353","reference_id":"AVG-2353","reference_type":"","scores":[{"value":"Medium","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-2353"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2021-38","reference_id":"mfsa2021-38","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2021-38"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2021-39","reference_id":"mfsa2021-39","reference_type":"","scores":[{"value":"none","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2021-39"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2021-40","reference_id":"mfsa2021-40","reference_type":"","scores":[{"value":"low","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2021-40"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2021-41","reference_id":"mfsa2021-41","reference_type":"","scores":[{"value":"low","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2021-41"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2021-42","reference_id":"mfsa2021-42","reference_type":"","scores":[{"value":"none","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2021-42"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/41799?format=json","purl":"pkg:deb/debian/firefox-esr@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/41784?format=json","purl":"pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/41782?format=json","purl":"pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zj6v-hmj8-syfy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/41786?format=json","purl":"pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zj6v-hmj8-syfy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/41785?format=json","purl":"pkg:deb/debian/firefox-esr@140.11.0esr-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zj6v-hmj8-syfy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.11.0esr-1%3Fdistro=trixie"}],"aliases":["CVE-2021-38492"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-9qws-hebg-uqce"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/173664?format=json","vulnerability_id":"VCID-9tac-6ypm-qydc","summary":"A Time-of-Check Time-of-Use bug existed in the Maintenance (Updater) Service that could be abused to grant Users write access to an arbitrary directory. This could have been used to escalate to SYSTEM access.<br>*This bug only affects Firefox on Windows. Other operating systems are unaffected.*. This vulnerability affects Firefox < 97, Thunderbird < 91.6, and Firefox ESR < 91.6.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-22753.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-22753.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-22753","reference_id":"","reference_type":"","scores":[{"value":"0.00362","scoring_system":"epss","scoring_elements":"0.58797","published_at":"2026-06-14T12:55:00Z"},{"value":"0.00362","scoring_system":"epss","scoring_elements":"0.58682","published_at":"2026-06-11T12:55:00Z"},{"value":"0.00362","scoring_system":"epss","scoring_elements":"0.58794","published_at":"2026-06-12T12:55:00Z"},{"value":"0.00362","scoring_system":"epss","scoring_elements":"0.58808","published_at":"2026-06-13T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-22753"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2053241","reference_id":"2053241","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2053241"},{"reference_url":"https://security.gentoo.org/glsa/202202-03","reference_id":"GLSA-202202-03","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202202-03"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2022-04","reference_id":"mfsa2022-04","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2022-04"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2022-04/","reference_id":"mfsa2022-04","reference_type":"","scores":[{"value":"7.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-16T14:47:11Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2022-04/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2022-05","reference_id":"mfsa2022-05","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2022-05"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2022-05/","reference_id":"mfsa2022-05","reference_type":"","scores":[{"value":"7.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-16T14:47:11Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2022-05/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2022-06","reference_id":"mfsa2022-06","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2022-06"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2022-06/","reference_id":"mfsa2022-06","reference_type":"","scores":[{"value":"7.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-16T14:47:11Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2022-06/"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1732435","reference_id":"show_bug.cgi?id=1732435","reference_type":"","scores":[{"value":"7.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-16T14:47:11Z/"}],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1732435"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/41799?format=json","purl":"pkg:deb/debian/firefox-esr@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/41784?format=json","purl":"pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/41782?format=json","purl":"pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zj6v-hmj8-syfy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/41786?format=json","purl":"pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zj6v-hmj8-syfy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/41785?format=json","purl":"pkg:deb/debian/firefox-esr@140.11.0esr-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zj6v-hmj8-syfy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.11.0esr-1%3Fdistro=trixie"}],"aliases":["CVE-2022-22753"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-9tac-6ypm-qydc"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/75425?format=json","vulnerability_id":"VCID-9tg8-5ktq-73ad","summary":"Use-after-free in the Widget: Cocoa component. This vulnerability was fixed in Firefox 150, Firefox ESR 140.10, Thunderbird 150, and Thunderbird 140.10.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-6759.json","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-6759.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-6759","reference_id":"","reference_type":"","scores":[{"value":"0.00067","scoring_system":"epss","scoring_elements":"0.2113","published_at":"2026-06-14T12:55:00Z"},{"value":"0.00067","scoring_system":"epss","scoring_elements":"0.21148","published_at":"2026-06-13T12:55:00Z"},{"value":"0.00067","scoring_system":"epss","scoring_elements":"0.21129","published_at":"2026-06-12T12:55:00Z"},{"value":"0.00067","scoring_system":"epss","scoring_elements":"0.20953","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-6759"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2460094","reference_id":"2460094","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2460094"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-30","reference_id":"mfsa2026-30","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-30"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-30/","reference_id":"mfsa2026-30","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-22T15:06:08Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-30/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-32","reference_id":"mfsa2026-32","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-32"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-32/","reference_id":"mfsa2026-32","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-22T15:06:08Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-32/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-33","reference_id":"mfsa2026-33","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-33"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-33/","reference_id":"mfsa2026-33","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-22T15:06:08Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-33/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-34","reference_id":"mfsa2026-34","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-34"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-34/","reference_id":"mfsa2026-34","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-22T15:06:08Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-34/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:10757","reference_id":"RHSA-2026:10757","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:10757"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:10766","reference_id":"RHSA-2026:10766","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:10766"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:10767","reference_id":"RHSA-2026:10767","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:10767"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:12285","reference_id":"RHSA-2026:12285","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:12285"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:13537","reference_id":"RHSA-2026:13537","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:13537"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:15892","reference_id":"RHSA-2026:15892","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:15892"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:17477","reference_id":"RHSA-2026:17477","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:17477"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:17687","reference_id":"RHSA-2026:17687","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:17687"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:17688","reference_id":"RHSA-2026:17688","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:17688"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:17689","reference_id":"RHSA-2026:17689","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:17689"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:17690","reference_id":"RHSA-2026:17690","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:17690"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:19041","reference_id":"RHSA-2026:19041","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:19041"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:19131","reference_id":"RHSA-2026:19131","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:19131"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:19201","reference_id":"RHSA-2026:19201","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:19201"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:19348","reference_id":"RHSA-2026:19348","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:19348"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:19461","reference_id":"RHSA-2026:19461","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:19461"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:19462","reference_id":"RHSA-2026:19462","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:19462"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:19463","reference_id":"RHSA-2026:19463","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:19463"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:19464","reference_id":"RHSA-2026:19464","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:19464"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:19465","reference_id":"RHSA-2026:19465","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:19465"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:19466","reference_id":"RHSA-2026:19466","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:19466"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:19467","reference_id":"RHSA-2026:19467","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:19467"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:19468","reference_id":"RHSA-2026:19468","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:19468"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:19469","reference_id":"RHSA-2026:19469","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:19469"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:19542","reference_id":"RHSA-2026:19542","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:19542"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:19655","reference_id":"RHSA-2026:19655","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:19655"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:19704","reference_id":"RHSA-2026:19704","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:19704"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=2016164","reference_id":"show_bug.cgi?id=2016164","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-22T15:06:08Z/"}],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=2016164"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/41799?format=json","purl":"pkg:deb/debian/firefox-esr@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/41784?format=json","purl":"pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/41782?format=json","purl":"pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zj6v-hmj8-syfy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/41786?format=json","purl":"pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zj6v-hmj8-syfy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/41785?format=json","purl":"pkg:deb/debian/firefox-esr@140.11.0esr-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zj6v-hmj8-syfy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.11.0esr-1%3Fdistro=trixie"}],"aliases":["CVE-2026-6759"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-9tg8-5ktq-73ad"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/1121?format=json","vulnerability_id":"VCID-9tzr-adwz-rqa3","summary":"","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-2839.json","reference_id":"","reference_type":"","scores":[{"value":"5.6","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-2839.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2016-2839","reference_id":"","reference_type":"","scores":[{"value":"0.00748","scoring_system":"epss","scoring_elements":"0.73631","published_at":"2026-06-14T12:55:00Z"},{"value":"0.00748","scoring_system":"epss","scoring_elements":"0.73544","published_at":"2026-06-11T12:55:00Z"},{"value":"0.00748","scoring_system":"epss","scoring_elements":"0.73618","published_at":"2026-06-12T12:55:00Z"},{"value":"0.00748","scoring_system":"epss","scoring_elements":"0.73633","published_at":"2026-06-13T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2016-2839"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.8","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:P/I:P/A:P"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1361977","reference_id":"1361977","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1361977"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2839","reference_id":"CVE-2016-2839","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2839"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2016-65","reference_id":"mfsa2016-65","reference_type":"","scores":[{"value":"none","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2016-65"},{"reference_url":"https://usn.ubuntu.com/3044-1/","reference_id":"USN-3044-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3044-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/41799?format=json","purl":"pkg:deb/debian/firefox-esr@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/41784?format=json","purl":"pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/41782?format=json","purl":"pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zj6v-hmj8-syfy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/41786?format=json","purl":"pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zj6v-hmj8-syfy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/41785?format=json","purl":"pkg:deb/debian/firefox-esr@140.11.0esr-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zj6v-hmj8-syfy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.11.0esr-1%3Fdistro=trixie"}],"aliases":["CVE-2016-2839"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-9tzr-adwz-rqa3"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/183554?format=json","vulnerability_id":"VCID-a3ub-hkr4-pydw","summary":"Multiple vulnerabilities have been found in Mozilla Firefox and\n    Thunderbird the worst of which could lead to the execution of arbitrary\n    code.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-5273.json","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-5273.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2016-5273","reference_id":"","reference_type":"","scores":[{"value":"0.00691","scoring_system":"epss","scoring_elements":"0.72375","published_at":"2026-06-14T12:55:00Z"},{"value":"0.00691","scoring_system":"epss","scoring_elements":"0.72285","published_at":"2026-06-11T12:55:00Z"},{"value":"0.00691","scoring_system":"epss","scoring_elements":"0.72368","published_at":"2026-06-12T12:55:00Z"},{"value":"0.00691","scoring_system":"epss","scoring_elements":"0.72381","published_at":"2026-06-13T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2016-5273"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1377669","reference_id":"1377669","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1377669"},{"reference_url":"https://security.archlinux.org/ASA-201609-22","reference_id":"ASA-201609-22","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201609-22"},{"reference_url":"https://security.archlinux.org/AVG-24","reference_id":"AVG-24","reference_type":"","scores":[{"value":"Critical","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-24"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2016-85","reference_id":"mfsa2016-85","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2016-85"},{"reference_url":"https://usn.ubuntu.com/3076-1/","reference_id":"USN-3076-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3076-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/41799?format=json","purl":"pkg:deb/debian/firefox-esr@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/41784?format=json","purl":"pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/41782?format=json","purl":"pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zj6v-hmj8-syfy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/41786?format=json","purl":"pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zj6v-hmj8-syfy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/41785?format=json","purl":"pkg:deb/debian/firefox-esr@140.11.0esr-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zj6v-hmj8-syfy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.11.0esr-1%3Fdistro=trixie"}],"aliases":["CVE-2016-5273"],"risk_score":4.5,"exploitability":"0.5","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-a3ub-hkr4-pydw"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/212806?format=json","vulnerability_id":"VCID-ae1p-hwkc-hfgf","summary":"Mozilla Firefox before 3.6 is vulnerable to XSS via the rendering of Cascading Style Sheets","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2011-2670","reference_id":"","reference_type":"","scores":[{"value":"0.0024","scoring_system":"epss","scoring_elements":"0.47527","published_at":"2026-06-11T12:55:00Z"},{"value":"0.0024","scoring_system":"epss","scoring_elements":"0.47668","published_at":"2026-06-12T12:55:00Z"},{"value":"0.0024","scoring_system":"epss","scoring_elements":"0.47683","published_at":"2026-06-13T12:55:00Z"},{"value":"0.0024","scoring_system":"epss","scoring_elements":"0.47664","published_at":"2026-06-14T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2011-2670"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/41799?format=json","purl":"pkg:deb/debian/firefox-esr@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/41784?format=json","purl":"pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/41782?format=json","purl":"pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zj6v-hmj8-syfy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/41786?format=json","purl":"pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zj6v-hmj8-syfy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/41785?format=json","purl":"pkg:deb/debian/firefox-esr@140.11.0esr-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zj6v-hmj8-syfy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.11.0esr-1%3Fdistro=trixie"}],"aliases":["CVE-2011-2670"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-ae1p-hwkc-hfgf"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/29889?format=json","vulnerability_id":"VCID-afc5-httk-83bh","summary":"","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-4711.json","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-4711.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-4711","reference_id":"","reference_type":"","scores":[{"value":"0.00026","scoring_system":"epss","scoring_elements":"0.07754","published_at":"2026-06-14T12:55:00Z"},{"value":"0.00026","scoring_system":"epss","scoring_elements":"0.07759","published_at":"2026-06-13T12:55:00Z"},{"value":"0.00026","scoring_system":"epss","scoring_elements":"0.07731","published_at":"2026-06-11T12:55:00Z"},{"value":"0.00026","scoring_system":"epss","scoring_elements":"0.07766","published_at":"2026-06-12T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-4711"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2450733","reference_id":"2450733","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2450733"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-20","reference_id":"mfsa2026-20","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-20"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-20/","reference_id":"mfsa2026-20","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-03-25T16:25:02Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-20/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-22","reference_id":"mfsa2026-22","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-22"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-22/","reference_id":"mfsa2026-22","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-03-25T16:25:02Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-22/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-23","reference_id":"mfsa2026-23","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-23"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-23/","reference_id":"mfsa2026-23","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-03-25T16:25:02Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-23/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-24","reference_id":"mfsa2026-24","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-24"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-24/","reference_id":"mfsa2026-24","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-03-25T16:25:02Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-24/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:5930","reference_id":"RHSA-2026:5930","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:5930"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:5931","reference_id":"RHSA-2026:5931","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:5931"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:5932","reference_id":"RHSA-2026:5932","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:5932"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:6188","reference_id":"RHSA-2026:6188","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:6188"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:6342","reference_id":"RHSA-2026:6342","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:6342"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:6917","reference_id":"RHSA-2026:6917","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:6917"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:7837","reference_id":"RHSA-2026:7837","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:7837"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:7838","reference_id":"RHSA-2026:7838","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:7838"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:7839","reference_id":"RHSA-2026:7839","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:7839"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:7840","reference_id":"RHSA-2026:7840","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:7840"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:7841","reference_id":"RHSA-2026:7841","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:7841"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:7842","reference_id":"RHSA-2026:7842","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:7842"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:7843","reference_id":"RHSA-2026:7843","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:7843"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:7845","reference_id":"RHSA-2026:7845","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:7845"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:7858","reference_id":"RHSA-2026:7858","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:7858"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:8284","reference_id":"RHSA-2026:8284","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:8284"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:8285","reference_id":"RHSA-2026:8285","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:8285"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:8286","reference_id":"RHSA-2026:8286","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:8286"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:8287","reference_id":"RHSA-2026:8287","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:8287"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:8288","reference_id":"RHSA-2026:8288","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:8288"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:8289","reference_id":"RHSA-2026:8289","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:8289"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:8290","reference_id":"RHSA-2026:8290","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:8290"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:8315","reference_id":"RHSA-2026:8315","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:8315"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:8427","reference_id":"RHSA-2026:8427","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:8427"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:8850","reference_id":"RHSA-2026:8850","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:8850"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=2017002","reference_id":"show_bug.cgi?id=2017002","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-03-25T16:25:02Z/"}],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=2017002"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/41799?format=json","purl":"pkg:deb/debian/firefox-esr@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/41784?format=json","purl":"pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/41782?format=json","purl":"pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zj6v-hmj8-syfy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/41786?format=json","purl":"pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zj6v-hmj8-syfy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/41785?format=json","purl":"pkg:deb/debian/firefox-esr@140.11.0esr-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zj6v-hmj8-syfy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.11.0esr-1%3Fdistro=trixie"}],"aliases":["CVE-2026-4711"],"risk_score":4.4,"exploitability":"0.5","weighted_severity":"8.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-afc5-httk-83bh"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/3990?format=json","vulnerability_id":"VCID-avqh-n6pe-dudy","summary":"","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-7825.json","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-7825.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2017-7825","reference_id":"","reference_type":"","scores":[{"value":"0.0171","scoring_system":"epss","scoring_elements":"0.82804","published_at":"2026-06-12T12:55:00Z"},{"value":"0.0171","scoring_system":"epss","scoring_elements":"0.82807","published_at":"2026-06-14T12:55:00Z"},{"value":"0.0171","scoring_system":"epss","scoring_elements":"0.82742","published_at":"2026-06-11T12:55:00Z"},{"value":"0.0171","scoring_system":"epss","scoring_elements":"0.82811","published_at":"2026-06-13T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2017-7825"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.4","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:L/Au:N/C:P/I:P/A:N"},{"value":"5.4","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1496657","reference_id":"1496657","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1496657"},{"reference_url":"https://security.gentoo.org/glsa/201803-14","reference_id":"GLSA-201803-14","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201803-14"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2017-21","reference_id":"mfsa2017-21","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2017-21"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2017-22","reference_id":"mfsa2017-22","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2017-22"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2017-23","reference_id":"mfsa2017-23","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2017-23"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/41799?format=json","purl":"pkg:deb/debian/firefox-esr@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/41784?format=json","purl":"pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/41782?format=json","purl":"pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zj6v-hmj8-syfy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/41786?format=json","purl":"pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zj6v-hmj8-syfy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/41785?format=json","purl":"pkg:deb/debian/firefox-esr@140.11.0esr-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zj6v-hmj8-syfy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.11.0esr-1%3Fdistro=trixie"}],"aliases":["CVE-2017-7825"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-avqh-n6pe-dudy"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/1506?format=json","vulnerability_id":"VCID-ax2b-cu44-gfa3","summary":"","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-5255.json","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-5255.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2016-5255","reference_id":"","reference_type":"","scores":[{"value":"0.01098","scoring_system":"epss","scoring_elements":"0.78501","published_at":"2026-06-14T12:55:00Z"},{"value":"0.01098","scoring_system":"epss","scoring_elements":"0.78423","published_at":"2026-06-11T12:55:00Z"},{"value":"0.01098","scoring_system":"epss","scoring_elements":"0.7849","published_at":"2026-06-12T12:55:00Z"},{"value":"0.01098","scoring_system":"epss","scoring_elements":"0.78505","published_at":"2026-06-13T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2016-5255"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:S/C:P/I:P/A:P"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1361981","reference_id":"1361981","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1361981"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5255","reference_id":"CVE-2016-5255","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5255"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2016-71","reference_id":"mfsa2016-71","reference_type":"","scores":[{"value":"none","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2016-71"},{"reference_url":"https://usn.ubuntu.com/3044-1/","reference_id":"USN-3044-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3044-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/41799?format=json","purl":"pkg:deb/debian/firefox-esr@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/41784?format=json","purl":"pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/41782?format=json","purl":"pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zj6v-hmj8-syfy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/41786?format=json","purl":"pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zj6v-hmj8-syfy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/41785?format=json","purl":"pkg:deb/debian/firefox-esr@140.11.0esr-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zj6v-hmj8-syfy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.11.0esr-1%3Fdistro=trixie"}],"aliases":["CVE-2016-5255"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-ax2b-cu44-gfa3"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/7394?format=json","vulnerability_id":"VCID-az7u-88nn-yufu","summary":"","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-9794.json","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-9794.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2019-9794","reference_id":"","reference_type":"","scores":[{"value":"0.00576","scoring_system":"epss","scoring_elements":"0.6936","published_at":"2026-06-12T12:55:00Z"},{"value":"0.00576","scoring_system":"epss","scoring_elements":"0.69268","published_at":"2026-06-11T12:55:00Z"},{"value":"0.00576","scoring_system":"epss","scoring_elements":"0.69369","published_at":"2026-06-14T12:55:00Z"},{"value":"0.00576","scoring_system":"epss","scoring_elements":"0.69372","published_at":"2026-06-13T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2019-9794"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1690679","reference_id":"1690679","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1690679"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2019-07","reference_id":"mfsa2019-07","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2019-07"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2019-08","reference_id":"mfsa2019-08","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2019-08"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2019-11","reference_id":"mfsa2019-11","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2019-11"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/41799?format=json","purl":"pkg:deb/debian/firefox-esr@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/41784?format=json","purl":"pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/41782?format=json","purl":"pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zj6v-hmj8-syfy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/41786?format=json","purl":"pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zj6v-hmj8-syfy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/41785?format=json","purl":"pkg:deb/debian/firefox-esr@140.11.0esr-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zj6v-hmj8-syfy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.11.0esr-1%3Fdistro=trixie"}],"aliases":["CVE-2019-9794"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-az7u-88nn-yufu"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/212927?format=json","vulnerability_id":"VCID-b2jd-cd1y-4qdy","summary":"Given an installed malicious file picker application, an attacker was able to steal and upload local files of their choosing, regardless of the actually files picked. *Note: This issue only affected Firefox for Android. Other operating systems are unaffected.*. This vulnerability affects Firefox ESR < 68.11.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-15649.json","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-15649.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2020-15649","reference_id":"","reference_type":"","scores":[{"value":"0.00165","scoring_system":"epss","scoring_elements":"0.37286","published_at":"2026-06-11T12:55:00Z"},{"value":"0.00165","scoring_system":"epss","scoring_elements":"0.37463","published_at":"2026-06-12T12:55:00Z"},{"value":"0.00165","scoring_system":"epss","scoring_elements":"0.37486","published_at":"2026-06-13T12:55:00Z"},{"value":"0.00165","scoring_system":"epss","scoring_elements":"0.37473","published_at":"2026-06-14T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2020-15649"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1870408","reference_id":"1870408","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1870408"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2020-31","reference_id":"mfsa2020-31","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2020-31"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/41799?format=json","purl":"pkg:deb/debian/firefox-esr@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/41784?format=json","purl":"pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/41782?format=json","purl":"pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zj6v-hmj8-syfy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/41786?format=json","purl":"pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zj6v-hmj8-syfy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/41785?format=json","purl":"pkg:deb/debian/firefox-esr@140.11.0esr-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zj6v-hmj8-syfy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.11.0esr-1%3Fdistro=trixie"}],"aliases":["CVE-2020-15649"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-b2jd-cd1y-4qdy"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/213152?format=json","vulnerability_id":"VCID-b4xp-8f8v-sba9","summary":"Mozilla Firefox before 25 allows modification of anonymous content of pluginProblem.xml binding","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2013-5594","reference_id":"","reference_type":"","scores":[{"value":"0.00173","scoring_system":"epss","scoring_elements":"0.38503","published_at":"2026-06-11T12:55:00Z"},{"value":"0.00173","scoring_system":"epss","scoring_elements":"0.38676","published_at":"2026-06-12T12:55:00Z"},{"value":"0.00173","scoring_system":"epss","scoring_elements":"0.38698","published_at":"2026-06-13T12:55:00Z"},{"value":"0.00173","scoring_system":"epss","scoring_elements":"0.38688","published_at":"2026-06-14T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2013-5594"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/41799?format=json","purl":"pkg:deb/debian/firefox-esr@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/41784?format=json","purl":"pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/41782?format=json","purl":"pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zj6v-hmj8-syfy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/41786?format=json","purl":"pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zj6v-hmj8-syfy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/41785?format=json","purl":"pkg:deb/debian/firefox-esr@140.11.0esr-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zj6v-hmj8-syfy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.11.0esr-1%3Fdistro=trixie"}],"aliases":["CVE-2013-5594"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-b4xp-8f8v-sba9"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/140229?format=json","vulnerability_id":"VCID-bawb-xauy-4kb4","summary":"When `UpdateRegExpStatics` attempted to access `initialStringHeap` it could already have been garbage collected prior to entering the function, which could potentially have led to an exploitable crash. This vulnerability affects Firefox < 117, Firefox ESR < 115.2, and Thunderbird < 115.2.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-4577.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-4577.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2023-4577","reference_id":"","reference_type":"","scores":[{"value":"0.00102","scoring_system":"epss","scoring_elements":"0.27716","published_at":"2026-06-14T12:55:00Z"},{"value":"0.00102","scoring_system":"epss","scoring_elements":"0.27727","published_at":"2026-06-13T12:55:00Z"},{"value":"0.00102","scoring_system":"epss","scoring_elements":"0.27702","published_at":"2026-06-12T12:55:00Z"},{"value":"0.00102","scoring_system":"epss","scoring_elements":"0.275","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2023-4577"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2236075","reference_id":"2236075","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2236075"},{"reference_url":"https://security.gentoo.org/glsa/202402-25","reference_id":"GLSA-202402-25","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202402-25"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2023-34","reference_id":"mfsa2023-34","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2023-34"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2023-34/","reference_id":"mfsa2023-34","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-19T20:02:33Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2023-34/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2023-36","reference_id":"mfsa2023-36","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2023-36"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2023-36/","reference_id":"mfsa2023-36","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-19T20:02:33Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2023-36/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2023-38","reference_id":"mfsa2023-38","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2023-38"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2023-38/","reference_id":"mfsa2023-38","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-19T20:02:33Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2023-38/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4945","reference_id":"RHSA-2023:4945","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4945"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4946","reference_id":"RHSA-2023:4946","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4946"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4947","reference_id":"RHSA-2023:4947","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4947"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4948","reference_id":"RHSA-2023:4948","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4948"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4949","reference_id":"RHSA-2023:4949","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4949"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4950","reference_id":"RHSA-2023:4950","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4950"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4951","reference_id":"RHSA-2023:4951","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4951"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4952","reference_id":"RHSA-2023:4952","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4952"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4954","reference_id":"RHSA-2023:4954","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4954"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4955","reference_id":"RHSA-2023:4955","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4955"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4956","reference_id":"RHSA-2023:4956","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4956"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4957","reference_id":"RHSA-2023:4957","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4957"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4958","reference_id":"RHSA-2023:4958","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4958"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4959","reference_id":"RHSA-2023:4959","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4959"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:5019","reference_id":"RHSA-2023:5019","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:5019"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1847397","reference_id":"show_bug.cgi?id=1847397","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-19T20:02:33Z/"}],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1847397"},{"reference_url":"https://usn.ubuntu.com/6320-1/","reference_id":"USN-6320-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6320-1/"},{"reference_url":"https://usn.ubuntu.com/6405-1/","reference_id":"USN-6405-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6405-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/41799?format=json","purl":"pkg:deb/debian/firefox-esr@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/42184?format=json","purl":"pkg:deb/debian/firefox-esr@115.2.0esr-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@115.2.0esr-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/41784?format=json","purl":"pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/41782?format=json","purl":"pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zj6v-hmj8-syfy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/41786?format=json","purl":"pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zj6v-hmj8-syfy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/41785?format=json","purl":"pkg:deb/debian/firefox-esr@140.11.0esr-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zj6v-hmj8-syfy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.11.0esr-1%3Fdistro=trixie"}],"aliases":["CVE-2023-4577"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-bawb-xauy-4kb4"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/1088?format=json","vulnerability_id":"VCID-bvx4-p3zv-hfb5","summary":"","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-2804.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-2804.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2016-2804","reference_id":"","reference_type":"","scores":[{"value":"0.00941","scoring_system":"epss","scoring_elements":"0.76696","published_at":"2026-06-11T12:55:00Z"},{"value":"0.00941","scoring_system":"epss","scoring_elements":"0.76765","published_at":"2026-06-12T12:55:00Z"},{"value":"0.00941","scoring_system":"epss","scoring_elements":"0.76778","published_at":"2026-06-13T12:55:00Z"},{"value":"0.00941","scoring_system":"epss","scoring_elements":"0.76773","published_at":"2026-06-14T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2016-2804"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.8","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:P/I:P/A:P"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1330260","reference_id":"1330260","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1330260"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2804","reference_id":"CVE-2016-2804","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2804"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2016-39","reference_id":"mfsa2016-39","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2016-39"},{"reference_url":"https://usn.ubuntu.com/2936-1/","reference_id":"USN-2936-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/2936-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/41799?format=json","purl":"pkg:deb/debian/firefox-esr@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/41784?format=json","purl":"pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/41782?format=json","purl":"pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zj6v-hmj8-syfy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/41786?format=json","purl":"pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zj6v-hmj8-syfy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/41785?format=json","purl":"pkg:deb/debian/firefox-esr@140.11.0esr-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zj6v-hmj8-syfy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.11.0esr-1%3Fdistro=trixie"}],"aliases":["CVE-2016-2804"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-bvx4-p3zv-hfb5"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/140101?format=json","vulnerability_id":"VCID-c2yr-56yz-1ye2","summary":"Memory safety bugs present in Firefox 115, Firefox ESR 115.0, and Thunderbird 115.0. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 116, Firefox ESR < 115.1, and Thunderbird < 115.1.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-4057.json","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-4057.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2023-4057","reference_id":"","reference_type":"","scores":[{"value":"0.0023","scoring_system":"epss","scoring_elements":"0.46067","published_at":"2026-06-14T12:55:00Z"},{"value":"0.0023","scoring_system":"epss","scoring_elements":"0.46081","published_at":"2026-06-13T12:55:00Z"},{"value":"0.0023","scoring_system":"epss","scoring_elements":"0.46074","published_at":"2026-06-12T12:55:00Z"},{"value":"0.0023","scoring_system":"epss","scoring_elements":"0.45929","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2023-4057"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2228371","reference_id":"2228371","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2228371"},{"reference_url":"https://security.gentoo.org/glsa/202402-25","reference_id":"GLSA-202402-25","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202402-25"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2023-29","reference_id":"mfsa2023-29","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2023-29"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2023-29/","reference_id":"mfsa2023-29","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-10-22T14:20:29Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2023-29/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2023-31","reference_id":"mfsa2023-31","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2023-31"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2023-31/","reference_id":"mfsa2023-31","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-10-22T14:20:29Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2023-31/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2023-33","reference_id":"mfsa2023-33","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2023-33"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2023-33/","reference_id":"mfsa2023-33","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-10-22T14:20:29Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2023-33/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4460","reference_id":"RHSA-2023:4460","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4460"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4461","reference_id":"RHSA-2023:4461","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4461"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4462","reference_id":"RHSA-2023:4462","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4462"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4463","reference_id":"RHSA-2023:4463","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4463"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4464","reference_id":"RHSA-2023:4464","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4464"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4465","reference_id":"RHSA-2023:4465","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4465"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4468","reference_id":"RHSA-2023:4468","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4468"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4469","reference_id":"RHSA-2023:4469","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4469"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4492","reference_id":"RHSA-2023:4492","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4492"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4493","reference_id":"RHSA-2023:4493","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4493"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4494","reference_id":"RHSA-2023:4494","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4494"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4495","reference_id":"RHSA-2023:4495","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4495"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4496","reference_id":"RHSA-2023:4496","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4496"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4497","reference_id":"RHSA-2023:4497","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4497"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4499","reference_id":"RHSA-2023:4499","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4499"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4500","reference_id":"RHSA-2023:4500","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4500"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1841682","reference_id":"show_bug.cgi?id=1841682","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-10-22T14:20:29Z/"}],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1841682"},{"reference_url":"https://usn.ubuntu.com/6267-1/","reference_id":"USN-6267-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6267-1/"},{"reference_url":"https://usn.ubuntu.com/6405-1/","reference_id":"USN-6405-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6405-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/41799?format=json","purl":"pkg:deb/debian/firefox-esr@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/42183?format=json","purl":"pkg:deb/debian/firefox-esr@115.1.0esr-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@115.1.0esr-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/41784?format=json","purl":"pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/41782?format=json","purl":"pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zj6v-hmj8-syfy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/41786?format=json","purl":"pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zj6v-hmj8-syfy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/41785?format=json","purl":"pkg:deb/debian/firefox-esr@140.11.0esr-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zj6v-hmj8-syfy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.11.0esr-1%3Fdistro=trixie"}],"aliases":["CVE-2023-4057"],"risk_score":4.4,"exploitability":"0.5","weighted_severity":"8.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-c2yr-56yz-1ye2"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/8519?format=json","vulnerability_id":"VCID-cadd-un3y-yfh8","summary":"","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-35112.json","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-35112.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2020-35112","reference_id":"","reference_type":"","scores":[{"value":"0.00475","scoring_system":"epss","scoring_elements":"0.65357","published_at":"2026-06-12T12:55:00Z"},{"value":"0.00475","scoring_system":"epss","scoring_elements":"0.65366","published_at":"2026-06-14T12:55:00Z"},{"value":"0.00475","scoring_system":"epss","scoring_elements":"0.65368","published_at":"2026-06-13T12:55:00Z"},{"value":"0.00475","scoring_system":"epss","scoring_elements":"0.65257","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2020-35112"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1908028","reference_id":"1908028","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1908028"},{"reference_url":"https://security.archlinux.org/AVG-1364","reference_id":"AVG-1364","reference_type":"","scores":[{"value":"Low","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-1364"},{"reference_url":"https://security.archlinux.org/AVG-1366","reference_id":"AVG-1366","reference_type":"","scores":[{"value":"Low","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-1366"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2020-54","reference_id":"mfsa2020-54","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2020-54"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2020-55","reference_id":"mfsa2020-55","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2020-55"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2020-56","reference_id":"mfsa2020-56","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2020-56"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/41799?format=json","purl":"pkg:deb/debian/firefox-esr@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/41784?format=json","purl":"pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/41782?format=json","purl":"pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zj6v-hmj8-syfy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/41786?format=json","purl":"pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zj6v-hmj8-syfy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/41785?format=json","purl":"pkg:deb/debian/firefox-esr@140.11.0esr-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zj6v-hmj8-syfy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.11.0esr-1%3Fdistro=trixie"}],"aliases":["CVE-2020-35112"],"risk_score":4.5,"exploitability":"0.5","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-cadd-un3y-yfh8"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/212831?format=json","vulnerability_id":"VCID-crcu-7ms1-37hu","summary":"The \"Mark of the Web\" was not correctly saved on Windows when files with very long names were downloaded from the Internet. Without the Mark of the Web data, the security warning that Windows displays before running executables downloaded from the Internet is not shown. Note: This attack only affects Windows operating systems. Other operating systems are unaffected. This vulnerability affects Firefox < 54, Firefox ESR < 52.2, and Thunderbird < 52.2.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2017-7765","reference_id":"","reference_type":"","scores":[{"value":"0.00493","scoring_system":"epss","scoring_elements":"0.66224","published_at":"2026-06-12T12:55:00Z"},{"value":"0.00493","scoring_system":"epss","scoring_elements":"0.66235","published_at":"2026-06-14T12:55:00Z"},{"value":"0.00493","scoring_system":"epss","scoring_elements":"0.66238","published_at":"2026-06-13T12:55:00Z"},{"value":"0.00493","scoring_system":"epss","scoring_elements":"0.66131","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2017-7765"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2017-15","reference_id":"mfsa2017-15","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2017-15"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2017-16","reference_id":"mfsa2017-16","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2017-16"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2017-17","reference_id":"mfsa2017-17","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2017-17"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/41799?format=json","purl":"pkg:deb/debian/firefox-esr@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/41784?format=json","purl":"pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/41782?format=json","purl":"pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zj6v-hmj8-syfy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/41786?format=json","purl":"pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zj6v-hmj8-syfy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/41785?format=json","purl":"pkg:deb/debian/firefox-esr@140.11.0esr-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zj6v-hmj8-syfy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.11.0esr-1%3Fdistro=trixie"}],"aliases":["CVE-2017-7765"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-crcu-7ms1-37hu"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/183551?format=json","vulnerability_id":"VCID-cxpj-n2cg-s3cx","summary":"Multiple vulnerabilities have been found in Mozilla Firefox and\n    Thunderbird the worst of which could lead to the execution of arbitrary\n    code.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-5260.json","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-5260.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2016-5260","reference_id":"","reference_type":"","scores":[{"value":"0.00605","scoring_system":"epss","scoring_elements":"0.70111","published_at":"2026-06-11T12:55:00Z"},{"value":"0.00605","scoring_system":"epss","scoring_elements":"0.70201","published_at":"2026-06-12T12:55:00Z"},{"value":"0.00605","scoring_system":"epss","scoring_elements":"0.70215","published_at":"2026-06-13T12:55:00Z"},{"value":"0.00605","scoring_system":"epss","scoring_elements":"0.70213","published_at":"2026-06-14T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2016-5260"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1361985","reference_id":"1361985","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1361985"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5260","reference_id":"CVE-2016-5260","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5260"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2016-74","reference_id":"mfsa2016-74","reference_type":"","scores":[{"value":"none","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2016-74"},{"reference_url":"https://usn.ubuntu.com/3044-1/","reference_id":"USN-3044-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3044-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/41799?format=json","purl":"pkg:deb/debian/firefox-esr@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/41784?format=json","purl":"pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/41782?format=json","purl":"pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zj6v-hmj8-syfy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/41786?format=json","purl":"pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zj6v-hmj8-syfy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/41785?format=json","purl":"pkg:deb/debian/firefox-esr@140.11.0esr-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zj6v-hmj8-syfy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.11.0esr-1%3Fdistro=trixie"}],"aliases":["CVE-2016-5260"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-cxpj-n2cg-s3cx"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/196992?format=json","vulnerability_id":"VCID-cyke-6j3r-v7b9","summary":"multiple issues","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2017-5388","reference_id":"","reference_type":"","scores":[{"value":"0.0128","scoring_system":"epss","scoring_elements":"0.79994","published_at":"2026-06-11T12:55:00Z"},{"value":"0.0128","scoring_system":"epss","scoring_elements":"0.80057","published_at":"2026-06-12T12:55:00Z"},{"value":"0.0128","scoring_system":"epss","scoring_elements":"0.80073","published_at":"2026-06-13T12:55:00Z"},{"value":"0.0128","scoring_system":"epss","scoring_elements":"0.80066","published_at":"2026-06-14T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2017-5388"},{"reference_url":"https://security.archlinux.org/ASA-201701-39","reference_id":"ASA-201701-39","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201701-39"},{"reference_url":"https://security.archlinux.org/AVG-157","reference_id":"AVG-157","reference_type":"","scores":[{"value":"Critical","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-157"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2017-01","reference_id":"mfsa2017-01","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2017-01"},{"reference_url":"https://usn.ubuntu.com/3175-1/","reference_id":"USN-3175-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3175-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/41799?format=json","purl":"pkg:deb/debian/firefox-esr@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/41784?format=json","purl":"pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/41782?format=json","purl":"pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zj6v-hmj8-syfy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/41786?format=json","purl":"pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zj6v-hmj8-syfy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/41785?format=json","purl":"pkg:deb/debian/firefox-esr@140.11.0esr-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zj6v-hmj8-syfy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.11.0esr-1%3Fdistro=trixie"}],"aliases":["CVE-2017-5388"],"risk_score":4.5,"exploitability":"0.5","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-cyke-6j3r-v7b9"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/1114?format=json","vulnerability_id":"VCID-dfrh-bc49-eyc5","summary":"","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-2832.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-2832.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2016-2832","reference_id":"","reference_type":"","scores":[{"value":"0.00556","scoring_system":"epss","scoring_elements":"0.68607","published_at":"2026-06-11T12:55:00Z"},{"value":"0.00556","scoring_system":"epss","scoring_elements":"0.68697","published_at":"2026-06-12T12:55:00Z"},{"value":"0.00556","scoring_system":"epss","scoring_elements":"0.6871","published_at":"2026-06-13T12:55:00Z"},{"value":"0.00556","scoring_system":"epss","scoring_elements":"0.68705","published_at":"2026-06-14T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2016-2832"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:P/I:N/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1342899","reference_id":"1342899","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1342899"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2832","reference_id":"CVE-2016-2832","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2832"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2016-59","reference_id":"mfsa2016-59","reference_type":"","scores":[{"value":"none","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2016-59"},{"reference_url":"https://usn.ubuntu.com/2993-1/","reference_id":"USN-2993-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/2993-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/41799?format=json","purl":"pkg:deb/debian/firefox-esr@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/41784?format=json","purl":"pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/41782?format=json","purl":"pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zj6v-hmj8-syfy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/41786?format=json","purl":"pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zj6v-hmj8-syfy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/41785?format=json","purl":"pkg:deb/debian/firefox-esr@140.11.0esr-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zj6v-hmj8-syfy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.11.0esr-1%3Fdistro=trixie"}],"aliases":["CVE-2016-2832"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-dfrh-bc49-eyc5"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/140336?format=json","vulnerability_id":"VCID-dgw2-jdmf-aqbg","summary":"Memory safety bugs present in Firefox 116, Firefox ESR 115.1, and Thunderbird 115.1. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 117, Firefox ESR < 115.2, and Thunderbird < 115.2.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-4585.json","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-4585.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2023-4585","reference_id":"","reference_type":"","scores":[{"value":"0.00203","scoring_system":"epss","scoring_elements":"0.42585","published_at":"2026-06-14T12:55:00Z"},{"value":"0.00203","scoring_system":"epss","scoring_elements":"0.42412","published_at":"2026-06-11T12:55:00Z"},{"value":"0.00203","scoring_system":"epss","scoring_elements":"0.42575","published_at":"2026-06-12T12:55:00Z"},{"value":"0.00203","scoring_system":"epss","scoring_elements":"0.42597","published_at":"2026-06-13T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2023-4585"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2236086","reference_id":"2236086","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2236086"},{"reference_url":"https://bugzilla.mozilla.org/buglist.cgi?bug_id=1751583%2C1841082%2C1847904%2C1848999","reference_id":"buglist.cgi?bug_id=1751583%2C1841082%2C1847904%2C1848999","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-09-19T19:08:38Z/"}],"url":"https://bugzilla.mozilla.org/buglist.cgi?bug_id=1751583%2C1841082%2C1847904%2C1848999"},{"reference_url":"https://security.gentoo.org/glsa/202402-25","reference_id":"GLSA-202402-25","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202402-25"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2023-34","reference_id":"mfsa2023-34","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2023-34"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2023-34/","reference_id":"mfsa2023-34","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-09-19T19:08:38Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2023-34/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2023-36","reference_id":"mfsa2023-36","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2023-36"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2023-36/","reference_id":"mfsa2023-36","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-09-19T19:08:38Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2023-36/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2023-38","reference_id":"mfsa2023-38","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2023-38"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2023-38/","reference_id":"mfsa2023-38","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-09-19T19:08:38Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2023-38/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4945","reference_id":"RHSA-2023:4945","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4945"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4946","reference_id":"RHSA-2023:4946","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4946"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4947","reference_id":"RHSA-2023:4947","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4947"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4948","reference_id":"RHSA-2023:4948","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4948"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4949","reference_id":"RHSA-2023:4949","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4949"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4950","reference_id":"RHSA-2023:4950","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4950"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4951","reference_id":"RHSA-2023:4951","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4951"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4952","reference_id":"RHSA-2023:4952","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4952"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4954","reference_id":"RHSA-2023:4954","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4954"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4955","reference_id":"RHSA-2023:4955","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4955"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4956","reference_id":"RHSA-2023:4956","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4956"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4957","reference_id":"RHSA-2023:4957","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4957"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4958","reference_id":"RHSA-2023:4958","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4958"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4959","reference_id":"RHSA-2023:4959","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4959"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:5019","reference_id":"RHSA-2023:5019","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:5019"},{"reference_url":"https://usn.ubuntu.com/6320-1/","reference_id":"USN-6320-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6320-1/"},{"reference_url":"https://usn.ubuntu.com/6405-1/","reference_id":"USN-6405-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6405-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/41799?format=json","purl":"pkg:deb/debian/firefox-esr@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/42184?format=json","purl":"pkg:deb/debian/firefox-esr@115.2.0esr-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@115.2.0esr-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/41784?format=json","purl":"pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/41782?format=json","purl":"pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zj6v-hmj8-syfy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/41786?format=json","purl":"pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zj6v-hmj8-syfy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/41785?format=json","purl":"pkg:deb/debian/firefox-esr@140.11.0esr-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zj6v-hmj8-syfy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.11.0esr-1%3Fdistro=trixie"}],"aliases":["CVE-2023-4585"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-dgw2-jdmf-aqbg"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/22256?format=json","vulnerability_id":"VCID-dtvp-4sje-77aq","summary":"","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-6600.json","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-6600.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-6600","reference_id":"","reference_type":"","scores":[{"value":"0.00151","scoring_system":"epss","scoring_elements":"0.3571","published_at":"2026-06-14T12:55:00Z"},{"value":"0.00151","scoring_system":"epss","scoring_elements":"0.35726","published_at":"2026-06-13T12:55:00Z"},{"value":"0.00151","scoring_system":"epss","scoring_elements":"0.35706","published_at":"2026-06-12T12:55:00Z"},{"value":"0.00151","scoring_system":"epss","scoring_elements":"0.35526","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-6600"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2296635","reference_id":"2296635","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2296635"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-29","reference_id":"mfsa2024-29","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-29"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2024-29/","reference_id":"mfsa2024-29","reference_type":"","scores":[{"value":"6.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-08-22T16:08:57Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2024-29/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-30","reference_id":"mfsa2024-30","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-30"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2024-30/","reference_id":"mfsa2024-30","reference_type":"","scores":[{"value":"6.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-08-22T16:08:57Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2024-30/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-31","reference_id":"mfsa2024-31","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-31"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2024-31/","reference_id":"mfsa2024-31","reference_type":"","scores":[{"value":"6.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-08-22T16:08:57Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2024-31/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-32","reference_id":"mfsa2024-32","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-32"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2024-32/","reference_id":"mfsa2024-32","reference_type":"","scores":[{"value":"6.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-08-22T16:08:57Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2024-32/"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1888340","reference_id":"show_bug.cgi?id=1888340","reference_type":"","scores":[{"value":"6.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-08-22T16:08:57Z/"}],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1888340"},{"reference_url":"https://usn.ubuntu.com/6903-1/","reference_id":"USN-6903-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6903-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/41799?format=json","purl":"pkg:deb/debian/firefox-esr@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/41784?format=json","purl":"pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/41782?format=json","purl":"pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zj6v-hmj8-syfy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/41786?format=json","purl":"pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zj6v-hmj8-syfy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/41785?format=json","purl":"pkg:deb/debian/firefox-esr@140.11.0esr-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zj6v-hmj8-syfy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.11.0esr-1%3Fdistro=trixie"}],"aliases":["CVE-2024-6600"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-dtvp-4sje-77aq"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/1514?format=json","vulnerability_id":"VCID-eahm-z1n9-fqb2","summary":"","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-5266.json","reference_id":"","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-5266.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2016-5266","reference_id":"","reference_type":"","scores":[{"value":"0.00428","scoring_system":"epss","scoring_elements":"0.62982","published_at":"2026-06-14T12:55:00Z"},{"value":"0.00428","scoring_system":"epss","scoring_elements":"0.62872","published_at":"2026-06-11T12:55:00Z"},{"value":"0.00428","scoring_system":"epss","scoring_elements":"0.62974","published_at":"2026-06-12T12:55:00Z"},{"value":"0.00428","scoring_system":"epss","scoring_elements":"0.62986","published_at":"2026-06-13T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2016-5266"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.8","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:P/I:P/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1361995","reference_id":"1361995","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1361995"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5266","reference_id":"CVE-2016-5266","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5266"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2016-81","reference_id":"mfsa2016-81","reference_type":"","scores":[{"value":"none","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2016-81"},{"reference_url":"https://usn.ubuntu.com/3044-1/","reference_id":"USN-3044-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3044-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/41799?format=json","purl":"pkg:deb/debian/firefox-esr@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/41784?format=json","purl":"pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/41782?format=json","purl":"pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zj6v-hmj8-syfy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/41786?format=json","purl":"pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zj6v-hmj8-syfy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/41785?format=json","purl":"pkg:deb/debian/firefox-esr@140.11.0esr-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zj6v-hmj8-syfy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.11.0esr-1%3Fdistro=trixie"}],"aliases":["CVE-2016-5266"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-eahm-z1n9-fqb2"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/212851?format=json","vulnerability_id":"VCID-efpd-eftr-xkgq","summary":"A buffer overflow occurs when drawing and validating elements using Direct 3D 9 with the ANGLE graphics library, used for WebGL content. This is due to an incorrect value being passed within the library during checks and results in a potentially exploitable crash. Note: This attack only affects Windows operating systems. Other operating systems are unaffected. This vulnerability affects Thunderbird < 52.5.2, Firefox ESR < 52.5.2, and Firefox < 57.0.2.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2017-7845","reference_id":"","reference_type":"","scores":[{"value":"0.00763","scoring_system":"epss","scoring_elements":"0.73858","published_at":"2026-06-11T12:55:00Z"},{"value":"0.00763","scoring_system":"epss","scoring_elements":"0.73932","published_at":"2026-06-12T12:55:00Z"},{"value":"0.00763","scoring_system":"epss","scoring_elements":"0.73947","published_at":"2026-06-14T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2017-7845"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2017-28","reference_id":"mfsa2017-28","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2017-28"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2017-29","reference_id":"mfsa2017-29","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2017-29"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2017-30","reference_id":"mfsa2017-30","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2017-30"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/41799?format=json","purl":"pkg:deb/debian/firefox-esr@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/41784?format=json","purl":"pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/41782?format=json","purl":"pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zj6v-hmj8-syfy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/41786?format=json","purl":"pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zj6v-hmj8-syfy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/41785?format=json","purl":"pkg:deb/debian/firefox-esr@140.11.0esr-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zj6v-hmj8-syfy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.11.0esr-1%3Fdistro=trixie"}],"aliases":["CVE-2017-7845"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-efpd-eftr-xkgq"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/122371?format=json","vulnerability_id":"VCID-euqv-uj9v-myd4","summary":"Insufficient escaping in the “Copy as cURL” feature could have been used to trick a user into executing unexpected code on Windows. This did not affect the application when running on other operating systems. This vulnerability was fixed in Firefox 144, Firefox ESR 140.4, Thunderbird 144, and Thunderbird 140.4.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-11713.json","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-11713.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-11713","reference_id":"","reference_type":"","scores":[{"value":"0.00041","scoring_system":"epss","scoring_elements":"0.12832","published_at":"2026-06-11T12:55:00Z"},{"value":"0.00041","scoring_system":"epss","scoring_elements":"0.12918","published_at":"2026-06-14T12:55:00Z"},{"value":"0.00041","scoring_system":"epss","scoring_elements":"0.12938","published_at":"2026-06-13T12:55:00Z"},{"value":"0.00041","scoring_system":"epss","scoring_elements":"0.12927","published_at":"2026-06-12T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-11713"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2403767","reference_id":"2403767","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2403767"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-81","reference_id":"mfsa2025-81","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-81"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2025-81/","reference_id":"mfsa2025-81","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-10-21T03:55:18Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2025-81/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-83","reference_id":"mfsa2025-83","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-83"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2025-83/","reference_id":"mfsa2025-83","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-10-21T03:55:18Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2025-83/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-84","reference_id":"mfsa2025-84","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-84"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2025-84/","reference_id":"mfsa2025-84","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-10-21T03:55:18Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2025-84/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-85","reference_id":"mfsa2025-85","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-85"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2025-85/","reference_id":"mfsa2025-85","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-10-21T03:55:18Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2025-85/"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1986142","reference_id":"show_bug.cgi?id=1986142","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-10-21T03:55:18Z/"}],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1986142"},{"reference_url":"https://usn.ubuntu.com/7991-1/","reference_id":"USN-7991-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7991-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/41799?format=json","purl":"pkg:deb/debian/firefox-esr@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/41784?format=json","purl":"pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/41782?format=json","purl":"pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zj6v-hmj8-syfy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/41786?format=json","purl":"pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zj6v-hmj8-syfy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/41785?format=json","purl":"pkg:deb/debian/firefox-esr@140.11.0esr-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zj6v-hmj8-syfy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.11.0esr-1%3Fdistro=trixie"}],"aliases":["CVE-2025-11713"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-euqv-uj9v-myd4"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/1093?format=json","vulnerability_id":"VCID-ew9s-af72-vbgf","summary":"","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-2809.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-2809.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2016-2809","reference_id":"","reference_type":"","scores":[{"value":"0.00446","scoring_system":"epss","scoring_elements":"0.63904","published_at":"2026-06-11T12:55:00Z"},{"value":"0.00446","scoring_system":"epss","scoring_elements":"0.64006","published_at":"2026-06-12T12:55:00Z"},{"value":"0.00446","scoring_system":"epss","scoring_elements":"0.6402","published_at":"2026-06-13T12:55:00Z"},{"value":"0.00446","scoring_system":"epss","scoring_elements":"0.64018","published_at":"2026-06-14T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2016-2809"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:S/C:N/I:P/A:C"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1330272","reference_id":"1330272","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1330272"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2809","reference_id":"CVE-2016-2809","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2809"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2016-40","reference_id":"mfsa2016-40","reference_type":"","scores":[{"value":"none","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2016-40"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/41799?format=json","purl":"pkg:deb/debian/firefox-esr@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/41784?format=json","purl":"pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/41782?format=json","purl":"pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zj6v-hmj8-syfy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/41786?format=json","purl":"pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zj6v-hmj8-syfy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/41785?format=json","purl":"pkg:deb/debian/firefox-esr@140.11.0esr-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zj6v-hmj8-syfy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.11.0esr-1%3Fdistro=trixie"}],"aliases":["CVE-2016-2809"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-ew9s-af72-vbgf"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/30166?format=json","vulnerability_id":"VCID-ex3t-fz3u-k3dw","summary":"","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-8949","reference_id":"","reference_type":"","scores":[{"value":"0.00062","scoring_system":"epss","scoring_elements":"0.19681","published_at":"2026-06-14T12:55:00Z"},{"value":"0.00062","scoring_system":"epss","scoring_elements":"0.19707","published_at":"2026-06-13T12:55:00Z"},{"value":"0.00062","scoring_system":"epss","scoring_elements":"0.19685","published_at":"2026-06-12T12:55:00Z"},{"value":"0.00062","scoring_system":"epss","scoring_elements":"0.19512","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-8949"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-46","reference_id":"mfsa2026-46","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-46"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-46/","reference_id":"mfsa2026-46","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-05-19T14:05:21Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-46/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-48","reference_id":"mfsa2026-48","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-48"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-48/","reference_id":"mfsa2026-48","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-05-19T14:05:21Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-48/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-50","reference_id":"mfsa2026-50","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-50"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-50/","reference_id":"mfsa2026-50","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-05-19T14:05:21Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-50/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-51","reference_id":"mfsa2026-51","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-51"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-51/","reference_id":"mfsa2026-51","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-05-19T14:05:21Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-51/"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1355639","reference_id":"show_bug.cgi?id=1355639","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-05-19T14:05:21Z/"}],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1355639"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/41799?format=json","purl":"pkg:deb/debian/firefox-esr@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/41784?format=json","purl":"pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/41782?format=json","purl":"pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zj6v-hmj8-syfy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/41786?format=json","purl":"pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zj6v-hmj8-syfy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/41785?format=json","purl":"pkg:deb/debian/firefox-esr@140.11.0esr-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zj6v-hmj8-syfy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.11.0esr-1%3Fdistro=trixie"}],"aliases":["CVE-2026-8949"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-ex3t-fz3u-k3dw"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/9391?format=json","vulnerability_id":"VCID-f797-j2z7-vygg","summary":"","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-29951.json","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-29951.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2021-29951","reference_id":"","reference_type":"","scores":[{"value":"0.00487","scoring_system":"epss","scoring_elements":"0.65982","published_at":"2026-06-12T12:55:00Z"},{"value":"0.00487","scoring_system":"epss","scoring_elements":"0.65992","published_at":"2026-06-14T12:55:00Z"},{"value":"0.00487","scoring_system":"epss","scoring_elements":"0.65886","published_at":"2026-06-11T12:55:00Z"},{"value":"0.00487","scoring_system":"epss","scoring_elements":"0.65996","published_at":"2026-06-13T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2021-29951"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"3.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1961505","reference_id":"1961505","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1961505"},{"reference_url":"https://security.archlinux.org/AVG-1914","reference_id":"AVG-1914","reference_type":"","scores":[{"value":"Medium","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-1914"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2021-10","reference_id":"mfsa2021-10","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2021-10"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2021-18","reference_id":"mfsa2021-18","reference_type":"","scores":[{"value":"none","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2021-18"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2021-19","reference_id":"mfsa2021-19","reference_type":"","scores":[{"value":"none","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2021-19"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/41799?format=json","purl":"pkg:deb/debian/firefox-esr@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/41784?format=json","purl":"pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/41782?format=json","purl":"pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zj6v-hmj8-syfy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/41786?format=json","purl":"pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zj6v-hmj8-syfy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/41785?format=json","purl":"pkg:deb/debian/firefox-esr@140.11.0esr-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zj6v-hmj8-syfy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.11.0esr-1%3Fdistro=trixie"}],"aliases":["CVE-2021-29951"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-f797-j2z7-vygg"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/183556?format=json","vulnerability_id":"VCID-fakd-5xdv-6khm","summary":"Multiple vulnerabilities have been found in Mozilla Firefox and\n    Thunderbird the worst of which could lead to the execution of arbitrary\n    code.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-5279.json","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-5279.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2016-5279","reference_id":"","reference_type":"","scores":[{"value":"0.00375","scoring_system":"epss","scoring_elements":"0.59645","published_at":"2026-06-14T12:55:00Z"},{"value":"0.00375","scoring_system":"epss","scoring_elements":"0.59535","published_at":"2026-06-11T12:55:00Z"},{"value":"0.00375","scoring_system":"epss","scoring_elements":"0.59643","published_at":"2026-06-12T12:55:00Z"},{"value":"0.00375","scoring_system":"epss","scoring_elements":"0.59655","published_at":"2026-06-13T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2016-5279"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1377673","reference_id":"1377673","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1377673"},{"reference_url":"https://security.archlinux.org/ASA-201609-22","reference_id":"ASA-201609-22","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201609-22"},{"reference_url":"https://security.archlinux.org/AVG-24","reference_id":"AVG-24","reference_type":"","scores":[{"value":"Critical","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-24"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2016-85","reference_id":"mfsa2016-85","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2016-85"},{"reference_url":"https://usn.ubuntu.com/3076-1/","reference_id":"USN-3076-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3076-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/41799?format=json","purl":"pkg:deb/debian/firefox-esr@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/41784?format=json","purl":"pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/41782?format=json","purl":"pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zj6v-hmj8-syfy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/41786?format=json","purl":"pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zj6v-hmj8-syfy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/41785?format=json","purl":"pkg:deb/debian/firefox-esr@140.11.0esr-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zj6v-hmj8-syfy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.11.0esr-1%3Fdistro=trixie"}],"aliases":["CVE-2016-5279"],"risk_score":4.5,"exploitability":"0.5","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-fakd-5xdv-6khm"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/1117?format=json","vulnerability_id":"VCID-fas9-7nxh-sqdm","summary":"","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-2835.json","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-2835.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2016-2835","reference_id":"","reference_type":"","scores":[{"value":"0.00583","scoring_system":"epss","scoring_elements":"0.69573","published_at":"2026-06-14T12:55:00Z"},{"value":"0.00583","scoring_system":"epss","scoring_elements":"0.69472","published_at":"2026-06-11T12:55:00Z"},{"value":"0.00583","scoring_system":"epss","scoring_elements":"0.69563","published_at":"2026-06-12T12:55:00Z"},{"value":"0.00583","scoring_system":"epss","scoring_elements":"0.69575","published_at":"2026-06-13T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2016-2835"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.8","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:P/I:P/A:P"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1361975","reference_id":"1361975","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1361975"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2835","reference_id":"CVE-2016-2835","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2835"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2016-62","reference_id":"mfsa2016-62","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2016-62"},{"reference_url":"https://usn.ubuntu.com/3044-1/","reference_id":"USN-3044-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3044-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/41799?format=json","purl":"pkg:deb/debian/firefox-esr@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/41784?format=json","purl":"pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/41782?format=json","purl":"pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zj6v-hmj8-syfy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/41786?format=json","purl":"pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zj6v-hmj8-syfy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/41785?format=json","purl":"pkg:deb/debian/firefox-esr@140.11.0esr-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zj6v-hmj8-syfy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.11.0esr-1%3Fdistro=trixie"}],"aliases":["CVE-2016-2835"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-fas9-7nxh-sqdm"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/1104?format=json","vulnerability_id":"VCID-fkuq-39pg-nyfu","summary":"","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-2820.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-2820.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2016-2820","reference_id":"","reference_type":"","scores":[{"value":"0.00421","scoring_system":"epss","scoring_elements":"0.62419","published_at":"2026-06-11T12:55:00Z"},{"value":"0.00421","scoring_system":"epss","scoring_elements":"0.6252","published_at":"2026-06-12T12:55:00Z"},{"value":"0.00421","scoring_system":"epss","scoring_elements":"0.62532","published_at":"2026-06-13T12:55:00Z"},{"value":"0.00421","scoring_system":"epss","scoring_elements":"0.62527","published_at":"2026-06-14T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2016-2820"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:P/I:N/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1330287","reference_id":"1330287","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1330287"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2820","reference_id":"CVE-2016-2820","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2820"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2016-48","reference_id":"mfsa2016-48","reference_type":"","scores":[{"value":"none","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2016-48"},{"reference_url":"https://usn.ubuntu.com/2936-1/","reference_id":"USN-2936-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/2936-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/41799?format=json","purl":"pkg:deb/debian/firefox-esr@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/41784?format=json","purl":"pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/41782?format=json","purl":"pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zj6v-hmj8-syfy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/41786?format=json","purl":"pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zj6v-hmj8-syfy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/41785?format=json","purl":"pkg:deb/debian/firefox-esr@140.11.0esr-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zj6v-hmj8-syfy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.11.0esr-1%3Fdistro=trixie"}],"aliases":["CVE-2016-2820"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-fkuq-39pg-nyfu"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/173549?format=json","vulnerability_id":"VCID-fv38-hp3r-33c9","summary":"The constructed curl command from the \"Copy as curl\" feature in DevTools was not properly escaped for PowerShell. This could have lead to command injection if pasted into a Powershell prompt.<br>*This bug only affects Thunderbird for Windows. Other operating systems are unaffected.*. This vulnerability affects Firefox ESR < 91.5, Firefox < 96, and Thunderbird < 91.5.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-22744.json","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-22744.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-22744","reference_id":"","reference_type":"","scores":[{"value":"0.00557","scoring_system":"epss","scoring_elements":"0.68731","published_at":"2026-06-14T12:55:00Z"},{"value":"0.00557","scoring_system":"epss","scoring_elements":"0.68631","published_at":"2026-06-11T12:55:00Z"},{"value":"0.00557","scoring_system":"epss","scoring_elements":"0.68723","published_at":"2026-06-12T12:55:00Z"},{"value":"0.00557","scoring_system":"epss","scoring_elements":"0.68737","published_at":"2026-06-13T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-22744"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2039571","reference_id":"2039571","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2039571"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2022-01","reference_id":"mfsa2022-01","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2022-01"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2022-01/","reference_id":"mfsa2022-01","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-16T15:10:40Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2022-01/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2022-02","reference_id":"mfsa2022-02","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2022-02"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2022-02/","reference_id":"mfsa2022-02","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-16T15:10:40Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2022-02/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2022-03","reference_id":"mfsa2022-03","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2022-03"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2022-03/","reference_id":"mfsa2022-03","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-16T15:10:40Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2022-03/"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1737252","reference_id":"show_bug.cgi?id=1737252","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-16T15:10:40Z/"}],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1737252"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/41799?format=json","purl":"pkg:deb/debian/firefox-esr@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/41784?format=json","purl":"pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/41782?format=json","purl":"pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zj6v-hmj8-syfy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/41786?format=json","purl":"pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zj6v-hmj8-syfy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/41785?format=json","purl":"pkg:deb/debian/firefox-esr@140.11.0esr-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zj6v-hmj8-syfy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.11.0esr-1%3Fdistro=trixie"}],"aliases":["CVE-2022-22744"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-fv38-hp3r-33c9"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/183549?format=json","vulnerability_id":"VCID-fvcc-gkw1-ffg4","summary":"Multiple vulnerabilities have been found in Mozilla Firefox and\n    Thunderbird the worst of which could lead to the execution of arbitrary\n    code.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2016-5253","reference_id":"","reference_type":"","scores":[{"value":"0.00058","scoring_system":"epss","scoring_elements":"0.18523","published_at":"2026-06-11T12:55:00Z"},{"value":"0.00058","scoring_system":"epss","scoring_elements":"0.18686","published_at":"2026-06-12T12:55:00Z"},{"value":"0.00058","scoring_system":"epss","scoring_elements":"0.18703","published_at":"2026-06-13T12:55:00Z"},{"value":"0.00058","scoring_system":"epss","scoring_elements":"0.1868","published_at":"2026-06-14T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2016-5253"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5253","reference_id":"CVE-2016-5253","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5253"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2016-69","reference_id":"mfsa2016-69","reference_type":"","scores":[{"value":"none","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2016-69"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/41799?format=json","purl":"pkg:deb/debian/firefox-esr@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/41784?format=json","purl":"pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/41782?format=json","purl":"pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zj6v-hmj8-syfy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/41786?format=json","purl":"pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zj6v-hmj8-syfy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/41785?format=json","purl":"pkg:deb/debian/firefox-esr@140.11.0esr-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zj6v-hmj8-syfy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.11.0esr-1%3Fdistro=trixie"}],"aliases":["CVE-2016-5253"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-fvcc-gkw1-ffg4"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/196996?format=json","vulnerability_id":"VCID-fw7b-ynyy-h3hf","summary":"multiple issues","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2017-5382","reference_id":"","reference_type":"","scores":[{"value":"0.00957","scoring_system":"epss","scoring_elements":"0.76882","published_at":"2026-06-11T12:55:00Z"},{"value":"0.00957","scoring_system":"epss","scoring_elements":"0.76952","published_at":"2026-06-12T12:55:00Z"},{"value":"0.00957","scoring_system":"epss","scoring_elements":"0.76967","published_at":"2026-06-13T12:55:00Z"},{"value":"0.00957","scoring_system":"epss","scoring_elements":"0.7696","published_at":"2026-06-14T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2017-5382"},{"reference_url":"https://security.archlinux.org/ASA-201701-39","reference_id":"ASA-201701-39","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201701-39"},{"reference_url":"https://security.archlinux.org/AVG-157","reference_id":"AVG-157","reference_type":"","scores":[{"value":"Critical","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-157"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2017-01","reference_id":"mfsa2017-01","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2017-01"},{"reference_url":"https://usn.ubuntu.com/3175-1/","reference_id":"USN-3175-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3175-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/41799?format=json","purl":"pkg:deb/debian/firefox-esr@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/41784?format=json","purl":"pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/41782?format=json","purl":"pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zj6v-hmj8-syfy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/41786?format=json","purl":"pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zj6v-hmj8-syfy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/41785?format=json","purl":"pkg:deb/debian/firefox-esr@140.11.0esr-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zj6v-hmj8-syfy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.11.0esr-1%3Fdistro=trixie"}],"aliases":["CVE-2017-5382"],"risk_score":4.5,"exploitability":"0.5","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-fw7b-ynyy-h3hf"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/183559?format=json","vulnerability_id":"VCID-fzph-s5ph-9fgh","summary":"Multiple vulnerabilities have been found in Mozilla Firefox and\n    Thunderbird the worst of which could lead to the execution of arbitrary\n    code.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2016-5293","reference_id":"","reference_type":"","scores":[{"value":"0.00071","scoring_system":"epss","scoring_elements":"0.21929","published_at":"2026-06-11T12:55:00Z"},{"value":"0.00071","scoring_system":"epss","scoring_elements":"0.22118","published_at":"2026-06-12T12:55:00Z"},{"value":"0.00071","scoring_system":"epss","scoring_elements":"0.22129","published_at":"2026-06-13T12:55:00Z"},{"value":"0.00071","scoring_system":"epss","scoring_elements":"0.22104","published_at":"2026-06-14T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2016-5293"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2016-89","reference_id":"mfsa2016-89","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2016-89"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2016-90","reference_id":"mfsa2016-90","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2016-90"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/41799?format=json","purl":"pkg:deb/debian/firefox-esr@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/41784?format=json","purl":"pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/41782?format=json","purl":"pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zj6v-hmj8-syfy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/41786?format=json","purl":"pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zj6v-hmj8-syfy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/41785?format=json","purl":"pkg:deb/debian/firefox-esr@140.11.0esr-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zj6v-hmj8-syfy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.11.0esr-1%3Fdistro=trixie"}],"aliases":["CVE-2016-5293"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-fzph-s5ph-9fgh"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/212804?format=json","vulnerability_id":"VCID-g29f-ym68-yyby","summary":"Mozilla Firefox through 1.5.0.3 has a vulnerability in processing the content-length header","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2011-2668","reference_id":"","reference_type":"","scores":[{"value":"0.00397","scoring_system":"epss","scoring_elements":"0.60932","published_at":"2026-06-11T12:55:00Z"},{"value":"0.00397","scoring_system":"epss","scoring_elements":"0.61038","published_at":"2026-06-12T12:55:00Z"},{"value":"0.00397","scoring_system":"epss","scoring_elements":"0.61047","published_at":"2026-06-13T12:55:00Z"},{"value":"0.00397","scoring_system":"epss","scoring_elements":"0.61045","published_at":"2026-06-14T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2011-2668"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/41799?format=json","purl":"pkg:deb/debian/firefox-esr@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/41784?format=json","purl":"pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/41782?format=json","purl":"pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zj6v-hmj8-syfy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/41786?format=json","purl":"pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zj6v-hmj8-syfy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/41785?format=json","purl":"pkg:deb/debian/firefox-esr@140.11.0esr-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zj6v-hmj8-syfy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.11.0esr-1%3Fdistro=trixie"}],"aliases":["CVE-2011-2668"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-g29f-ym68-yyby"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/213283?format=json","vulnerability_id":"VCID-gvdh-dc21-fbcd","summary":"Mozilla community member Philipp reported a memory safety bug present in Firefox 68 when 360 Total Security was installed. This bug showed evidence of memory corruption in the accessibility engine and we presume that with enough effort that it could be exploited to run arbitrary code. This vulnerability affects Firefox < 69, Thunderbird < 68.2, and Firefox ESR < 68.2.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-11758.json","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-11758.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2019-11758","reference_id":"","reference_type":"","scores":[{"value":"0.00812","scoring_system":"epss","scoring_elements":"0.74689","published_at":"2026-06-11T12:55:00Z"},{"value":"0.00812","scoring_system":"epss","scoring_elements":"0.74759","published_at":"2026-06-12T12:55:00Z"},{"value":"0.00812","scoring_system":"epss","scoring_elements":"0.74772","published_at":"2026-06-13T12:55:00Z"},{"value":"0.00812","scoring_system":"epss","scoring_elements":"0.74769","published_at":"2026-06-14T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2019-11758"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1764439","reference_id":"1764439","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1764439"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2019-25","reference_id":"mfsa2019-25","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2019-25"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2019-33","reference_id":"mfsa2019-33","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2019-33"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2019-35","reference_id":"mfsa2019-35","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2019-35"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:3193","reference_id":"RHSA-2019:3193","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2019:3193"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:3196","reference_id":"RHSA-2019:3196","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2019:3196"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:3210","reference_id":"RHSA-2019:3210","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2019:3210"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:3237","reference_id":"RHSA-2019:3237","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2019:3237"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:3281","reference_id":"RHSA-2019:3281","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2019:3281"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:3756","reference_id":"RHSA-2019:3756","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2019:3756"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/41799?format=json","purl":"pkg:deb/debian/firefox-esr@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/41784?format=json","purl":"pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/41782?format=json","purl":"pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zj6v-hmj8-syfy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/41786?format=json","purl":"pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zj6v-hmj8-syfy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/41785?format=json","purl":"pkg:deb/debian/firefox-esr@140.11.0esr-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zj6v-hmj8-syfy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.11.0esr-1%3Fdistro=trixie"}],"aliases":["CVE-2019-11758"],"risk_score":4.5,"exploitability":"0.5","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-gvdh-dc21-fbcd"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/12303?format=json","vulnerability_id":"VCID-h6bb-zetn-7qha","summary":"","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-38477.json","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-38477.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-38477","reference_id":"","reference_type":"","scores":[{"value":"0.00199","scoring_system":"epss","scoring_elements":"0.42108","published_at":"2026-06-14T12:55:00Z"},{"value":"0.00199","scoring_system":"epss","scoring_elements":"0.42117","published_at":"2026-06-13T12:55:00Z"},{"value":"0.00199","scoring_system":"epss","scoring_elements":"0.42096","published_at":"2026-06-12T12:55:00Z"},{"value":"0.00199","scoring_system":"epss","scoring_elements":"0.41933","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-38477"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2120695","reference_id":"2120695","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2120695"},{"reference_url":"https://bugzilla.mozilla.org/buglist.cgi?bug_id=1760611%2C1770219%2C1771159%2C1773363","reference_id":"buglist.cgi?bug_id=1760611%2C1770219%2C1771159%2C1773363","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-15T17:21:30Z/"}],"url":"https://bugzilla.mozilla.org/buglist.cgi?bug_id=1760611%2C1770219%2C1771159%2C1773363"},{"reference_url":"https://security.gentoo.org/glsa/202208-37","reference_id":"GLSA-202208-37","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202208-37"},{"reference_url":"https://security.gentoo.org/glsa/202208-38","reference_id":"GLSA-202208-38","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202208-38"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2022-33","reference_id":"mfsa2022-33","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2022-33"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2022-33/","reference_id":"mfsa2022-33","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-15T17:21:30Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2022-33/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2022-34","reference_id":"mfsa2022-34","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2022-34"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2022-34/","reference_id":"mfsa2022-34","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-15T17:21:30Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2022-34/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2022-36","reference_id":"mfsa2022-36","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2022-36"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2022-36/","reference_id":"mfsa2022-36","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-15T17:21:30Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2022-36/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:6164","reference_id":"RHSA-2022:6164","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:6164"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:6165","reference_id":"RHSA-2022:6165","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:6165"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:6166","reference_id":"RHSA-2022:6166","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:6166"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:6167","reference_id":"RHSA-2022:6167","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:6167"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:6168","reference_id":"RHSA-2022:6168","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:6168"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:6169","reference_id":"RHSA-2022:6169","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:6169"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:6174","reference_id":"RHSA-2022:6174","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:6174"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:6175","reference_id":"RHSA-2022:6175","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:6175"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:6176","reference_id":"RHSA-2022:6176","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:6176"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:6177","reference_id":"RHSA-2022:6177","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:6177"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:6178","reference_id":"RHSA-2022:6178","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:6178"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:6179","reference_id":"RHSA-2022:6179","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:6179"},{"reference_url":"https://usn.ubuntu.com/5581-1/","reference_id":"USN-5581-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5581-1/"},{"reference_url":"https://usn.ubuntu.com/5663-1/","reference_id":"USN-5663-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5663-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/41799?format=json","purl":"pkg:deb/debian/firefox-esr@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/42157?format=json","purl":"pkg:deb/debian/firefox-esr@102.2.0esr-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@102.2.0esr-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/41784?format=json","purl":"pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/41782?format=json","purl":"pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zj6v-hmj8-syfy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/41786?format=json","purl":"pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zj6v-hmj8-syfy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/41785?format=json","purl":"pkg:deb/debian/firefox-esr@140.11.0esr-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zj6v-hmj8-syfy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.11.0esr-1%3Fdistro=trixie"}],"aliases":["CVE-2022-38477"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-h6bb-zetn-7qha"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/23422?format=json","vulnerability_id":"VCID-hdwa-pyqr-yfg7","summary":"","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-2817.json","reference_id":"","reference_type":"","scores":[{"value":"8.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-2817.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-2817","reference_id":"","reference_type":"","scores":[{"value":"0.00116","scoring_system":"epss","scoring_elements":"0.30136","published_at":"2026-06-14T12:55:00Z"},{"value":"0.00116","scoring_system":"epss","scoring_elements":"0.30154","published_at":"2026-06-13T12:55:00Z"},{"value":"0.00116","scoring_system":"epss","scoring_elements":"0.30137","published_at":"2026-06-12T12:55:00Z"},{"value":"0.00116","scoring_system":"epss","scoring_elements":"0.29941","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-2817"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2362902","reference_id":"2362902","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2362902"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-28","reference_id":"mfsa2025-28","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-28"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2025-28/","reference_id":"mfsa2025-28","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-30T03:56:27Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2025-28/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-29","reference_id":"mfsa2025-29","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-29"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2025-29/","reference_id":"mfsa2025-29","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-30T03:56:27Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2025-29/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-30","reference_id":"mfsa2025-30","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-30"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2025-30/","reference_id":"mfsa2025-30","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-30T03:56:27Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2025-30/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-31","reference_id":"mfsa2025-31","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-31"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2025-31/","reference_id":"mfsa2025-31","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-30T03:56:27Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2025-31/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-32","reference_id":"mfsa2025-32","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-32"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2025-32/","reference_id":"mfsa2025-32","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-30T03:56:27Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2025-32/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:4443","reference_id":"RHSA-2025:4443","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:4443"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:4458","reference_id":"RHSA-2025:4458","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:4458"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:4460","reference_id":"RHSA-2025:4460","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:4460"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:4751","reference_id":"RHSA-2025:4751","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:4751"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:4752","reference_id":"RHSA-2025:4752","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:4752"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:4753","reference_id":"RHSA-2025:4753","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:4753"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:4756","reference_id":"RHSA-2025:4756","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:4756"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:4797","reference_id":"RHSA-2025:4797","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:4797"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:7428","reference_id":"RHSA-2025:7428","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:7428"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:7506","reference_id":"RHSA-2025:7506","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:7506"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:7507","reference_id":"RHSA-2025:7507","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:7507"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:7543","reference_id":"RHSA-2025:7543","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:7543"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:7544","reference_id":"RHSA-2025:7544","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:7544"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:7545","reference_id":"RHSA-2025:7545","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:7545"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:7547","reference_id":"RHSA-2025:7547","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:7547"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:7689","reference_id":"RHSA-2025:7689","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:7689"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:7690","reference_id":"RHSA-2025:7690","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:7690"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:7691","reference_id":"RHSA-2025:7691","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:7691"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:7692","reference_id":"RHSA-2025:7692","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:7692"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:7693","reference_id":"RHSA-2025:7693","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:7693"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:7694","reference_id":"RHSA-2025:7694","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:7694"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:7695","reference_id":"RHSA-2025:7695","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:7695"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1917536","reference_id":"show_bug.cgi?id=1917536","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-30T03:56:27Z/"}],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1917536"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/41799?format=json","purl":"pkg:deb/debian/firefox-esr@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/41784?format=json","purl":"pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/41782?format=json","purl":"pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zj6v-hmj8-syfy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/41786?format=json","purl":"pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zj6v-hmj8-syfy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/41785?format=json","purl":"pkg:deb/debian/firefox-esr@140.11.0esr-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zj6v-hmj8-syfy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.11.0esr-1%3Fdistro=trixie"}],"aliases":["CVE-2025-2817"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-hdwa-pyqr-yfg7"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/129415?format=json","vulnerability_id":"VCID-hf1g-dar6-jya3","summary":"Members of the <code>DEVMODEW</code> struct set by the printer device driver weren't being validated and could have resulted in invalid values which in turn would cause the browser to attempt out of bounds access to related variables.<br>*This bug only affects Firefox on Windows. Other operating systems are unaffected.*. This vulnerability affects Firefox < 110, Thunderbird < 102.8, and Firefox ESR < 102.8.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-25738.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-25738.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2023-25738","reference_id":"","reference_type":"","scores":[{"value":"0.00389","scoring_system":"epss","scoring_elements":"0.60531","published_at":"2026-06-14T12:55:00Z"},{"value":"0.00389","scoring_system":"epss","scoring_elements":"0.60421","published_at":"2026-06-11T12:55:00Z"},{"value":"0.00389","scoring_system":"epss","scoring_elements":"0.60528","published_at":"2026-06-12T12:55:00Z"},{"value":"0.00389","scoring_system":"epss","scoring_elements":"0.60539","published_at":"2026-06-13T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2023-25738"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2170380","reference_id":"2170380","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2170380"},{"reference_url":"https://security.gentoo.org/glsa/202305-35","reference_id":"GLSA-202305-35","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202305-35"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2023-05","reference_id":"mfsa2023-05","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2023-05"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2023-05/","reference_id":"mfsa2023-05","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-09T20:08:20Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2023-05/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2023-06","reference_id":"mfsa2023-06","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2023-06"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2023-06/","reference_id":"mfsa2023-06","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-09T20:08:20Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2023-06/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2023-07","reference_id":"mfsa2023-07","reference_type":"","scores":[{"value":"low","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2023-07"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2023-07/","reference_id":"mfsa2023-07","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-09T20:08:20Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2023-07/"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1811852","reference_id":"show_bug.cgi?id=1811852","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-09T20:08:20Z/"}],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1811852"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/41799?format=json","purl":"pkg:deb/debian/firefox-esr@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/41784?format=json","purl":"pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/41782?format=json","purl":"pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zj6v-hmj8-syfy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/41786?format=json","purl":"pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zj6v-hmj8-syfy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/41785?format=json","purl":"pkg:deb/debian/firefox-esr@140.11.0esr-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zj6v-hmj8-syfy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.11.0esr-1%3Fdistro=trixie"}],"aliases":["CVE-2023-25738"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-hf1g-dar6-jya3"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/2034?format=json","vulnerability_id":"VCID-hmte-nu6a-bffg","summary":"","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-9070.json","reference_id":"","reference_type":"","scores":[{"value":"8.0","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-9070.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2016-9070","reference_id":"","reference_type":"","scores":[{"value":"0.00688","scoring_system":"epss","scoring_elements":"0.72312","published_at":"2026-06-12T12:55:00Z"},{"value":"0.00688","scoring_system":"epss","scoring_elements":"0.72319","published_at":"2026-06-14T12:55:00Z"},{"value":"0.00688","scoring_system":"epss","scoring_elements":"0.72229","published_at":"2026-06-11T12:55:00Z"},{"value":"0.00688","scoring_system":"epss","scoring_elements":"0.72325","published_at":"2026-06-13T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2016-9070"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"4","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:H/Au:N/C:P/I:P/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1396549","reference_id":"1396549","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1396549"},{"reference_url":"https://security.archlinux.org/ASA-201611-16","reference_id":"ASA-201611-16","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201611-16"},{"reference_url":"https://security.archlinux.org/AVG-72","reference_id":"AVG-72","reference_type":"","scores":[{"value":"Critical","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-72"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2016-89","reference_id":"mfsa2016-89","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2016-89"},{"reference_url":"https://usn.ubuntu.com/3124-1/","reference_id":"USN-3124-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3124-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/41799?format=json","purl":"pkg:deb/debian/firefox-esr@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/41784?format=json","purl":"pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/41782?format=json","purl":"pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zj6v-hmj8-syfy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/41786?format=json","purl":"pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zj6v-hmj8-syfy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/41785?format=json","purl":"pkg:deb/debian/firefox-esr@140.11.0esr-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zj6v-hmj8-syfy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.11.0esr-1%3Fdistro=trixie"}],"aliases":["CVE-2016-9070"],"risk_score":4.5,"exploitability":"0.5","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-hmte-nu6a-bffg"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/22672?format=json","vulnerability_id":"VCID-hqyw-9adf-t3cq","summary":"","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-1930.json","reference_id":"","reference_type":"","scores":[{"value":"8.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:L/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-1930.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-1930","reference_id":"","reference_type":"","scores":[{"value":"0.00342","scoring_system":"epss","scoring_elements":"0.57375","published_at":"2026-06-14T12:55:00Z"},{"value":"0.00342","scoring_system":"epss","scoring_elements":"0.57383","published_at":"2026-06-13T12:55:00Z"},{"value":"0.00342","scoring_system":"epss","scoring_elements":"0.57369","published_at":"2026-06-12T12:55:00Z"},{"value":"0.00342","scoring_system":"epss","scoring_elements":"0.5725","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-1930"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"8.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:L/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2349787","reference_id":"2349787","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2349787"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-14","reference_id":"mfsa2025-14","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-14"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2025-14/","reference_id":"mfsa2025-14","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-03-05T16:42:08Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2025-14/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-15","reference_id":"mfsa2025-15","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-15"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2025-15/","reference_id":"mfsa2025-15","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-03-05T16:42:08Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2025-15/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-16","reference_id":"mfsa2025-16","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-16"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2025-16/","reference_id":"mfsa2025-16","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-03-05T16:42:08Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2025-16/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-17","reference_id":"mfsa2025-17","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-17"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2025-17/","reference_id":"mfsa2025-17","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-03-05T16:42:08Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2025-17/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-18","reference_id":"mfsa2025-18","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-18"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2025-18/","reference_id":"mfsa2025-18","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-03-05T16:42:08Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2025-18/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:2359","reference_id":"RHSA-2025:2359","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:2359"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:2452","reference_id":"RHSA-2025:2452","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:2452"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:2479","reference_id":"RHSA-2025:2479","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:2479"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:2480","reference_id":"RHSA-2025:2480","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:2480"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:2481","reference_id":"RHSA-2025:2481","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:2481"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:2484","reference_id":"RHSA-2025:2484","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:2484"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:2485","reference_id":"RHSA-2025:2485","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:2485"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:2486","reference_id":"RHSA-2025:2486","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:2486"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:2699","reference_id":"RHSA-2025:2699","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:2699"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:2708","reference_id":"RHSA-2025:2708","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:2708"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1902309","reference_id":"show_bug.cgi?id=1902309","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-03-05T16:42:08Z/"}],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1902309"},{"reference_url":"https://usn.ubuntu.com/7663-1/","reference_id":"USN-7663-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7663-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/41799?format=json","purl":"pkg:deb/debian/firefox-esr@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/41784?format=json","purl":"pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/41782?format=json","purl":"pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zj6v-hmj8-syfy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/41786?format=json","purl":"pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zj6v-hmj8-syfy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/41785?format=json","purl":"pkg:deb/debian/firefox-esr@140.11.0esr-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zj6v-hmj8-syfy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.11.0esr-1%3Fdistro=trixie"}],"aliases":["CVE-2025-1930"],"risk_score":4.5,"exploitability":"0.5","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-hqyw-9adf-t3cq"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/2039?format=json","vulnerability_id":"VCID-hrda-g2rz-kbcu","summary":"","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-9076.json","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-9076.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2016-9076","reference_id":"","reference_type":"","scores":[{"value":"0.00528","scoring_system":"epss","scoring_elements":"0.67659","published_at":"2026-06-12T12:55:00Z"},{"value":"0.00528","scoring_system":"epss","scoring_elements":"0.67669","published_at":"2026-06-14T12:55:00Z"},{"value":"0.00528","scoring_system":"epss","scoring_elements":"0.67569","published_at":"2026-06-11T12:55:00Z"},{"value":"0.00528","scoring_system":"epss","scoring_elements":"0.67672","published_at":"2026-06-13T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2016-9076"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.8","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:P/I:P/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1396537","reference_id":"1396537","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1396537"},{"reference_url":"https://security.archlinux.org/ASA-201611-16","reference_id":"ASA-201611-16","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201611-16"},{"reference_url":"https://security.archlinux.org/AVG-72","reference_id":"AVG-72","reference_type":"","scores":[{"value":"Critical","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-72"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2016-89","reference_id":"mfsa2016-89","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2016-89"},{"reference_url":"https://usn.ubuntu.com/3124-1/","reference_id":"USN-3124-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3124-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/41799?format=json","purl":"pkg:deb/debian/firefox-esr@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/41784?format=json","purl":"pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/41782?format=json","purl":"pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zj6v-hmj8-syfy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/41786?format=json","purl":"pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zj6v-hmj8-syfy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/41785?format=json","purl":"pkg:deb/debian/firefox-esr@140.11.0esr-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zj6v-hmj8-syfy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.11.0esr-1%3Fdistro=trixie"}],"aliases":["CVE-2016-9076"],"risk_score":4.5,"exploitability":"0.5","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-hrda-g2rz-kbcu"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/196997?format=json","vulnerability_id":"VCID-hwrp-yjtx-23d4","summary":"multiple issues","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2017-5381","reference_id":"","reference_type":"","scores":[{"value":"0.01264","scoring_system":"epss","scoring_elements":"0.79852","published_at":"2026-06-11T12:55:00Z"},{"value":"0.01264","scoring_system":"epss","scoring_elements":"0.79916","published_at":"2026-06-12T12:55:00Z"},{"value":"0.01264","scoring_system":"epss","scoring_elements":"0.79934","published_at":"2026-06-13T12:55:00Z"},{"value":"0.01264","scoring_system":"epss","scoring_elements":"0.79926","published_at":"2026-06-14T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2017-5381"},{"reference_url":"https://security.archlinux.org/ASA-201701-39","reference_id":"ASA-201701-39","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201701-39"},{"reference_url":"https://security.archlinux.org/AVG-157","reference_id":"AVG-157","reference_type":"","scores":[{"value":"Critical","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-157"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2017-01","reference_id":"mfsa2017-01","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2017-01"},{"reference_url":"https://usn.ubuntu.com/3175-1/","reference_id":"USN-3175-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3175-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/41799?format=json","purl":"pkg:deb/debian/firefox-esr@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/41784?format=json","purl":"pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/41782?format=json","purl":"pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zj6v-hmj8-syfy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/41786?format=json","purl":"pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zj6v-hmj8-syfy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/41785?format=json","purl":"pkg:deb/debian/firefox-esr@140.11.0esr-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zj6v-hmj8-syfy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.11.0esr-1%3Fdistro=trixie"}],"aliases":["CVE-2017-5381"],"risk_score":4.5,"exploitability":"0.5","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-hwrp-yjtx-23d4"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/173644?format=json","vulnerability_id":"VCID-j1xm-2sbn-sudh","summary":"A race condition could have allowed bypassing the fullscreen notification which could have lead to a fullscreen window spoof being unnoticed.<br>*This bug only affects Firefox for Windows. Other operating systems are unaffected.*. This vulnerability affects Firefox ESR < 91.5, Firefox < 96, and Thunderbird < 91.5.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-22746.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-22746.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-22746","reference_id":"","reference_type":"","scores":[{"value":"0.00135","scoring_system":"epss","scoring_elements":"0.33312","published_at":"2026-06-14T12:55:00Z"},{"value":"0.00135","scoring_system":"epss","scoring_elements":"0.33136","published_at":"2026-06-11T12:55:00Z"},{"value":"0.00135","scoring_system":"epss","scoring_elements":"0.33318","published_at":"2026-06-12T12:55:00Z"},{"value":"0.00135","scoring_system":"epss","scoring_elements":"0.33337","published_at":"2026-06-13T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-22746"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2039560","reference_id":"2039560","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2039560"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2022-01","reference_id":"mfsa2022-01","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2022-01"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2022-01/","reference_id":"mfsa2022-01","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-16T14:59:19Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2022-01/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2022-02","reference_id":"mfsa2022-02","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2022-02"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2022-02/","reference_id":"mfsa2022-02","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-16T14:59:19Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2022-02/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2022-03","reference_id":"mfsa2022-03","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2022-03"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2022-03/","reference_id":"mfsa2022-03","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-16T14:59:19Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2022-03/"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1735071","reference_id":"show_bug.cgi?id=1735071","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-16T14:59:19Z/"}],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1735071"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/41799?format=json","purl":"pkg:deb/debian/firefox-esr@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/41784?format=json","purl":"pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/41782?format=json","purl":"pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zj6v-hmj8-syfy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/41786?format=json","purl":"pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zj6v-hmj8-syfy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/41785?format=json","purl":"pkg:deb/debian/firefox-esr@140.11.0esr-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zj6v-hmj8-syfy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.11.0esr-1%3Fdistro=trixie"}],"aliases":["CVE-2022-22746"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-j1xm-2sbn-sudh"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/139975?format=json","vulnerability_id":"VCID-jcek-pgfg-g3b2","summary":"The Firefox updater created a directory writable by non-privileged users. When uninstalling Firefox, any files in that directory would be recursively deleted with the permissions of the uninstalling user account. This could be combined with creation of a junction (a form of symbolic link) to allow arbitrary file deletion controlled by the non-privileged user. \n*This bug only affects Firefox on Windows. Other operating systems are unaffected.* This vulnerability affects Firefox < 116, Firefox ESR < 115.1, and Thunderbird < 115.1.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-4052.json","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-4052.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2023-4052","reference_id":"","reference_type":"","scores":[{"value":"0.00191","scoring_system":"epss","scoring_elements":"0.41017","published_at":"2026-06-14T12:55:00Z"},{"value":"0.00191","scoring_system":"epss","scoring_elements":"0.4103","published_at":"2026-06-13T12:55:00Z"},{"value":"0.00191","scoring_system":"epss","scoring_elements":"0.41008","published_at":"2026-06-12T12:55:00Z"},{"value":"0.00191","scoring_system":"epss","scoring_elements":"0.40841","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2023-4052"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2228369","reference_id":"2228369","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2228369"},{"reference_url":"https://security.gentoo.org/glsa/202402-25","reference_id":"GLSA-202402-25","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202402-25"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2023-29","reference_id":"mfsa2023-29","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2023-29"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2023-29/","reference_id":"mfsa2023-29","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-22T14:38:55Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2023-29/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2023-31","reference_id":"mfsa2023-31","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2023-31"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2023-31/","reference_id":"mfsa2023-31","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-22T14:38:55Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2023-31/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2023-33","reference_id":"mfsa2023-33","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2023-33"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2023-33/","reference_id":"mfsa2023-33","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-22T14:38:55Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2023-33/"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1824420","reference_id":"show_bug.cgi?id=1824420","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-22T14:38:55Z/"}],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1824420"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/41799?format=json","purl":"pkg:deb/debian/firefox-esr@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/41784?format=json","purl":"pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/41782?format=json","purl":"pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zj6v-hmj8-syfy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/41786?format=json","purl":"pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zj6v-hmj8-syfy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/41785?format=json","purl":"pkg:deb/debian/firefox-esr@140.11.0esr-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zj6v-hmj8-syfy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.11.0esr-1%3Fdistro=trixie"}],"aliases":["CVE-2023-4052"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-jcek-pgfg-g3b2"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/1111?format=json","vulnerability_id":"VCID-jh3p-5484-x7f6","summary":"","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-2829.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-2829.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2016-2829","reference_id":"","reference_type":"","scores":[{"value":"0.00483","scoring_system":"epss","scoring_elements":"0.65637","published_at":"2026-06-11T12:55:00Z"},{"value":"0.00483","scoring_system":"epss","scoring_elements":"0.65735","published_at":"2026-06-12T12:55:00Z"},{"value":"0.00483","scoring_system":"epss","scoring_elements":"0.65746","published_at":"2026-06-13T12:55:00Z"},{"value":"0.00483","scoring_system":"epss","scoring_elements":"0.65742","published_at":"2026-06-14T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2016-2829"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:P/I:N/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1342896","reference_id":"1342896","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1342896"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2829","reference_id":"CVE-2016-2829","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2829"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2016-57","reference_id":"mfsa2016-57","reference_type":"","scores":[{"value":"low","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2016-57"},{"reference_url":"https://usn.ubuntu.com/2993-1/","reference_id":"USN-2993-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/2993-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/41799?format=json","purl":"pkg:deb/debian/firefox-esr@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/41784?format=json","purl":"pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/41782?format=json","purl":"pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zj6v-hmj8-syfy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/41786?format=json","purl":"pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zj6v-hmj8-syfy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/41785?format=json","purl":"pkg:deb/debian/firefox-esr@140.11.0esr-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zj6v-hmj8-syfy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.11.0esr-1%3Fdistro=trixie"}],"aliases":["CVE-2016-2829"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-jh3p-5484-x7f6"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/212825?format=json","vulnerability_id":"VCID-js3c-u28q-5fe9","summary":"The Firefox installer on Windows can be made to load malicious DLL files stored in the same directory as the installer when it is run. This allows privileged execution if the installer is run with elevated privileges. Note: This attack only affects Windows operating systems. Other operating systems are unaffected. This vulnerability affects Firefox < 54, Firefox ESR < 52.2, and Thunderbird < 52.2.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2017-7755","reference_id":"","reference_type":"","scores":[{"value":"0.00765","scoring_system":"epss","scoring_elements":"0.73886","published_at":"2026-06-11T12:55:00Z"},{"value":"0.00765","scoring_system":"epss","scoring_elements":"0.7396","published_at":"2026-06-12T12:55:00Z"},{"value":"0.00765","scoring_system":"epss","scoring_elements":"0.73975","published_at":"2026-06-14T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2017-7755"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2017-15","reference_id":"mfsa2017-15","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2017-15"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2017-16","reference_id":"mfsa2017-16","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2017-16"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2017-17","reference_id":"mfsa2017-17","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2017-17"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/41799?format=json","purl":"pkg:deb/debian/firefox-esr@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/41784?format=json","purl":"pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/41782?format=json","purl":"pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zj6v-hmj8-syfy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/41786?format=json","purl":"pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zj6v-hmj8-syfy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/41785?format=json","purl":"pkg:deb/debian/firefox-esr@140.11.0esr-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zj6v-hmj8-syfy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.11.0esr-1%3Fdistro=trixie"}],"aliases":["CVE-2017-7755"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-js3c-u28q-5fe9"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/212830?format=json","vulnerability_id":"VCID-juvv-bxfh-hygj","summary":"Default fonts on OS X display some Tibetan characters as whitespace. When used in the addressbar as part of an IDN this can be used for domain name spoofing attacks. Note: This attack only affects OS X operating systems. Other operating systems are unaffected. This vulnerability affects Firefox < 54, Firefox ESR < 52.2, and Thunderbird < 52.2.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2017-7763","reference_id":"","reference_type":"","scores":[{"value":"0.00509","scoring_system":"epss","scoring_elements":"0.66896","published_at":"2026-06-12T12:55:00Z"},{"value":"0.00509","scoring_system":"epss","scoring_elements":"0.66911","published_at":"2026-06-14T12:55:00Z"},{"value":"0.00509","scoring_system":"epss","scoring_elements":"0.6691","published_at":"2026-06-13T12:55:00Z"},{"value":"0.00509","scoring_system":"epss","scoring_elements":"0.66803","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2017-7763"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2017-15","reference_id":"mfsa2017-15","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2017-15"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2017-16","reference_id":"mfsa2017-16","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2017-16"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2017-17","reference_id":"mfsa2017-17","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2017-17"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/41799?format=json","purl":"pkg:deb/debian/firefox-esr@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/41784?format=json","purl":"pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/41782?format=json","purl":"pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zj6v-hmj8-syfy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/41786?format=json","purl":"pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zj6v-hmj8-syfy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/41785?format=json","purl":"pkg:deb/debian/firefox-esr@140.11.0esr-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zj6v-hmj8-syfy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.11.0esr-1%3Fdistro=trixie"}],"aliases":["CVE-2017-7763"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-juvv-bxfh-hygj"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/1108?format=json","vulnerability_id":"VCID-jxb4-15n9-ffar","summary":"","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-2825.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-2825.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2016-2825","reference_id":"","reference_type":"","scores":[{"value":"0.00682","scoring_system":"epss","scoring_elements":"0.7211","published_at":"2026-06-11T12:55:00Z"},{"value":"0.00682","scoring_system":"epss","scoring_elements":"0.72194","published_at":"2026-06-12T12:55:00Z"},{"value":"0.00682","scoring_system":"epss","scoring_elements":"0.72206","published_at":"2026-06-13T12:55:00Z"},{"value":"0.00682","scoring_system":"epss","scoring_elements":"0.72201","published_at":"2026-06-14T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2016-2825"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:P/I:N/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1342894","reference_id":"1342894","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1342894"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2825","reference_id":"CVE-2016-2825","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2825"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2016-54","reference_id":"mfsa2016-54","reference_type":"","scores":[{"value":"low","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2016-54"},{"reference_url":"https://usn.ubuntu.com/2993-1/","reference_id":"USN-2993-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/2993-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/41799?format=json","purl":"pkg:deb/debian/firefox-esr@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/41784?format=json","purl":"pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/41782?format=json","purl":"pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zj6v-hmj8-syfy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/41786?format=json","purl":"pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zj6v-hmj8-syfy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/41785?format=json","purl":"pkg:deb/debian/firefox-esr@140.11.0esr-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zj6v-hmj8-syfy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.11.0esr-1%3Fdistro=trixie"}],"aliases":["CVE-2016-2825"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-jxb4-15n9-ffar"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/2038?format=json","vulnerability_id":"VCID-jz3y-h3au-f7ba","summary":"","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-9075.json","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-9075.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2016-9075","reference_id":"","reference_type":"","scores":[{"value":"0.02551","scoring_system":"epss","scoring_elements":"0.85862","published_at":"2026-06-12T12:55:00Z"},{"value":"0.02551","scoring_system":"epss","scoring_elements":"0.85866","published_at":"2026-06-14T12:55:00Z"},{"value":"0.02551","scoring_system":"epss","scoring_elements":"0.85813","published_at":"2026-06-11T12:55:00Z"},{"value":"0.02551","scoring_system":"epss","scoring_elements":"0.85873","published_at":"2026-06-13T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2016-9075"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"4.6","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:H/Au:S/C:P/I:P/A:P"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1395101","reference_id":"1395101","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1395101"},{"reference_url":"https://security.archlinux.org/ASA-201611-16","reference_id":"ASA-201611-16","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201611-16"},{"reference_url":"https://security.archlinux.org/AVG-72","reference_id":"AVG-72","reference_type":"","scores":[{"value":"Critical","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-72"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2016-89","reference_id":"mfsa2016-89","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2016-89"},{"reference_url":"https://usn.ubuntu.com/3124-1/","reference_id":"USN-3124-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3124-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/41799?format=json","purl":"pkg:deb/debian/firefox-esr@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/41784?format=json","purl":"pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/41782?format=json","purl":"pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zj6v-hmj8-syfy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/41786?format=json","purl":"pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zj6v-hmj8-syfy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/41785?format=json","purl":"pkg:deb/debian/firefox-esr@140.11.0esr-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zj6v-hmj8-syfy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.11.0esr-1%3Fdistro=trixie"}],"aliases":["CVE-2016-9075"],"risk_score":4.5,"exploitability":"0.5","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-jz3y-h3au-f7ba"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/18073?format=json","vulnerability_id":"VCID-kcvg-277x-pugb","summary":"","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-11693.json","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-11693.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-11693","reference_id":"","reference_type":"","scores":[{"value":"0.00393","scoring_system":"epss","scoring_elements":"0.60802","published_at":"2026-06-14T12:55:00Z"},{"value":"0.00393","scoring_system":"epss","scoring_elements":"0.6081","published_at":"2026-06-13T12:55:00Z"},{"value":"0.00393","scoring_system":"epss","scoring_elements":"0.60695","published_at":"2026-06-11T12:55:00Z"},{"value":"0.00393","scoring_system":"epss","scoring_elements":"0.60801","published_at":"2026-06-12T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-11693"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2328949","reference_id":"2328949","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2328949"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-63","reference_id":"mfsa2024-63","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-63"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2024-63/","reference_id":"mfsa2024-63","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-11-27T15:32:54Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2024-63/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-64","reference_id":"mfsa2024-64","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-64"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2024-64/","reference_id":"mfsa2024-64","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-11-27T15:32:54Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2024-64/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-67","reference_id":"mfsa2024-67","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-67"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2024-67/","reference_id":"mfsa2024-67","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-11-27T15:32:54Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2024-67/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-68","reference_id":"mfsa2024-68","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-68"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2024-68/","reference_id":"mfsa2024-68","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-11-27T15:32:54Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2024-68/"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1921458","reference_id":"show_bug.cgi?id=1921458","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-11-27T15:32:54Z/"}],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1921458"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/41799?format=json","purl":"pkg:deb/debian/firefox-esr@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/41784?format=json","purl":"pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/41782?format=json","purl":"pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zj6v-hmj8-syfy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/41786?format=json","purl":"pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zj6v-hmj8-syfy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/41785?format=json","purl":"pkg:deb/debian/firefox-esr@140.11.0esr-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zj6v-hmj8-syfy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.11.0esr-1%3Fdistro=trixie"}],"aliases":["CVE-2024-11693"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-kcvg-277x-pugb"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/140146?format=json","vulnerability_id":"VCID-kfbc-sdkf-jfgx","summary":"When calling `JS::CheckRegExpSyntax` a Syntax Error could have been set which would end in calling `convertToRuntimeErrorAndClear`. A path in the function could attempt to allocate memory when none is available which would have caused a newly created Out of Memory exception to be mishandled as a Syntax Error. This vulnerability affects Firefox < 117, Firefox ESR < 115.2, and Thunderbird < 115.2.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-4578.json","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-4578.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2023-4578","reference_id":"","reference_type":"","scores":[{"value":"0.0011","scoring_system":"epss","scoring_elements":"0.29091","published_at":"2026-06-14T12:55:00Z"},{"value":"0.0011","scoring_system":"epss","scoring_elements":"0.29104","published_at":"2026-06-13T12:55:00Z"},{"value":"0.0011","scoring_system":"epss","scoring_elements":"0.29085","published_at":"2026-06-12T12:55:00Z"},{"value":"0.0011","scoring_system":"epss","scoring_elements":"0.28883","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2023-4578"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2236077","reference_id":"2236077","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2236077"},{"reference_url":"https://security.gentoo.org/glsa/202402-25","reference_id":"GLSA-202402-25","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202402-25"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2023-34","reference_id":"mfsa2023-34","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2023-34"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2023-34/","reference_id":"mfsa2023-34","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-19T20:02:09Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2023-34/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2023-36","reference_id":"mfsa2023-36","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2023-36"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2023-36/","reference_id":"mfsa2023-36","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-19T20:02:09Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2023-36/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2023-38","reference_id":"mfsa2023-38","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2023-38"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2023-38/","reference_id":"mfsa2023-38","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-19T20:02:09Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2023-38/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4945","reference_id":"RHSA-2023:4945","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4945"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4946","reference_id":"RHSA-2023:4946","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4946"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4947","reference_id":"RHSA-2023:4947","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4947"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4948","reference_id":"RHSA-2023:4948","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4948"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4949","reference_id":"RHSA-2023:4949","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4949"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4950","reference_id":"RHSA-2023:4950","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4950"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4951","reference_id":"RHSA-2023:4951","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4951"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4952","reference_id":"RHSA-2023:4952","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4952"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4954","reference_id":"RHSA-2023:4954","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4954"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4955","reference_id":"RHSA-2023:4955","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4955"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4956","reference_id":"RHSA-2023:4956","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4956"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4957","reference_id":"RHSA-2023:4957","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4957"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4958","reference_id":"RHSA-2023:4958","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4958"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4959","reference_id":"RHSA-2023:4959","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4959"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:5019","reference_id":"RHSA-2023:5019","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:5019"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1839007","reference_id":"show_bug.cgi?id=1839007","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-19T20:02:09Z/"}],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1839007"},{"reference_url":"https://usn.ubuntu.com/6320-1/","reference_id":"USN-6320-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6320-1/"},{"reference_url":"https://usn.ubuntu.com/6405-1/","reference_id":"USN-6405-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6405-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/41799?format=json","purl":"pkg:deb/debian/firefox-esr@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/42184?format=json","purl":"pkg:deb/debian/firefox-esr@115.2.0esr-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@115.2.0esr-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/41784?format=json","purl":"pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/41782?format=json","purl":"pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zj6v-hmj8-syfy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/41786?format=json","purl":"pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zj6v-hmj8-syfy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/41785?format=json","purl":"pkg:deb/debian/firefox-esr@140.11.0esr-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zj6v-hmj8-syfy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.11.0esr-1%3Fdistro=trixie"}],"aliases":["CVE-2023-4578"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-kfbc-sdkf-jfgx"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/183560?format=json","vulnerability_id":"VCID-kkz5-sjbf-7fcf","summary":"Multiple vulnerabilities have been found in Mozilla Firefox and\n    Thunderbird the worst of which could lead to the execution of arbitrary\n    code.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2016-5294","reference_id":"","reference_type":"","scores":[{"value":"0.00071","scoring_system":"epss","scoring_elements":"0.22129","published_at":"2026-06-13T12:55:00Z"},{"value":"0.00071","scoring_system":"epss","scoring_elements":"0.22104","published_at":"2026-06-14T12:55:00Z"},{"value":"0.00071","scoring_system":"epss","scoring_elements":"0.21929","published_at":"2026-06-11T12:55:00Z"},{"value":"0.00071","scoring_system":"epss","scoring_elements":"0.22118","published_at":"2026-06-12T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2016-5294"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2016-89","reference_id":"mfsa2016-89","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2016-89"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2016-90","reference_id":"mfsa2016-90","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2016-90"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2016-93","reference_id":"mfsa2016-93","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2016-93"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/41799?format=json","purl":"pkg:deb/debian/firefox-esr@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/41784?format=json","purl":"pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/41782?format=json","purl":"pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zj6v-hmj8-syfy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/41786?format=json","purl":"pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zj6v-hmj8-syfy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/41785?format=json","purl":"pkg:deb/debian/firefox-esr@140.11.0esr-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zj6v-hmj8-syfy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.11.0esr-1%3Fdistro=trixie"}],"aliases":["CVE-2016-5294"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-kkz5-sjbf-7fcf"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/6298?format=json","vulnerability_id":"VCID-ksh4-qrvt-pbcz","summary":"","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-13722.json","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-13722.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2019-13722","reference_id":"","reference_type":"","scores":[{"value":"0.00356","scoring_system":"epss","scoring_elements":"0.5836","published_at":"2026-06-12T12:55:00Z"},{"value":"0.00356","scoring_system":"epss","scoring_elements":"0.58248","published_at":"2026-06-11T12:55:00Z"},{"value":"0.00356","scoring_system":"epss","scoring_elements":"0.58364","published_at":"2026-06-14T12:55:00Z"},{"value":"0.00356","scoring_system":"epss","scoring_elements":"0.58376","published_at":"2026-06-13T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2019-13722"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1779432","reference_id":"1779432","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1779432"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2019-36","reference_id":"mfsa2019-36","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2019-36"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2019-37","reference_id":"mfsa2019-37","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2019-37"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2019-38","reference_id":"mfsa2019-38","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2019-38"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/41799?format=json","purl":"pkg:deb/debian/firefox-esr@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/41784?format=json","purl":"pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/41782?format=json","purl":"pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zj6v-hmj8-syfy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/41786?format=json","purl":"pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zj6v-hmj8-syfy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/41785?format=json","purl":"pkg:deb/debian/firefox-esr@140.11.0esr-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zj6v-hmj8-syfy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.11.0esr-1%3Fdistro=trixie"}],"aliases":["CVE-2019-13722"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-ksh4-qrvt-pbcz"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/212834?format=json","vulnerability_id":"VCID-kygy-bdda-cucb","summary":"The Mozilla Maintenance Service can be invoked by an unprivileged user to overwrite arbitrary files with junk data using the Mozilla Windows Updater, which runs with the Maintenance Service's privileged access. Note: This attack requires local system access and only affects Windows. Other operating systems are not affected. This vulnerability affects Firefox ESR < 52.2 and Firefox < 54.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2017-7767","reference_id":"","reference_type":"","scores":[{"value":"0.00138","scoring_system":"epss","scoring_elements":"0.33502","published_at":"2026-06-11T12:55:00Z"},{"value":"0.00138","scoring_system":"epss","scoring_elements":"0.33682","published_at":"2026-06-12T12:55:00Z"},{"value":"0.00138","scoring_system":"epss","scoring_elements":"0.33704","published_at":"2026-06-13T12:55:00Z"},{"value":"0.00138","scoring_system":"epss","scoring_elements":"0.33679","published_at":"2026-06-14T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2017-7767"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2017-15","reference_id":"mfsa2017-15","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2017-15"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2017-16","reference_id":"mfsa2017-16","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2017-16"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/41799?format=json","purl":"pkg:deb/debian/firefox-esr@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/41784?format=json","purl":"pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/41782?format=json","purl":"pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zj6v-hmj8-syfy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/41786?format=json","purl":"pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zj6v-hmj8-syfy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/41785?format=json","purl":"pkg:deb/debian/firefox-esr@140.11.0esr-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zj6v-hmj8-syfy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.11.0esr-1%3Fdistro=trixie"}],"aliases":["CVE-2017-7767"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-kygy-bdda-cucb"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/196989?format=json","vulnerability_id":"VCID-m2tg-m821-7ka7","summary":"multiple issues","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2017-5393","reference_id":"","reference_type":"","scores":[{"value":"0.00466","scoring_system":"epss","scoring_elements":"0.6486","published_at":"2026-06-11T12:55:00Z"},{"value":"0.00466","scoring_system":"epss","scoring_elements":"0.6496","published_at":"2026-06-12T12:55:00Z"},{"value":"0.00466","scoring_system":"epss","scoring_elements":"0.64973","published_at":"2026-06-13T12:55:00Z"},{"value":"0.00466","scoring_system":"epss","scoring_elements":"0.64968","published_at":"2026-06-14T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2017-5393"},{"reference_url":"https://security.archlinux.org/ASA-201701-39","reference_id":"ASA-201701-39","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201701-39"},{"reference_url":"https://security.archlinux.org/AVG-157","reference_id":"AVG-157","reference_type":"","scores":[{"value":"Critical","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-157"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2017-01","reference_id":"mfsa2017-01","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2017-01"},{"reference_url":"https://usn.ubuntu.com/3175-1/","reference_id":"USN-3175-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3175-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/41799?format=json","purl":"pkg:deb/debian/firefox-esr@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/41784?format=json","purl":"pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/41782?format=json","purl":"pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zj6v-hmj8-syfy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/41786?format=json","purl":"pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zj6v-hmj8-syfy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/41785?format=json","purl":"pkg:deb/debian/firefox-esr@140.11.0esr-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zj6v-hmj8-syfy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.11.0esr-1%3Fdistro=trixie"}],"aliases":["CVE-2017-5393"],"risk_score":4.5,"exploitability":"0.5","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-m2tg-m821-7ka7"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/6121?format=json","vulnerability_id":"VCID-m44c-6w2a-qfgs","summary":"","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-11736.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-11736.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2019-11736","reference_id":"","reference_type":"","scores":[{"value":"0.00057","scoring_system":"epss","scoring_elements":"0.18158","published_at":"2026-06-12T12:55:00Z"},{"value":"0.00057","scoring_system":"epss","scoring_elements":"0.18","published_at":"2026-06-11T12:55:00Z"},{"value":"0.00057","scoring_system":"epss","scoring_elements":"0.1815","published_at":"2026-06-14T12:55:00Z"},{"value":"0.00057","scoring_system":"epss","scoring_elements":"0.18175","published_at":"2026-06-13T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2019-11736"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1748662","reference_id":"1748662","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1748662"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2019-25","reference_id":"mfsa2019-25","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2019-25"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2019-26","reference_id":"mfsa2019-26","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2019-26"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/41799?format=json","purl":"pkg:deb/debian/firefox-esr@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/41784?format=json","purl":"pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/41782?format=json","purl":"pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zj6v-hmj8-syfy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/41786?format=json","purl":"pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zj6v-hmj8-syfy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/41785?format=json","purl":"pkg:deb/debian/firefox-esr@140.11.0esr-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zj6v-hmj8-syfy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.11.0esr-1%3Fdistro=trixie"}],"aliases":["CVE-2019-11736"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-m44c-6w2a-qfgs"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/196993?format=json","vulnerability_id":"VCID-m7bj-3gpe-ryhb","summary":"multiple issues","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2017-5387","reference_id":"","reference_type":"","scores":[{"value":"0.00126","scoring_system":"epss","scoring_elements":"0.31469","published_at":"2026-06-11T12:55:00Z"},{"value":"0.00126","scoring_system":"epss","scoring_elements":"0.3166","published_at":"2026-06-12T12:55:00Z"},{"value":"0.00126","scoring_system":"epss","scoring_elements":"0.31678","published_at":"2026-06-13T12:55:00Z"},{"value":"0.00126","scoring_system":"epss","scoring_elements":"0.31661","published_at":"2026-06-14T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2017-5387"},{"reference_url":"https://security.archlinux.org/ASA-201701-39","reference_id":"ASA-201701-39","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201701-39"},{"reference_url":"https://security.archlinux.org/AVG-157","reference_id":"AVG-157","reference_type":"","scores":[{"value":"Critical","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-157"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2017-01","reference_id":"mfsa2017-01","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2017-01"},{"reference_url":"https://usn.ubuntu.com/3175-1/","reference_id":"USN-3175-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3175-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/41799?format=json","purl":"pkg:deb/debian/firefox-esr@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/41784?format=json","purl":"pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/41782?format=json","purl":"pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zj6v-hmj8-syfy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/41786?format=json","purl":"pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zj6v-hmj8-syfy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/41785?format=json","purl":"pkg:deb/debian/firefox-esr@140.11.0esr-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zj6v-hmj8-syfy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.11.0esr-1%3Fdistro=trixie"}],"aliases":["CVE-2017-5387"],"risk_score":4.5,"exploitability":"0.5","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-m7bj-3gpe-ryhb"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/126150?format=json","vulnerability_id":"VCID-mezt-n3md-k3bt","summary":"Following the recent Chrome sandbox escape (CVE-2025-2783), various Firefox developers identified a similar pattern in our IPC code. A compromised child process could cause the parent process to return an unintentionally powerful handle, leading to a sandbox escape. \nThe original vulnerability was being exploited in the wild. \n*This only affects Firefox on Windows. Other operating systems are unaffected.*. This vulnerability was fixed in Firefox 136.0.4, Firefox ESR 128.8.1, and Firefox ESR 115.21.1.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-2857.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-2857.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-2857","reference_id":"","reference_type":"","scores":[{"value":"0.00203","scoring_system":"epss","scoring_elements":"0.42364","published_at":"2026-06-11T12:55:00Z"},{"value":"0.00203","scoring_system":"epss","scoring_elements":"0.42538","published_at":"2026-06-14T12:55:00Z"},{"value":"0.00203","scoring_system":"epss","scoring_elements":"0.42549","published_at":"2026-06-13T12:55:00Z"},{"value":"0.00203","scoring_system":"epss","scoring_elements":"0.42527","published_at":"2026-06-12T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-2857"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2355327","reference_id":"2355327","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2355327"},{"reference_url":"https://issues.chromium.org/issues/405143032","reference_id":"405143032","reference_type":"","scores":[{"value":"10","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-03-28T15:23:40Z/"}],"url":"https://issues.chromium.org/issues/405143032"},{"reference_url":"https://www.cve.org/CVERecord?id=CVE-2025-2783","reference_id":"CVERecord?id=CVE-2025-2783","reference_type":"","scores":[{"value":"10","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-03-28T15:23:40Z/"}],"url":"https://www.cve.org/CVERecord?id=CVE-2025-2783"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-19","reference_id":"mfsa2025-19","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-19"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2025-19/","reference_id":"mfsa2025-19","reference_type":"","scores":[{"value":"10","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-03-28T15:23:40Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2025-19/"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1956398","reference_id":"show_bug.cgi?id=1956398","reference_type":"","scores":[{"value":"10","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-03-28T15:23:40Z/"}],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1956398"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/41799?format=json","purl":"pkg:deb/debian/firefox-esr@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/41784?format=json","purl":"pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/41782?format=json","purl":"pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zj6v-hmj8-syfy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/41786?format=json","purl":"pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zj6v-hmj8-syfy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/41785?format=json","purl":"pkg:deb/debian/firefox-esr@140.11.0esr-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zj6v-hmj8-syfy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.11.0esr-1%3Fdistro=trixie"}],"aliases":["CVE-2025-2857"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-mezt-n3md-k3bt"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/212816?format=json","vulnerability_id":"VCID-mjuu-r5ph-f7hg","summary":"When a new Firefox profile is created on 64-bit Windows installations, the sandbox for 64-bit NPAPI plugins is not enabled by default. Note: This issue only affects 64-bit Windows. 32-bit Windows and other operating systems are unaffected. This vulnerability affects Firefox < 50.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2016-9072","reference_id":"","reference_type":"","scores":[{"value":"0.00369","scoring_system":"epss","scoring_elements":"0.59179","published_at":"2026-06-11T12:55:00Z"},{"value":"0.00369","scoring_system":"epss","scoring_elements":"0.59291","published_at":"2026-06-12T12:55:00Z"},{"value":"0.00369","scoring_system":"epss","scoring_elements":"0.59304","published_at":"2026-06-13T12:55:00Z"},{"value":"0.00369","scoring_system":"epss","scoring_elements":"0.59295","published_at":"2026-06-14T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2016-9072"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2016-89","reference_id":"mfsa2016-89","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2016-89"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/41799?format=json","purl":"pkg:deb/debian/firefox-esr@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/41784?format=json","purl":"pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/41782?format=json","purl":"pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zj6v-hmj8-syfy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/41786?format=json","purl":"pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zj6v-hmj8-syfy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/41785?format=json","purl":"pkg:deb/debian/firefox-esr@140.11.0esr-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zj6v-hmj8-syfy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.11.0esr-1%3Fdistro=trixie"}],"aliases":["CVE-2016-9072"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-mjuu-r5ph-f7hg"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/2036?format=json","vulnerability_id":"VCID-mpc6-cgfn-m3dj","summary":"","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-9073.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-9073.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2016-9073","reference_id":"","reference_type":"","scores":[{"value":"0.00807","scoring_system":"epss","scoring_elements":"0.74677","published_at":"2026-06-12T12:55:00Z"},{"value":"0.00807","scoring_system":"epss","scoring_elements":"0.74689","published_at":"2026-06-14T12:55:00Z"},{"value":"0.00807","scoring_system":"epss","scoring_elements":"0.74606","published_at":"2026-06-11T12:55:00Z"},{"value":"0.00807","scoring_system":"epss","scoring_elements":"0.74691","published_at":"2026-06-13T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2016-9073"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"4","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:H/Au:N/C:P/I:P/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1396545","reference_id":"1396545","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1396545"},{"reference_url":"https://security.archlinux.org/ASA-201611-16","reference_id":"ASA-201611-16","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201611-16"},{"reference_url":"https://security.archlinux.org/AVG-72","reference_id":"AVG-72","reference_type":"","scores":[{"value":"Critical","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-72"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2016-89","reference_id":"mfsa2016-89","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2016-89"},{"reference_url":"https://usn.ubuntu.com/3124-1/","reference_id":"USN-3124-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3124-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/41799?format=json","purl":"pkg:deb/debian/firefox-esr@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/41784?format=json","purl":"pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/41782?format=json","purl":"pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zj6v-hmj8-syfy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/41786?format=json","purl":"pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zj6v-hmj8-syfy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/41785?format=json","purl":"pkg:deb/debian/firefox-esr@140.11.0esr-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zj6v-hmj8-syfy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.11.0esr-1%3Fdistro=trixie"}],"aliases":["CVE-2016-9073"],"risk_score":4.5,"exploitability":"0.5","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-mpc6-cgfn-m3dj"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/183550?format=json","vulnerability_id":"VCID-mpp4-8d5x-bqd1","summary":"Multiple vulnerabilities have been found in Mozilla Firefox and\n    Thunderbird the worst of which could lead to the execution of arbitrary\n    code.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-5256.json","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-5256.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2016-5256","reference_id":"","reference_type":"","scores":[{"value":"0.0171","scoring_system":"epss","scoring_elements":"0.82808","published_at":"2026-06-14T12:55:00Z"},{"value":"0.0171","scoring_system":"epss","scoring_elements":"0.82743","published_at":"2026-06-11T12:55:00Z"},{"value":"0.0171","scoring_system":"epss","scoring_elements":"0.82805","published_at":"2026-06-12T12:55:00Z"},{"value":"0.0171","scoring_system":"epss","scoring_elements":"0.82812","published_at":"2026-06-13T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2016-5256"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1377666","reference_id":"1377666","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1377666"},{"reference_url":"https://security.archlinux.org/ASA-201609-22","reference_id":"ASA-201609-22","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201609-22"},{"reference_url":"https://security.archlinux.org/AVG-24","reference_id":"AVG-24","reference_type":"","scores":[{"value":"Critical","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-24"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2016-85","reference_id":"mfsa2016-85","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2016-85"},{"reference_url":"https://usn.ubuntu.com/3076-1/","reference_id":"USN-3076-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3076-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/41799?format=json","purl":"pkg:deb/debian/firefox-esr@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/41784?format=json","purl":"pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/41782?format=json","purl":"pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zj6v-hmj8-syfy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/41786?format=json","purl":"pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zj6v-hmj8-syfy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/41785?format=json","purl":"pkg:deb/debian/firefox-esr@140.11.0esr-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zj6v-hmj8-syfy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.11.0esr-1%3Fdistro=trixie"}],"aliases":["CVE-2016-5256"],"risk_score":4.5,"exploitability":"0.5","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-mpp4-8d5x-bqd1"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/183557?format=json","vulnerability_id":"VCID-mrsd-y1rc-8ue4","summary":"Multiple vulnerabilities have been found in Mozilla Firefox and\n    Thunderbird the worst of which could lead to the execution of arbitrary\n    code.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-5282.json","reference_id":"","reference_type":"","scores":[{"value":"5.6","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-5282.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2016-5282","reference_id":"","reference_type":"","scores":[{"value":"0.00393","scoring_system":"epss","scoring_elements":"0.60808","published_at":"2026-06-14T12:55:00Z"},{"value":"0.00393","scoring_system":"epss","scoring_elements":"0.60701","published_at":"2026-06-11T12:55:00Z"},{"value":"0.00393","scoring_system":"epss","scoring_elements":"0.60807","published_at":"2026-06-12T12:55:00Z"},{"value":"0.00393","scoring_system":"epss","scoring_elements":"0.60817","published_at":"2026-06-13T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2016-5282"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1377675","reference_id":"1377675","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1377675"},{"reference_url":"https://security.archlinux.org/ASA-201609-22","reference_id":"ASA-201609-22","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201609-22"},{"reference_url":"https://security.archlinux.org/AVG-24","reference_id":"AVG-24","reference_type":"","scores":[{"value":"Critical","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-24"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2016-85","reference_id":"mfsa2016-85","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2016-85"},{"reference_url":"https://usn.ubuntu.com/3076-1/","reference_id":"USN-3076-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3076-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/41799?format=json","purl":"pkg:deb/debian/firefox-esr@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/41784?format=json","purl":"pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/41782?format=json","purl":"pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zj6v-hmj8-syfy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/41786?format=json","purl":"pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zj6v-hmj8-syfy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/41785?format=json","purl":"pkg:deb/debian/firefox-esr@140.11.0esr-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zj6v-hmj8-syfy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.11.0esr-1%3Fdistro=trixie"}],"aliases":["CVE-2016-5282"],"risk_score":4.5,"exploitability":"0.5","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-mrsd-y1rc-8ue4"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/1099?format=json","vulnerability_id":"VCID-n789-s7yc-cued","summary":"","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-2815.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-2815.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2016-2815","reference_id":"","reference_type":"","scores":[{"value":"0.00261","scoring_system":"epss","scoring_elements":"0.49793","published_at":"2026-06-11T12:55:00Z"},{"value":"0.00261","scoring_system":"epss","scoring_elements":"0.49929","published_at":"2026-06-12T12:55:00Z"},{"value":"0.00261","scoring_system":"epss","scoring_elements":"0.49948","published_at":"2026-06-13T12:55:00Z"},{"value":"0.00261","scoring_system":"epss","scoring_elements":"0.49934","published_at":"2026-06-14T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2016-2815"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.8","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:P/I:P/A:P"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1342890","reference_id":"1342890","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1342890"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2815","reference_id":"CVE-2016-2815","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2815"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2016-49","reference_id":"mfsa2016-49","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2016-49"},{"reference_url":"https://usn.ubuntu.com/2993-1/","reference_id":"USN-2993-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/2993-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/41799?format=json","purl":"pkg:deb/debian/firefox-esr@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/41784?format=json","purl":"pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/41782?format=json","purl":"pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zj6v-hmj8-syfy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/41786?format=json","purl":"pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zj6v-hmj8-syfy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/41785?format=json","purl":"pkg:deb/debian/firefox-esr@140.11.0esr-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zj6v-hmj8-syfy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.11.0esr-1%3Fdistro=trixie"}],"aliases":["CVE-2016-2815"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-n789-s7yc-cued"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/140541?format=json","vulnerability_id":"VCID-nhn5-tjfq-buf9","summary":"Similar to CVE-2023-28163, this time when choosing 'Save Link As', suggested filenames containing environment variable names would have resolved those in the context of the current user. \n\n*This bug only affects Firefox and Thunderbird on Windows. Other versions of Firefox and Thunderbird are unaffected.* This vulnerability affects Firefox < 112, Firefox ESR < 102.10, and Thunderbird < 102.10.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-29545.json","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-29545.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2023-29545","reference_id":"","reference_type":"","scores":[{"value":"0.00367","scoring_system":"epss","scoring_elements":"0.59161","published_at":"2026-06-14T12:55:00Z"},{"value":"0.00367","scoring_system":"epss","scoring_elements":"0.59046","published_at":"2026-06-11T12:55:00Z"},{"value":"0.00367","scoring_system":"epss","scoring_elements":"0.59159","published_at":"2026-06-12T12:55:00Z"},{"value":"0.00367","scoring_system":"epss","scoring_elements":"0.5917","published_at":"2026-06-13T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2023-29545"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2186108","reference_id":"2186108","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2186108"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2023-13","reference_id":"mfsa2023-13","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2023-13"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2023-13/","reference_id":"mfsa2023-13","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-12-11T15:48:18Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2023-13/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2023-14","reference_id":"mfsa2023-14","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2023-14"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2023-14/","reference_id":"mfsa2023-14","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-12-11T15:48:18Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2023-14/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2023-15","reference_id":"mfsa2023-15","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2023-15"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2023-15/","reference_id":"mfsa2023-15","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-12-11T15:48:18Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2023-15/"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1823077","reference_id":"show_bug.cgi?id=1823077","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-12-11T15:48:18Z/"}],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1823077"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/41799?format=json","purl":"pkg:deb/debian/firefox-esr@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/41784?format=json","purl":"pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/41782?format=json","purl":"pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zj6v-hmj8-syfy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/41786?format=json","purl":"pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zj6v-hmj8-syfy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/41785?format=json","purl":"pkg:deb/debian/firefox-esr@140.11.0esr-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zj6v-hmj8-syfy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.11.0esr-1%3Fdistro=trixie"}],"aliases":["CVE-2023-29545"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-nhn5-tjfq-buf9"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/25259?format=json","vulnerability_id":"VCID-nkbh-m94m-y3ax","summary":"","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-4082.json","reference_id":"","reference_type":"","scores":[{"value":"7.6","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-4082.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-4082","reference_id":"","reference_type":"","scores":[{"value":"0.00178","scoring_system":"epss","scoring_elements":"0.39374","published_at":"2026-06-14T12:55:00Z"},{"value":"0.00178","scoring_system":"epss","scoring_elements":"0.39385","published_at":"2026-06-13T12:55:00Z"},{"value":"0.00178","scoring_system":"epss","scoring_elements":"0.39361","published_at":"2026-06-12T12:55:00Z"},{"value":"0.00178","scoring_system":"epss","scoring_elements":"0.3919","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-4082"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2362903","reference_id":"2362903","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2362903"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-28","reference_id":"mfsa2025-28","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-28"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2025-28/","reference_id":"mfsa2025-28","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-30T03:56:28Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2025-28/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-29","reference_id":"mfsa2025-29","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-29"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2025-29/","reference_id":"mfsa2025-29","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-30T03:56:28Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2025-29/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-30","reference_id":"mfsa2025-30","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-30"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2025-30/","reference_id":"mfsa2025-30","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-30T03:56:28Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2025-30/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-31","reference_id":"mfsa2025-31","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-31"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2025-31/","reference_id":"mfsa2025-31","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-30T03:56:28Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2025-31/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-32","reference_id":"mfsa2025-32","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-32"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2025-32/","reference_id":"mfsa2025-32","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-30T03:56:28Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2025-32/"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1937097","reference_id":"show_bug.cgi?id=1937097","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-30T03:56:28Z/"}],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1937097"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/41799?format=json","purl":"pkg:deb/debian/firefox-esr@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/41784?format=json","purl":"pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/41782?format=json","purl":"pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zj6v-hmj8-syfy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/41786?format=json","purl":"pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zj6v-hmj8-syfy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/41785?format=json","purl":"pkg:deb/debian/firefox-esr@140.11.0esr-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zj6v-hmj8-syfy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.11.0esr-1%3Fdistro=trixie"}],"aliases":["CVE-2025-4082"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-nkbh-m94m-y3ax"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/183552?format=json","vulnerability_id":"VCID-nnfc-5tfm-vqca","summary":"Multiple vulnerabilities have been found in Mozilla Firefox and\n    Thunderbird the worst of which could lead to the execution of arbitrary\n    code.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2016-5267","reference_id":"","reference_type":"","scores":[{"value":"0.00369","scoring_system":"epss","scoring_elements":"0.59181","published_at":"2026-06-11T12:55:00Z"},{"value":"0.00369","scoring_system":"epss","scoring_elements":"0.59293","published_at":"2026-06-12T12:55:00Z"},{"value":"0.00369","scoring_system":"epss","scoring_elements":"0.59305","published_at":"2026-06-13T12:55:00Z"},{"value":"0.00369","scoring_system":"epss","scoring_elements":"0.59297","published_at":"2026-06-14T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2016-5267"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5267","reference_id":"CVE-2016-5267","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5267"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2016-82","reference_id":"mfsa2016-82","reference_type":"","scores":[{"value":"none","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2016-82"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/41799?format=json","purl":"pkg:deb/debian/firefox-esr@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/41784?format=json","purl":"pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/41782?format=json","purl":"pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zj6v-hmj8-syfy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/41786?format=json","purl":"pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zj6v-hmj8-syfy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/41785?format=json","purl":"pkg:deb/debian/firefox-esr@140.11.0esr-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zj6v-hmj8-syfy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.11.0esr-1%3Fdistro=trixie"}],"aliases":["CVE-2016-5267"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-nnfc-5tfm-vqca"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/1107?format=json","vulnerability_id":"VCID-nqdz-ct3u-5fcv","summary":"","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2016-2824","reference_id":"","reference_type":"","scores":[{"value":"0.00924","scoring_system":"epss","scoring_elements":"0.76463","published_at":"2026-06-11T12:55:00Z"},{"value":"0.00924","scoring_system":"epss","scoring_elements":"0.76533","published_at":"2026-06-12T12:55:00Z"},{"value":"0.00924","scoring_system":"epss","scoring_elements":"0.76547","published_at":"2026-06-13T12:55:00Z"},{"value":"0.00924","scoring_system":"epss","scoring_elements":"0.76542","published_at":"2026-06-14T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2016-2824"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.8","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:P/I:P/A:P"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2824","reference_id":"CVE-2016-2824","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2824"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2016-53","reference_id":"mfsa2016-53","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2016-53"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/41799?format=json","purl":"pkg:deb/debian/firefox-esr@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/41784?format=json","purl":"pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/41782?format=json","purl":"pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zj6v-hmj8-syfy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/41786?format=json","purl":"pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zj6v-hmj8-syfy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/41785?format=json","purl":"pkg:deb/debian/firefox-esr@140.11.0esr-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zj6v-hmj8-syfy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.11.0esr-1%3Fdistro=trixie"}],"aliases":["CVE-2016-2824"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-nqdz-ct3u-5fcv"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/140005?format=json","vulnerability_id":"VCID-nqhf-g3y1-6kag","summary":"When checking if the Browsing Context had been discarded in `HttpBaseChannel`, if the load group was not available then it was assumed to have already been discarded which was not always the case for private channels after the private session had ended. This vulnerability affects Firefox < 117, Firefox ESR < 115.2, and Thunderbird < 115.2.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-4583.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-4583.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2023-4583","reference_id":"","reference_type":"","scores":[{"value":"0.00146","scoring_system":"epss","scoring_elements":"0.34927","published_at":"2026-06-14T12:55:00Z"},{"value":"0.00146","scoring_system":"epss","scoring_elements":"0.34748","published_at":"2026-06-11T12:55:00Z"},{"value":"0.00146","scoring_system":"epss","scoring_elements":"0.34926","published_at":"2026-06-12T12:55:00Z"},{"value":"0.00146","scoring_system":"epss","scoring_elements":"0.34949","published_at":"2026-06-13T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2023-4583"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2236082","reference_id":"2236082","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2236082"},{"reference_url":"https://security.gentoo.org/glsa/202402-25","reference_id":"GLSA-202402-25","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202402-25"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2023-34","reference_id":"mfsa2023-34","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2023-34"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2023-34/","reference_id":"mfsa2023-34","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-09-19T19:09:13Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2023-34/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2023-36","reference_id":"mfsa2023-36","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2023-36"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2023-36/","reference_id":"mfsa2023-36","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-09-19T19:09:13Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2023-36/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2023-38","reference_id":"mfsa2023-38","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2023-38"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2023-38/","reference_id":"mfsa2023-38","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-09-19T19:09:13Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2023-38/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4945","reference_id":"RHSA-2023:4945","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4945"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4946","reference_id":"RHSA-2023:4946","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4946"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4947","reference_id":"RHSA-2023:4947","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4947"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4948","reference_id":"RHSA-2023:4948","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4948"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4949","reference_id":"RHSA-2023:4949","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4949"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4950","reference_id":"RHSA-2023:4950","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4950"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4951","reference_id":"RHSA-2023:4951","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4951"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4952","reference_id":"RHSA-2023:4952","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4952"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4954","reference_id":"RHSA-2023:4954","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4954"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4955","reference_id":"RHSA-2023:4955","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4955"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4956","reference_id":"RHSA-2023:4956","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4956"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4957","reference_id":"RHSA-2023:4957","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4957"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4958","reference_id":"RHSA-2023:4958","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4958"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4959","reference_id":"RHSA-2023:4959","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4959"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:5019","reference_id":"RHSA-2023:5019","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:5019"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1842030","reference_id":"show_bug.cgi?id=1842030","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-09-19T19:09:13Z/"}],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1842030"},{"reference_url":"https://usn.ubuntu.com/6320-1/","reference_id":"USN-6320-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6320-1/"},{"reference_url":"https://usn.ubuntu.com/6405-1/","reference_id":"USN-6405-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6405-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/41799?format=json","purl":"pkg:deb/debian/firefox-esr@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/42184?format=json","purl":"pkg:deb/debian/firefox-esr@115.2.0esr-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@115.2.0esr-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/41784?format=json","purl":"pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/41782?format=json","purl":"pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zj6v-hmj8-syfy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/41786?format=json","purl":"pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zj6v-hmj8-syfy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/41785?format=json","purl":"pkg:deb/debian/firefox-esr@140.11.0esr-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zj6v-hmj8-syfy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.11.0esr-1%3Fdistro=trixie"}],"aliases":["CVE-2023-4583"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-nqhf-g3y1-6kag"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/212881?format=json","vulnerability_id":"VCID-nqv5-huzk-ebgu","summary":"Unsanitized output in the browser UI leaves HTML tags in place and can result in arbitrary code execution in Firefox before version 58.0.1.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-5124.json","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-5124.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2018-5124","reference_id":"","reference_type":"","scores":[{"value":"0.00557","scoring_system":"epss","scoring_elements":"0.68645","published_at":"2026-06-11T12:55:00Z"},{"value":"0.00557","scoring_system":"epss","scoring_elements":"0.68737","published_at":"2026-06-12T12:55:00Z"},{"value":"0.00557","scoring_system":"epss","scoring_elements":"0.68751","published_at":"2026-06-13T12:55:00Z"},{"value":"0.00557","scoring_system":"epss","scoring_elements":"0.68747","published_at":"2026-06-14T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2018-5124"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1540431","reference_id":"1540431","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1540431"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5124","reference_id":"CVE-2018-5124","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5124"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2018-05","reference_id":"mfsa2018-05","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2018-05"},{"reference_url":"https://usn.ubuntu.com/3552-1/","reference_id":"USN-3552-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3552-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/41799?format=json","purl":"pkg:deb/debian/firefox-esr@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/41784?format=json","purl":"pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/41782?format=json","purl":"pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zj6v-hmj8-syfy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/41786?format=json","purl":"pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zj6v-hmj8-syfy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/41785?format=json","purl":"pkg:deb/debian/firefox-esr@140.11.0esr-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zj6v-hmj8-syfy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.11.0esr-1%3Fdistro=trixie"}],"aliases":["CVE-2018-5124"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-nqv5-huzk-ebgu"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/8330?format=json","vulnerability_id":"VCID-nqwq-ym6b-4kcd","summary":"","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-26966.json","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-26966.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2020-26966","reference_id":"","reference_type":"","scores":[{"value":"0.00354","scoring_system":"epss","scoring_elements":"0.58236","published_at":"2026-06-12T12:55:00Z"},{"value":"0.00354","scoring_system":"epss","scoring_elements":"0.58122","published_at":"2026-06-11T12:55:00Z"},{"value":"0.00354","scoring_system":"epss","scoring_elements":"0.58242","published_at":"2026-06-14T12:55:00Z"},{"value":"0.00354","scoring_system":"epss","scoring_elements":"0.58252","published_at":"2026-06-13T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2020-26966"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1898740","reference_id":"1898740","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1898740"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2020-50","reference_id":"mfsa2020-50","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2020-50"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2020-51","reference_id":"mfsa2020-51","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2020-51"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2020-52","reference_id":"mfsa2020-52","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2020-52"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/41799?format=json","purl":"pkg:deb/debian/firefox-esr@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/41784?format=json","purl":"pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/41782?format=json","purl":"pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zj6v-hmj8-syfy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/41786?format=json","purl":"pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zj6v-hmj8-syfy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/41785?format=json","purl":"pkg:deb/debian/firefox-esr@140.11.0esr-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zj6v-hmj8-syfy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.11.0esr-1%3Fdistro=trixie"}],"aliases":["CVE-2020-26966"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-nqwq-ym6b-4kcd"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/140703?format=json","vulnerability_id":"VCID-nr9j-x54b-rfey","summary":"An attacker could have caused an out of bounds memory access using WebGL APIs, leading to memory corruption and a potentially exploitable crash.\n\n*This bug only affects Firefox and Thunderbird for macOS. Other operating systems are unaffected.* This vulnerability affects Firefox < 112, Firefox ESR < 102.10, and Thunderbird < 102.10.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-29531.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-29531.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2023-29531","reference_id":"","reference_type":"","scores":[{"value":"0.00569","scoring_system":"epss","scoring_elements":"0.69149","published_at":"2026-06-14T12:55:00Z"},{"value":"0.00569","scoring_system":"epss","scoring_elements":"0.6905","published_at":"2026-06-11T12:55:00Z"},{"value":"0.00569","scoring_system":"epss","scoring_elements":"0.69142","published_at":"2026-06-12T12:55:00Z"},{"value":"0.00569","scoring_system":"epss","scoring_elements":"0.69154","published_at":"2026-06-13T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2023-29531"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2186099","reference_id":"2186099","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2186099"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2023-13","reference_id":"mfsa2023-13","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2023-13"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2023-13/","reference_id":"mfsa2023-13","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-12-11T15:34:50Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2023-13/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2023-14","reference_id":"mfsa2023-14","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2023-14"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2023-14/","reference_id":"mfsa2023-14","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-12-11T15:34:50Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2023-14/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2023-15","reference_id":"mfsa2023-15","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2023-15"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2023-15/","reference_id":"mfsa2023-15","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-12-11T15:34:50Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2023-15/"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1794292","reference_id":"show_bug.cgi?id=1794292","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-12-11T15:34:50Z/"}],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1794292"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/41799?format=json","purl":"pkg:deb/debian/firefox-esr@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/41784?format=json","purl":"pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/41782?format=json","purl":"pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zj6v-hmj8-syfy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/41786?format=json","purl":"pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zj6v-hmj8-syfy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/41785?format=json","purl":"pkg:deb/debian/firefox-esr@140.11.0esr-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zj6v-hmj8-syfy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.11.0esr-1%3Fdistro=trixie"}],"aliases":["CVE-2023-29531"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-nr9j-x54b-rfey"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/1515?format=json","vulnerability_id":"VCID-p277-k4nu-wqbt","summary":"","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-5268.json","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-5268.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2016-5268","reference_id":"","reference_type":"","scores":[{"value":"0.00443","scoring_system":"epss","scoring_elements":"0.63878","published_at":"2026-06-14T12:55:00Z"},{"value":"0.00443","scoring_system":"epss","scoring_elements":"0.63764","published_at":"2026-06-11T12:55:00Z"},{"value":"0.00443","scoring_system":"epss","scoring_elements":"0.63867","published_at":"2026-06-12T12:55:00Z"},{"value":"0.00443","scoring_system":"epss","scoring_elements":"0.6388","published_at":"2026-06-13T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2016-5268"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:N/I:P/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1361996","reference_id":"1361996","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1361996"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5268","reference_id":"CVE-2016-5268","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5268"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2016-83","reference_id":"mfsa2016-83","reference_type":"","scores":[{"value":"low","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2016-83"},{"reference_url":"https://usn.ubuntu.com/3044-1/","reference_id":"USN-3044-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3044-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/41799?format=json","purl":"pkg:deb/debian/firefox-esr@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/41784?format=json","purl":"pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/41782?format=json","purl":"pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zj6v-hmj8-syfy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/41786?format=json","purl":"pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zj6v-hmj8-syfy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/41785?format=json","purl":"pkg:deb/debian/firefox-esr@140.11.0esr-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zj6v-hmj8-syfy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.11.0esr-1%3Fdistro=trixie"}],"aliases":["CVE-2016-5268"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-p277-k4nu-wqbt"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/18071?format=json","vulnerability_id":"VCID-p8c1-r8d6-7kfs","summary":"","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-11691.json","reference_id":"","reference_type":"","scores":[{"value":"8.2","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-11691.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-11691","reference_id":"","reference_type":"","scores":[{"value":"0.00219","scoring_system":"epss","scoring_elements":"0.44648","published_at":"2026-06-11T12:55:00Z"},{"value":"0.00219","scoring_system":"epss","scoring_elements":"0.44803","published_at":"2026-06-14T12:55:00Z"},{"value":"0.00219","scoring_system":"epss","scoring_elements":"0.44815","published_at":"2026-06-13T12:55:00Z"},{"value":"0.00219","scoring_system":"epss","scoring_elements":"0.44799","published_at":"2026-06-12T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-11691"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"8.2","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2328940","reference_id":"2328940","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2328940"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-63","reference_id":"mfsa2024-63","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-63"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2024-63/","reference_id":"mfsa2024-63","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-11-30T04:55:57Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2024-63/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-64","reference_id":"mfsa2024-64","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-64"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2024-64/","reference_id":"mfsa2024-64","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-11-30T04:55:57Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2024-64/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-65","reference_id":"mfsa2024-65","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-65"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2024-65/","reference_id":"mfsa2024-65","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-11-30T04:55:57Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2024-65/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-67","reference_id":"mfsa2024-67","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-67"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2024-67/","reference_id":"mfsa2024-67","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-11-30T04:55:57Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2024-67/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-68","reference_id":"mfsa2024-68","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-68"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2024-68/","reference_id":"mfsa2024-68","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-11-30T04:55:57Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2024-68/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-70","reference_id":"mfsa2024-70","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2024-70"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2024-70/","reference_id":"mfsa2024-70","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-11-30T04:55:57Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2024-70/"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1914707","reference_id":"show_bug.cgi?id=1914707","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-11-30T04:55:57Z/"}],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1914707"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1924184","reference_id":"show_bug.cgi?id=1924184","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-11-30T04:55:57Z/"}],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1924184"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/41799?format=json","purl":"pkg:deb/debian/firefox-esr@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/41784?format=json","purl":"pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/41782?format=json","purl":"pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zj6v-hmj8-syfy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/41786?format=json","purl":"pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zj6v-hmj8-syfy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/41785?format=json","purl":"pkg:deb/debian/firefox-esr@140.11.0esr-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zj6v-hmj8-syfy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.11.0esr-1%3Fdistro=trixie"}],"aliases":["CVE-2024-11691"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-p8c1-r8d6-7kfs"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/1115?format=json","vulnerability_id":"VCID-ps8e-3667-kfap","summary":"","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-2833.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-2833.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2016-2833","reference_id":"","reference_type":"","scores":[{"value":"0.00341","scoring_system":"epss","scoring_elements":"0.57149","published_at":"2026-06-11T12:55:00Z"},{"value":"0.00341","scoring_system":"epss","scoring_elements":"0.57268","published_at":"2026-06-12T12:55:00Z"},{"value":"0.00341","scoring_system":"epss","scoring_elements":"0.57282","published_at":"2026-06-13T12:55:00Z"},{"value":"0.00341","scoring_system":"epss","scoring_elements":"0.57275","published_at":"2026-06-14T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2016-2833"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.8","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:P/I:P/A:P"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1342900","reference_id":"1342900","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1342900"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2833","reference_id":"CVE-2016-2833","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2833"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2016-60","reference_id":"mfsa2016-60","reference_type":"","scores":[{"value":"none","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2016-60"},{"reference_url":"https://usn.ubuntu.com/2993-1/","reference_id":"USN-2993-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/2993-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/41799?format=json","purl":"pkg:deb/debian/firefox-esr@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/41784?format=json","purl":"pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/41782?format=json","purl":"pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zj6v-hmj8-syfy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/41786?format=json","purl":"pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zj6v-hmj8-syfy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/41785?format=json","purl":"pkg:deb/debian/firefox-esr@140.11.0esr-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zj6v-hmj8-syfy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.11.0esr-1%3Fdistro=trixie"}],"aliases":["CVE-2016-2833"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-ps8e-3667-kfap"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/2029?format=json","vulnerability_id":"VCID-psnj-1w5y-wuhw","summary":"","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-9063.json","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-9063.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2016-9063","reference_id":"","reference_type":"","scores":[{"value":"0.0271","scoring_system":"epss","scoring_elements":"0.8629","published_at":"2026-06-14T12:55:00Z"},{"value":"0.0271","scoring_system":"epss","scoring_elements":"0.86232","published_at":"2026-06-11T12:55:00Z"},{"value":"0.0271","scoring_system":"epss","scoring_elements":"0.86282","published_at":"2026-06-12T12:55:00Z"},{"value":"0.0271","scoring_system":"epss","scoring_elements":"0.86293","published_at":"2026-06-13T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2016-9063"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9063","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9063"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.1","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:H/Au:N/C:P/I:P/A:P"},{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1396540","reference_id":"1396540","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1396540"},{"reference_url":"https://security.archlinux.org/ASA-201611-16","reference_id":"ASA-201611-16","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201611-16"},{"reference_url":"https://security.archlinux.org/ASA-201706-32","reference_id":"ASA-201706-32","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201706-32"},{"reference_url":"https://security.archlinux.org/ASA-201707-27","reference_id":"ASA-201707-27","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201707-27"},{"reference_url":"https://security.archlinux.org/AVG-305","reference_id":"AVG-305","reference_type":"","scores":[{"value":"Medium","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-305"},{"reference_url":"https://security.archlinux.org/AVG-306","reference_id":"AVG-306","reference_type":"","scores":[{"value":"Medium","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-306"},{"reference_url":"https://security.archlinux.org/AVG-72","reference_id":"AVG-72","reference_type":"","scores":[{"value":"Critical","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-72"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2016-89","reference_id":"mfsa2016-89","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2016-89"},{"reference_url":"https://usn.ubuntu.com/3124-1/","reference_id":"USN-3124-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3124-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/41799?format=json","purl":"pkg:deb/debian/firefox-esr@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/41784?format=json","purl":"pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/41782?format=json","purl":"pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zj6v-hmj8-syfy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/41786?format=json","purl":"pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zj6v-hmj8-syfy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/41785?format=json","purl":"pkg:deb/debian/firefox-esr@140.11.0esr-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zj6v-hmj8-syfy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.11.0esr-1%3Fdistro=trixie"}],"aliases":["CVE-2016-9063"],"risk_score":4.5,"exploitability":"0.5","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-psnj-1w5y-wuhw"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/129503?format=json","vulnerability_id":"VCID-pwn9-e1hx-aybg","summary":"A lack of in app notification for entering fullscreen mode could have lead to a malicious website spoofing browser chrome.<br>*This bug only affects Firefox Focus. Other versions of Firefox are unaffected.*. This vulnerability affects Firefox < 110 and Firefox ESR < 102.8.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-25743.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-25743.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2023-25743","reference_id":"","reference_type":"","scores":[{"value":"0.00084","scoring_system":"epss","scoring_elements":"0.24714","published_at":"2026-06-14T12:55:00Z"},{"value":"0.00084","scoring_system":"epss","scoring_elements":"0.24522","published_at":"2026-06-11T12:55:00Z"},{"value":"0.00084","scoring_system":"epss","scoring_elements":"0.24718","published_at":"2026-06-12T12:55:00Z"},{"value":"0.00084","scoring_system":"epss","scoring_elements":"0.24729","published_at":"2026-06-13T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2023-25743"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2170376","reference_id":"2170376","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2170376"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2023-05","reference_id":"mfsa2023-05","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2023-05"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2023-05/","reference_id":"mfsa2023-05","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-01-09T16:12:53Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2023-05/"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2023-06/","reference_id":"mfsa2023-06","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-01-09T16:12:53Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2023-06/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:0805","reference_id":"RHSA-2023:0805","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:0805"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:0806","reference_id":"RHSA-2023:0806","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:0806"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:0807","reference_id":"RHSA-2023:0807","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:0807"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:0808","reference_id":"RHSA-2023:0808","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:0808"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:0809","reference_id":"RHSA-2023:0809","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:0809"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:0810","reference_id":"RHSA-2023:0810","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:0810"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:0811","reference_id":"RHSA-2023:0811","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:0811"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:0812","reference_id":"RHSA-2023:0812","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:0812"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:0817","reference_id":"RHSA-2023:0817","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:0817"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:0818","reference_id":"RHSA-2023:0818","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:0818"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:0819","reference_id":"RHSA-2023:0819","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:0819"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:0820","reference_id":"RHSA-2023:0820","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:0820"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:0821","reference_id":"RHSA-2023:0821","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:0821"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:0822","reference_id":"RHSA-2023:0822","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:0822"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:0823","reference_id":"RHSA-2023:0823","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:0823"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:0824","reference_id":"RHSA-2023:0824","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:0824"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1800203","reference_id":"show_bug.cgi?id=1800203","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-01-09T16:12:53Z/"}],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1800203"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/41799?format=json","purl":"pkg:deb/debian/firefox-esr@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/41784?format=json","purl":"pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/41782?format=json","purl":"pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zj6v-hmj8-syfy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/41786?format=json","purl":"pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zj6v-hmj8-syfy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/41785?format=json","purl":"pkg:deb/debian/firefox-esr@140.11.0esr-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zj6v-hmj8-syfy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.11.0esr-1%3Fdistro=trixie"}],"aliases":["CVE-2023-25743"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-pwn9-e1hx-aybg"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/1518?format=json","vulnerability_id":"VCID-q6n2-vxeh-5uhq","summary":"","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-5288.json","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-5288.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2016-5288","reference_id":"","reference_type":"","scores":[{"value":"0.00722","scoring_system":"epss","scoring_elements":"0.7307","published_at":"2026-06-14T12:55:00Z"},{"value":"0.00722","scoring_system":"epss","scoring_elements":"0.7298","published_at":"2026-06-11T12:55:00Z"},{"value":"0.00722","scoring_system":"epss","scoring_elements":"0.73057","published_at":"2026-06-12T12:55:00Z"},{"value":"0.00722","scoring_system":"epss","scoring_elements":"0.73072","published_at":"2026-06-13T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2016-5288"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:P/I:N/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1387588","reference_id":"1387588","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1387588"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2016-87","reference_id":"mfsa2016-87","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2016-87"},{"reference_url":"https://usn.ubuntu.com/3111-1/","reference_id":"USN-3111-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3111-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/41799?format=json","purl":"pkg:deb/debian/firefox-esr@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/41784?format=json","purl":"pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/41782?format=json","purl":"pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zj6v-hmj8-syfy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/41786?format=json","purl":"pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zj6v-hmj8-syfy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/41785?format=json","purl":"pkg:deb/debian/firefox-esr@140.11.0esr-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zj6v-hmj8-syfy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.11.0esr-1%3Fdistro=trixie"}],"aliases":["CVE-2016-5288"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-q6n2-vxeh-5uhq"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/1503?format=json","vulnerability_id":"VCID-q76t-5u88-d7ad","summary":"","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-5251.json","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-5251.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2016-5251","reference_id":"","reference_type":"","scores":[{"value":"0.00547","scoring_system":"epss","scoring_elements":"0.68442","published_at":"2026-06-14T12:55:00Z"},{"value":"0.00547","scoring_system":"epss","scoring_elements":"0.68345","published_at":"2026-06-11T12:55:00Z"},{"value":"0.00547","scoring_system":"epss","scoring_elements":"0.68434","published_at":"2026-06-12T12:55:00Z"},{"value":"0.00547","scoring_system":"epss","scoring_elements":"0.68447","published_at":"2026-06-13T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2016-5251"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.8","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:P/I:P/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1361978","reference_id":"1361978","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1361978"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5251","reference_id":"CVE-2016-5251","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5251"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2016-66","reference_id":"mfsa2016-66","reference_type":"","scores":[{"value":"low","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2016-66"},{"reference_url":"https://usn.ubuntu.com/3044-1/","reference_id":"USN-3044-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3044-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/41799?format=json","purl":"pkg:deb/debian/firefox-esr@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/41784?format=json","purl":"pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/41782?format=json","purl":"pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zj6v-hmj8-syfy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/41786?format=json","purl":"pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zj6v-hmj8-syfy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/41785?format=json","purl":"pkg:deb/debian/firefox-esr@140.11.0esr-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zj6v-hmj8-syfy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.11.0esr-1%3Fdistro=trixie"}],"aliases":["CVE-2016-5251"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-q76t-5u88-d7ad"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/212805?format=json","vulnerability_id":"VCID-qb2d-y3e2-huc3","summary":"Mozilla Firefox prior to 3.6 has a DoS vulnerability due to an issue in the validation of certificates.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2011-2669","reference_id":"","reference_type":"","scores":[{"value":"0.00135","scoring_system":"epss","scoring_elements":"0.33192","published_at":"2026-06-11T12:55:00Z"},{"value":"0.00135","scoring_system":"epss","scoring_elements":"0.33374","published_at":"2026-06-12T12:55:00Z"},{"value":"0.00135","scoring_system":"epss","scoring_elements":"0.33393","published_at":"2026-06-13T12:55:00Z"},{"value":"0.00135","scoring_system":"epss","scoring_elements":"0.33368","published_at":"2026-06-14T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2011-2669"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/41799?format=json","purl":"pkg:deb/debian/firefox-esr@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/41784?format=json","purl":"pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/41782?format=json","purl":"pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zj6v-hmj8-syfy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/41786?format=json","purl":"pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zj6v-hmj8-syfy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/41785?format=json","purl":"pkg:deb/debian/firefox-esr@140.11.0esr-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zj6v-hmj8-syfy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.11.0esr-1%3Fdistro=trixie"}],"aliases":["CVE-2011-2669"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-qb2d-y3e2-huc3"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/1100?format=json","vulnerability_id":"VCID-qj5h-knba-6fgm","summary":"","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-2816.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-2816.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2016-2816","reference_id":"","reference_type":"","scores":[{"value":"0.00246","scoring_system":"epss","scoring_elements":"0.48136","published_at":"2026-06-11T12:55:00Z"},{"value":"0.00246","scoring_system":"epss","scoring_elements":"0.48274","published_at":"2026-06-12T12:55:00Z"},{"value":"0.00246","scoring_system":"epss","scoring_elements":"0.4829","published_at":"2026-06-13T12:55:00Z"},{"value":"0.00246","scoring_system":"epss","scoring_elements":"0.48275","published_at":"2026-06-14T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2016-2816"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.8","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:P/I:P/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1330282","reference_id":"1330282","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1330282"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2816","reference_id":"CVE-2016-2816","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2816"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2016-45","reference_id":"mfsa2016-45","reference_type":"","scores":[{"value":"none","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2016-45"},{"reference_url":"https://usn.ubuntu.com/2936-1/","reference_id":"USN-2936-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/2936-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/41799?format=json","purl":"pkg:deb/debian/firefox-esr@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/41784?format=json","purl":"pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/41782?format=json","purl":"pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zj6v-hmj8-syfy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/41786?format=json","purl":"pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zj6v-hmj8-syfy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/41785?format=json","purl":"pkg:deb/debian/firefox-esr@140.11.0esr-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zj6v-hmj8-syfy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.11.0esr-1%3Fdistro=trixie"}],"aliases":["CVE-2016-2816"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-qj5h-knba-6fgm"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/170061?format=json","vulnerability_id":"VCID-qkrj-fmey-wbcy","summary":"The <code>ms-msdt</code>, <code>search</code>, and <code>search-ms</code> protocols deliver content to Microsoft applications, bypassing the browser, when a user accepts a prompt. These applications have had known vulnerabilities, exploited in the wild (although we know of none exploited through Thunderbird), so in this release Thunderbird has blocked these protocols from prompting the user to open them.<br>*This bug only affects Thunderbird on Windows. Other operating systems are unaffected.*. This vulnerability affects Firefox < 102, Firefox ESR < 91.11, Thunderbird < 102, and Thunderbird < 91.11.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-34478.json","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-34478.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-34478","reference_id":"","reference_type":"","scores":[{"value":"0.00148","scoring_system":"epss","scoring_elements":"0.35323","published_at":"2026-06-14T12:55:00Z"},{"value":"0.00148","scoring_system":"epss","scoring_elements":"0.35142","published_at":"2026-06-11T12:55:00Z"},{"value":"0.00148","scoring_system":"epss","scoring_elements":"0.3532","published_at":"2026-06-12T12:55:00Z"},{"value":"0.00148","scoring_system":"epss","scoring_elements":"0.35344","published_at":"2026-06-13T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-34478"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2102167","reference_id":"2102167","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2102167"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2022-24","reference_id":"mfsa2022-24","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2022-24"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2022-24/","reference_id":"mfsa2022-24","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-15T18:14:23Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2022-24/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2022-25","reference_id":"mfsa2022-25","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2022-25"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2022-25/","reference_id":"mfsa2022-25","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-15T18:14:23Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2022-25/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2022-26","reference_id":"mfsa2022-26","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2022-26"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2022-26/","reference_id":"mfsa2022-26","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-15T18:14:23Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2022-26/"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1773717","reference_id":"show_bug.cgi?id=1773717","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-15T18:14:23Z/"}],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1773717"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/41799?format=json","purl":"pkg:deb/debian/firefox-esr@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/41784?format=json","purl":"pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/41782?format=json","purl":"pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zj6v-hmj8-syfy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/41786?format=json","purl":"pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zj6v-hmj8-syfy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/41785?format=json","purl":"pkg:deb/debian/firefox-esr@140.11.0esr-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zj6v-hmj8-syfy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.11.0esr-1%3Fdistro=trixie"}],"aliases":["CVE-2022-34478"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-qkrj-fmey-wbcy"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/1517?format=json","vulnerability_id":"VCID-r4dz-2h7g-pbc1","summary":"","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-5287.json","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-5287.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2016-5287","reference_id":"","reference_type":"","scores":[{"value":"0.00563","scoring_system":"epss","scoring_elements":"0.68933","published_at":"2026-06-14T12:55:00Z"},{"value":"0.00563","scoring_system":"epss","scoring_elements":"0.6883","published_at":"2026-06-11T12:55:00Z"},{"value":"0.00563","scoring_system":"epss","scoring_elements":"0.68924","published_at":"2026-06-12T12:55:00Z"},{"value":"0.00563","scoring_system":"epss","scoring_elements":"0.68937","published_at":"2026-06-13T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2016-5287"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.8","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:P/I:P/A:P"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1387586","reference_id":"1387586","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1387586"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2016-87","reference_id":"mfsa2016-87","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2016-87"},{"reference_url":"https://usn.ubuntu.com/3111-1/","reference_id":"USN-3111-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3111-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/41799?format=json","purl":"pkg:deb/debian/firefox-esr@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/41784?format=json","purl":"pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/41782?format=json","purl":"pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zj6v-hmj8-syfy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/41786?format=json","purl":"pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zj6v-hmj8-syfy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/41785?format=json","purl":"pkg:deb/debian/firefox-esr@140.11.0esr-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zj6v-hmj8-syfy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.11.0esr-1%3Fdistro=trixie"}],"aliases":["CVE-2016-5287"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-r4dz-2h7g-pbc1"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/133313?format=json","vulnerability_id":"VCID-r8g4-zz2s-sfh7","summary":"A compromised content process could have provided malicious data to `FilterNodeD2D1` resulting in an out-of-bounds write, leading to a potentially exploitable crash in a privileged process.\n*This bug only affects Firefox on Windows. Other operating systems are unaffected.* This vulnerability affects Firefox < 118, Firefox ESR < 115.3, and Thunderbird < 115.3.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-5168.json","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-5168.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2023-5168","reference_id":"","reference_type":"","scores":[{"value":"0.00256","scoring_system":"epss","scoring_elements":"0.49458","published_at":"2026-06-14T12:55:00Z"},{"value":"0.00256","scoring_system":"epss","scoring_elements":"0.49315","published_at":"2026-06-11T12:55:00Z"},{"value":"0.00256","scoring_system":"epss","scoring_elements":"0.49452","published_at":"2026-06-12T12:55:00Z"},{"value":"0.00256","scoring_system":"epss","scoring_elements":"0.4947","published_at":"2026-06-13T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2023-5168"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2240892","reference_id":"2240892","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2240892"},{"reference_url":"https://security.gentoo.org/glsa/202402-25","reference_id":"GLSA-202402-25","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202402-25"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2023-41","reference_id":"mfsa2023-41","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2023-41"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2023-41/","reference_id":"mfsa2023-41","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-04-23T13:27:10Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2023-41/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2023-42","reference_id":"mfsa2023-42","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2023-42"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2023-42/","reference_id":"mfsa2023-42","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-04-23T13:27:10Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2023-42/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2023-43","reference_id":"mfsa2023-43","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2023-43"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2023-43/","reference_id":"mfsa2023-43","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-04-23T13:27:10Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2023-43/"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1846683","reference_id":"show_bug.cgi?id=1846683","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-04-23T13:27:10Z/"}],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1846683"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/41799?format=json","purl":"pkg:deb/debian/firefox-esr@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/41784?format=json","purl":"pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/41782?format=json","purl":"pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zj6v-hmj8-syfy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/41786?format=json","purl":"pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zj6v-hmj8-syfy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/41785?format=json","purl":"pkg:deb/debian/firefox-esr@140.11.0esr-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zj6v-hmj8-syfy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.11.0esr-1%3Fdistro=trixie"}],"aliases":["CVE-2023-5168"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-r8g4-zz2s-sfh7"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/2213?format=json","vulnerability_id":"VCID-rbzd-h3y1-wfgp","summary":"","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2016-9896","reference_id":"","reference_type":"","scores":[{"value":"0.01539","scoring_system":"epss","scoring_elements":"0.81828","published_at":"2026-06-14T12:55:00Z"},{"value":"0.01539","scoring_system":"epss","scoring_elements":"0.81765","published_at":"2026-06-11T12:55:00Z"},{"value":"0.01539","scoring_system":"epss","scoring_elements":"0.81826","published_at":"2026-06-12T12:55:00Z"},{"value":"0.01539","scoring_system":"epss","scoring_elements":"0.81835","published_at":"2026-06-13T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2016-9896"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.8","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:P/I:P/A:P"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://security.archlinux.org/ASA-201612-15","reference_id":"ASA-201612-15","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201612-15"},{"reference_url":"https://security.archlinux.org/AVG-106","reference_id":"AVG-106","reference_type":"","scores":[{"value":"Critical","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-106"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2016-94","reference_id":"mfsa2016-94","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2016-94"},{"reference_url":"https://usn.ubuntu.com/3155-1/","reference_id":"USN-3155-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3155-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/41799?format=json","purl":"pkg:deb/debian/firefox-esr@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/41784?format=json","purl":"pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/41782?format=json","purl":"pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zj6v-hmj8-syfy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/41786?format=json","purl":"pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zj6v-hmj8-syfy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/41785?format=json","purl":"pkg:deb/debian/firefox-esr@140.11.0esr-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zj6v-hmj8-syfy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.11.0esr-1%3Fdistro=trixie"}],"aliases":["CVE-2016-9896"],"risk_score":4.5,"exploitability":"0.5","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-rbzd-h3y1-wfgp"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/133624?format=json","vulnerability_id":"VCID-rg51-rzun-u7aq","summary":"If Windows failed to duplicate a handle during process creation, the sandbox code may have inadvertently freed a pointer twice, resulting in a use-after-free and a potentially exploitable crash.\n*This bug only affects Firefox on Windows when run in non-standard configurations (such as using `runas`). Other operating systems are unaffected.* This vulnerability affects Firefox < 118, Firefox ESR < 115.3, and Thunderbird < 115.3.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-5174.json","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-5174.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2023-5174","reference_id":"","reference_type":"","scores":[{"value":"0.00445","scoring_system":"epss","scoring_elements":"0.63973","published_at":"2026-06-14T12:55:00Z"},{"value":"0.00445","scoring_system":"epss","scoring_elements":"0.63858","published_at":"2026-06-11T12:55:00Z"},{"value":"0.00445","scoring_system":"epss","scoring_elements":"0.63961","published_at":"2026-06-12T12:55:00Z"},{"value":"0.00445","scoring_system":"epss","scoring_elements":"0.63975","published_at":"2026-06-13T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2023-5174"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2240895","reference_id":"2240895","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2240895"},{"reference_url":"https://security.gentoo.org/glsa/202402-25","reference_id":"GLSA-202402-25","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202402-25"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2023-41","reference_id":"mfsa2023-41","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2023-41"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2023-41/","reference_id":"mfsa2023-41","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-04-23T13:27:08Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2023-41/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2023-42","reference_id":"mfsa2023-42","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2023-42"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2023-42/","reference_id":"mfsa2023-42","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-04-23T13:27:08Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2023-42/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2023-43","reference_id":"mfsa2023-43","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2023-43"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2023-43/","reference_id":"mfsa2023-43","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-04-23T13:27:08Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2023-43/"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1848454","reference_id":"show_bug.cgi?id=1848454","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-04-23T13:27:08Z/"}],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1848454"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/41799?format=json","purl":"pkg:deb/debian/firefox-esr@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/41784?format=json","purl":"pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/41782?format=json","purl":"pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zj6v-hmj8-syfy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/41786?format=json","purl":"pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zj6v-hmj8-syfy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/41785?format=json","purl":"pkg:deb/debian/firefox-esr@140.11.0esr-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zj6v-hmj8-syfy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.11.0esr-1%3Fdistro=trixie"}],"aliases":["CVE-2023-5174"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-rg51-rzun-u7aq"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/196994?format=json","vulnerability_id":"VCID-rpns-xxft-9ff2","summary":"multiple issues","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2017-5385","reference_id":"","reference_type":"","scores":[{"value":"0.00947","scoring_system":"epss","scoring_elements":"0.7676","published_at":"2026-06-11T12:55:00Z"},{"value":"0.00947","scoring_system":"epss","scoring_elements":"0.7683","published_at":"2026-06-12T12:55:00Z"},{"value":"0.00947","scoring_system":"epss","scoring_elements":"0.76844","published_at":"2026-06-13T12:55:00Z"},{"value":"0.00947","scoring_system":"epss","scoring_elements":"0.76838","published_at":"2026-06-14T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2017-5385"},{"reference_url":"https://security.archlinux.org/ASA-201701-39","reference_id":"ASA-201701-39","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201701-39"},{"reference_url":"https://security.archlinux.org/AVG-157","reference_id":"AVG-157","reference_type":"","scores":[{"value":"Critical","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-157"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2017-01","reference_id":"mfsa2017-01","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2017-01"},{"reference_url":"https://usn.ubuntu.com/3175-1/","reference_id":"USN-3175-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3175-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/41799?format=json","purl":"pkg:deb/debian/firefox-esr@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/41784?format=json","purl":"pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/41782?format=json","purl":"pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zj6v-hmj8-syfy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/41786?format=json","purl":"pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zj6v-hmj8-syfy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/41785?format=json","purl":"pkg:deb/debian/firefox-esr@140.11.0esr-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zj6v-hmj8-syfy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.11.0esr-1%3Fdistro=trixie"}],"aliases":["CVE-2017-5385"],"risk_score":4.5,"exploitability":"0.5","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-rpns-xxft-9ff2"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/140212?format=json","vulnerability_id":"VCID-rqb9-n7mt-wkce","summary":"When opening appref-ms files, Firefox did not warn the user that these files may contain malicious code. \n*This bug only affects Firefox on Windows. Other operating systems are unaffected.* This vulnerability affects Firefox < 116, Firefox ESR < 102.14, Firefox ESR < 115.1, Thunderbird < 102.14, and Thunderbird < 115.1.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-4054.json","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-4054.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2023-4054","reference_id":"","reference_type":"","scores":[{"value":"0.00034","scoring_system":"epss","scoring_elements":"0.10539","published_at":"2026-06-11T12:55:00Z"},{"value":"0.00034","scoring_system":"epss","scoring_elements":"0.10574","published_at":"2026-06-14T12:55:00Z"},{"value":"0.00034","scoring_system":"epss","scoring_elements":"0.10599","published_at":"2026-06-13T12:55:00Z"},{"value":"0.00034","scoring_system":"epss","scoring_elements":"0.10597","published_at":"2026-06-12T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2023-4054"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2228366","reference_id":"2228366","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2228366"},{"reference_url":"https://security.gentoo.org/glsa/202402-25","reference_id":"GLSA-202402-25","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202402-25"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2023-29","reference_id":"mfsa2023-29","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2023-29"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2023-29/","reference_id":"mfsa2023-29","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-22T14:37:04Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2023-29/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2023-30","reference_id":"mfsa2023-30","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2023-30"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2023-30/","reference_id":"mfsa2023-30","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-22T14:37:04Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2023-30/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2023-31","reference_id":"mfsa2023-31","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2023-31"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2023-31/","reference_id":"mfsa2023-31","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-22T14:37:04Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2023-31/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2023-32","reference_id":"mfsa2023-32","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2023-32"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2023-32/","reference_id":"mfsa2023-32","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-22T14:37:04Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2023-32/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2023-33","reference_id":"mfsa2023-33","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2023-33"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2023-33/","reference_id":"mfsa2023-33","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-22T14:37:04Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2023-33/"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1840777","reference_id":"show_bug.cgi?id=1840777","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-22T14:37:04Z/"}],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1840777"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/41799?format=json","purl":"pkg:deb/debian/firefox-esr@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/41784?format=json","purl":"pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/41782?format=json","purl":"pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zj6v-hmj8-syfy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/41786?format=json","purl":"pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zj6v-hmj8-syfy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/41785?format=json","purl":"pkg:deb/debian/firefox-esr@140.11.0esr-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zj6v-hmj8-syfy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.11.0esr-1%3Fdistro=trixie"}],"aliases":["CVE-2023-4054"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-rqb9-n7mt-wkce"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/17875?format=json","vulnerability_id":"VCID-rrdh-n6hv-h3er","summary":"","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-5726.json","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-5726.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2023-5726","reference_id":"","reference_type":"","scores":[{"value":"0.00173","scoring_system":"epss","scoring_elements":"0.38743","published_at":"2026-06-14T12:55:00Z"},{"value":"0.00173","scoring_system":"epss","scoring_elements":"0.38558","published_at":"2026-06-11T12:55:00Z"},{"value":"0.00173","scoring_system":"epss","scoring_elements":"0.3873","published_at":"2026-06-12T12:55:00Z"},{"value":"0.00173","scoring_system":"epss","scoring_elements":"0.38753","published_at":"2026-06-13T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2023-5726"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2245901","reference_id":"2245901","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2245901"},{"reference_url":"https://security.gentoo.org/glsa/202402-25","reference_id":"GLSA-202402-25","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202402-25"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2023-45","reference_id":"mfsa2023-45","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2023-45"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2023-45/","reference_id":"mfsa2023-45","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-11T18:53:41Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2023-45/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2023-46","reference_id":"mfsa2023-46","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2023-46"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2023-46/","reference_id":"mfsa2023-46","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-11T18:53:41Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2023-46/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2023-47","reference_id":"mfsa2023-47","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2023-47"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2023-47/","reference_id":"mfsa2023-47","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-11T18:53:41Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2023-47/"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1846205","reference_id":"show_bug.cgi?id=1846205","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-11T18:53:41Z/"}],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1846205"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/41799?format=json","purl":"pkg:deb/debian/firefox-esr@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/41784?format=json","purl":"pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/41782?format=json","purl":"pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zj6v-hmj8-syfy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/41786?format=json","purl":"pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zj6v-hmj8-syfy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/41785?format=json","purl":"pkg:deb/debian/firefox-esr@140.11.0esr-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zj6v-hmj8-syfy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.11.0esr-1%3Fdistro=trixie"}],"aliases":["CVE-2023-5726"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-rrdh-n6hv-h3er"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/212828?format=json","vulnerability_id":"VCID-rrhm-t616-9ke1","summary":"The Mozilla Windows updater modifies some files to be updated by reading the original file and applying changes to it. The location of the original file can be altered by a malicious user by passing a special path to the callback parameter through the Mozilla Maintenance Service, allowing the manipulation of files in the installation directory and privilege escalation by manipulating the Mozilla Maintenance Service, which has privileged access. Note: This attack requires local system access and only affects Windows. Other operating systems are not affected. This vulnerability affects Firefox ESR < 52.2 and Firefox < 54.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2017-7760","reference_id":"","reference_type":"","scores":[{"value":"0.00138","scoring_system":"epss","scoring_elements":"0.33597","published_at":"2026-06-11T12:55:00Z"},{"value":"0.00138","scoring_system":"epss","scoring_elements":"0.33777","published_at":"2026-06-12T12:55:00Z"},{"value":"0.00138","scoring_system":"epss","scoring_elements":"0.33799","published_at":"2026-06-13T12:55:00Z"},{"value":"0.00138","scoring_system":"epss","scoring_elements":"0.33774","published_at":"2026-06-14T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2017-7760"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2017-15","reference_id":"mfsa2017-15","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2017-15"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2017-16","reference_id":"mfsa2017-16","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2017-16"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/41799?format=json","purl":"pkg:deb/debian/firefox-esr@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/41784?format=json","purl":"pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/41782?format=json","purl":"pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zj6v-hmj8-syfy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/41786?format=json","purl":"pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zj6v-hmj8-syfy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/41785?format=json","purl":"pkg:deb/debian/firefox-esr@140.11.0esr-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zj6v-hmj8-syfy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.11.0esr-1%3Fdistro=trixie"}],"aliases":["CVE-2017-7760"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-rrhm-t616-9ke1"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/164536?format=json","vulnerability_id":"VCID-ruk3-gdnn-cugr","summary":"A data race could occur in the <code>PK11_ChangePW</code> function, potentially leading to a use-after-free vulnerability. In Firefox, this lock protected the data when a user changed their master password. This vulnerability affects Firefox ESR < 102.2 and Thunderbird < 102.2.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-38476.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-38476.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-38476","reference_id":"","reference_type":"","scores":[{"value":"0.00187","scoring_system":"epss","scoring_elements":"0.40522","published_at":"2026-06-14T12:55:00Z"},{"value":"0.00187","scoring_system":"epss","scoring_elements":"0.40343","published_at":"2026-06-11T12:55:00Z"},{"value":"0.00187","scoring_system":"epss","scoring_elements":"0.4051","published_at":"2026-06-12T12:55:00Z"},{"value":"0.00187","scoring_system":"epss","scoring_elements":"0.40533","published_at":"2026-06-13T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-38476"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2120678","reference_id":"2120678","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2120678"},{"reference_url":"https://security.gentoo.org/glsa/202208-37","reference_id":"GLSA-202208-37","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202208-37"},{"reference_url":"https://security.gentoo.org/glsa/202208-38","reference_id":"GLSA-202208-38","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202208-38"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2022-34","reference_id":"mfsa2022-34","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2022-34"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2022-34/","reference_id":"mfsa2022-34","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-15T17:23:43Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2022-34/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2022-36","reference_id":"mfsa2022-36","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2022-36"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2022-36/","reference_id":"mfsa2022-36","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-15T17:23:43Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2022-36/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:6164","reference_id":"RHSA-2022:6164","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:6164"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:6165","reference_id":"RHSA-2022:6165","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:6165"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:6166","reference_id":"RHSA-2022:6166","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:6166"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:6167","reference_id":"RHSA-2022:6167","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:6167"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:6168","reference_id":"RHSA-2022:6168","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:6168"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:6169","reference_id":"RHSA-2022:6169","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:6169"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:6174","reference_id":"RHSA-2022:6174","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:6174"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:6175","reference_id":"RHSA-2022:6175","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:6175"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:6176","reference_id":"RHSA-2022:6176","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:6176"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:6177","reference_id":"RHSA-2022:6177","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:6177"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:6178","reference_id":"RHSA-2022:6178","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:6178"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:6179","reference_id":"RHSA-2022:6179","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:6179"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1760998","reference_id":"show_bug.cgi?id=1760998","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-15T17:23:43Z/"}],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1760998"},{"reference_url":"https://usn.ubuntu.com/5663-1/","reference_id":"USN-5663-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5663-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/41799?format=json","purl":"pkg:deb/debian/firefox-esr@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/42157?format=json","purl":"pkg:deb/debian/firefox-esr@102.2.0esr-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@102.2.0esr-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/41784?format=json","purl":"pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/41782?format=json","purl":"pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zj6v-hmj8-syfy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/41786?format=json","purl":"pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zj6v-hmj8-syfy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/41785?format=json","purl":"pkg:deb/debian/firefox-esr@140.11.0esr-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zj6v-hmj8-syfy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.11.0esr-1%3Fdistro=trixie"}],"aliases":["CVE-2022-38476"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-ruk3-gdnn-cugr"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/196999?format=json","vulnerability_id":"VCID-rx9t-9db6-cbgv","summary":"multiple issues","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2017-5377","reference_id":"","reference_type":"","scores":[{"value":"0.01847","scoring_system":"epss","scoring_elements":"0.83398","published_at":"2026-06-11T12:55:00Z"},{"value":"0.01847","scoring_system":"epss","scoring_elements":"0.83459","published_at":"2026-06-12T12:55:00Z"},{"value":"0.01847","scoring_system":"epss","scoring_elements":"0.83468","published_at":"2026-06-13T12:55:00Z"},{"value":"0.01847","scoring_system":"epss","scoring_elements":"0.83465","published_at":"2026-06-14T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2017-5377"},{"reference_url":"https://security.archlinux.org/ASA-201701-39","reference_id":"ASA-201701-39","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201701-39"},{"reference_url":"https://security.archlinux.org/AVG-157","reference_id":"AVG-157","reference_type":"","scores":[{"value":"Critical","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-157"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2017-01","reference_id":"mfsa2017-01","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2017-01"},{"reference_url":"https://usn.ubuntu.com/3175-1/","reference_id":"USN-3175-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3175-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/41799?format=json","purl":"pkg:deb/debian/firefox-esr@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/41784?format=json","purl":"pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/41782?format=json","purl":"pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zj6v-hmj8-syfy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/41786?format=json","purl":"pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zj6v-hmj8-syfy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/41785?format=json","purl":"pkg:deb/debian/firefox-esr@140.11.0esr-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zj6v-hmj8-syfy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.11.0esr-1%3Fdistro=trixie"}],"aliases":["CVE-2017-5377"],"risk_score":4.5,"exploitability":"0.5","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-rx9t-9db6-cbgv"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/183555?format=json","vulnerability_id":"VCID-rxk4-t2wp-77d3","summary":"Multiple vulnerabilities have been found in Mozilla Firefox and\n    Thunderbird the worst of which could lead to the execution of arbitrary\n    code.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-5275.json","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-5275.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2016-5275","reference_id":"","reference_type":"","scores":[{"value":"0.01682","scoring_system":"epss","scoring_elements":"0.82655","published_at":"2026-06-14T12:55:00Z"},{"value":"0.01682","scoring_system":"epss","scoring_elements":"0.82591","published_at":"2026-06-11T12:55:00Z"},{"value":"0.01682","scoring_system":"epss","scoring_elements":"0.82653","published_at":"2026-06-12T12:55:00Z"},{"value":"0.01682","scoring_system":"epss","scoring_elements":"0.8266","published_at":"2026-06-13T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2016-5275"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1377667","reference_id":"1377667","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1377667"},{"reference_url":"https://security.archlinux.org/ASA-201609-22","reference_id":"ASA-201609-22","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201609-22"},{"reference_url":"https://security.archlinux.org/AVG-24","reference_id":"AVG-24","reference_type":"","scores":[{"value":"Critical","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-24"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2016-85","reference_id":"mfsa2016-85","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2016-85"},{"reference_url":"https://usn.ubuntu.com/3076-1/","reference_id":"USN-3076-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3076-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/41799?format=json","purl":"pkg:deb/debian/firefox-esr@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/41784?format=json","purl":"pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/41782?format=json","purl":"pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zj6v-hmj8-syfy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/41786?format=json","purl":"pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zj6v-hmj8-syfy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/41785?format=json","purl":"pkg:deb/debian/firefox-esr@140.11.0esr-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zj6v-hmj8-syfy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.11.0esr-1%3Fdistro=trixie"}],"aliases":["CVE-2016-5275"],"risk_score":4.5,"exploitability":"0.5","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-rxk4-t2wp-77d3"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/212916?format=json","vulnerability_id":"VCID-s3dj-v4yr-fkc9","summary":"During the initialization of a new content process, a race condition occurs that can allow a content process to disclose heap addresses from the parent process. *Note: this issue only occurs on Windows. Other operating systems are unaffected.*. This vulnerability affects Firefox ESR < 68.4 and Firefox < 72.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-17021.json","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-17021.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2019-17021","reference_id":"","reference_type":"","scores":[{"value":"0.00472","scoring_system":"epss","scoring_elements":"0.65092","published_at":"2026-06-11T12:55:00Z"},{"value":"0.00472","scoring_system":"epss","scoring_elements":"0.65193","published_at":"2026-06-12T12:55:00Z"},{"value":"0.00472","scoring_system":"epss","scoring_elements":"0.65204","published_at":"2026-06-13T12:55:00Z"},{"value":"0.00472","scoring_system":"epss","scoring_elements":"0.65202","published_at":"2026-06-14T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2019-17021"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1788725","reference_id":"1788725","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1788725"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2020-01","reference_id":"mfsa2020-01","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2020-01"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2020-02","reference_id":"mfsa2020-02","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2020-02"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2020-04","reference_id":"mfsa2020-04","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2020-04"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/41799?format=json","purl":"pkg:deb/debian/firefox-esr@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/41784?format=json","purl":"pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/41782?format=json","purl":"pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zj6v-hmj8-syfy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/41786?format=json","purl":"pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zj6v-hmj8-syfy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/41785?format=json","purl":"pkg:deb/debian/firefox-esr@140.11.0esr-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zj6v-hmj8-syfy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.11.0esr-1%3Fdistro=trixie"}],"aliases":["CVE-2019-17021"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-s3dj-v4yr-fkc9"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/212908?format=json","vulnerability_id":"VCID-s3x1-81jk-a3as","summary":"In the Windows 10 April 2018 Update, Windows Defender SmartScreen honors the \"SEE_MASK_FLAG_NO_UI\" flag associated with downloaded files and will not show any UI. Files that are unknown and potentially dangerous will be allowed to run because SmartScreen will not prompt the user for a decision, and if the user is offline all files will be allowed to be opened because Windows won't prompt the user to ask what to do. Firefox incorrectly sets this flag when downloading files, leading to less secure behavior from SmartScreen. Note: this issue only affects Windows 10 users running the April 2018 update or later. It does not affect other Windows users or other operating systems. This vulnerability affects Thunderbird < 52.8, Thunderbird ESR < 52.8, Firefox < 60, and Firefox ESR < 52.8.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-5174.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-5174.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2018-5174","reference_id":"","reference_type":"","scores":[{"value":"0.0054","scoring_system":"epss","scoring_elements":"0.68049","published_at":"2026-06-11T12:55:00Z"},{"value":"0.0054","scoring_system":"epss","scoring_elements":"0.68137","published_at":"2026-06-12T12:55:00Z"},{"value":"0.0054","scoring_system":"epss","scoring_elements":"0.6815","published_at":"2026-06-13T12:55:00Z"},{"value":"0.0054","scoring_system":"epss","scoring_elements":"0.68146","published_at":"2026-06-14T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2018-5174"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1576274","reference_id":"1576274","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1576274"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2018-11","reference_id":"mfsa2018-11","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2018-11"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2018-12","reference_id":"mfsa2018-12","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2018-12"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2018-13","reference_id":"mfsa2018-13","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2018-13"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/41799?format=json","purl":"pkg:deb/debian/firefox-esr@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/41784?format=json","purl":"pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/41782?format=json","purl":"pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zj6v-hmj8-syfy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/41786?format=json","purl":"pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zj6v-hmj8-syfy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/41785?format=json","purl":"pkg:deb/debian/firefox-esr@140.11.0esr-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zj6v-hmj8-syfy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.11.0esr-1%3Fdistro=trixie"}],"aliases":["CVE-2018-5174"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-s3x1-81jk-a3as"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/140754?format=json","vulnerability_id":"VCID-s7pv-km8j-k3ac","summary":"A local attacker can trick the Mozilla Maintenance Service into applying an unsigned update file by pointing the service at an update file on a malicious SMB server. The update file can be replaced after the signature check, before the use, because the write-lock requested by the service does not work on a SMB server.\n\n*Note: This attack requires local system access and only affects Windows. Other operating systems are not affected.* This vulnerability affects Firefox < 112, Firefox ESR < 102.10, and Thunderbird < 102.10.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-29532.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-29532.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2023-29532","reference_id":"","reference_type":"","scores":[{"value":"0.00085","scoring_system":"epss","scoring_elements":"0.24781","published_at":"2026-06-14T12:55:00Z"},{"value":"0.00085","scoring_system":"epss","scoring_elements":"0.24587","published_at":"2026-06-11T12:55:00Z"},{"value":"0.00085","scoring_system":"epss","scoring_elements":"0.24785","published_at":"2026-06-12T12:55:00Z"},{"value":"0.00085","scoring_system":"epss","scoring_elements":"0.24797","published_at":"2026-06-13T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2023-29532"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2186100","reference_id":"2186100","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2186100"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2023-13","reference_id":"mfsa2023-13","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2023-13"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2023-13/","reference_id":"mfsa2023-13","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-12-11T15:43:12Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2023-13/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2023-14","reference_id":"mfsa2023-14","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2023-14"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2023-14/","reference_id":"mfsa2023-14","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-12-11T15:43:12Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2023-14/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2023-15","reference_id":"mfsa2023-15","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2023-15"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2023-15/","reference_id":"mfsa2023-15","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-12-11T15:43:12Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2023-15/"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1806394","reference_id":"show_bug.cgi?id=1806394","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-12-11T15:43:12Z/"}],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1806394"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/41799?format=json","purl":"pkg:deb/debian/firefox-esr@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/41784?format=json","purl":"pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/41782?format=json","purl":"pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zj6v-hmj8-syfy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/41786?format=json","purl":"pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zj6v-hmj8-syfy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/41785?format=json","purl":"pkg:deb/debian/firefox-esr@140.11.0esr-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zj6v-hmj8-syfy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.11.0esr-1%3Fdistro=trixie"}],"aliases":["CVE-2023-29532"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-s7pv-km8j-k3ac"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/2032?format=json","vulnerability_id":"VCID-s96w-66ft-6bdq","summary":"","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-9067.json","reference_id":"","reference_type":"","scores":[{"value":"8.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-9067.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2016-9067","reference_id":"","reference_type":"","scores":[{"value":"0.01358","scoring_system":"epss","scoring_elements":"0.80624","published_at":"2026-06-12T12:55:00Z"},{"value":"0.01358","scoring_system":"epss","scoring_elements":"0.80627","published_at":"2026-06-14T12:55:00Z"},{"value":"0.01358","scoring_system":"epss","scoring_elements":"0.80563","published_at":"2026-06-11T12:55:00Z"},{"value":"0.01358","scoring_system":"epss","scoring_elements":"0.80635","published_at":"2026-06-13T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2016-9067"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.8","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:P/I:P/A:P"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1396539","reference_id":"1396539","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1396539"},{"reference_url":"https://security.archlinux.org/ASA-201611-16","reference_id":"ASA-201611-16","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201611-16"},{"reference_url":"https://security.archlinux.org/AVG-72","reference_id":"AVG-72","reference_type":"","scores":[{"value":"Critical","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-72"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2016-89","reference_id":"mfsa2016-89","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2016-89"},{"reference_url":"https://usn.ubuntu.com/3124-1/","reference_id":"USN-3124-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3124-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/41799?format=json","purl":"pkg:deb/debian/firefox-esr@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/41784?format=json","purl":"pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/41782?format=json","purl":"pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zj6v-hmj8-syfy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/41786?format=json","purl":"pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zj6v-hmj8-syfy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/41785?format=json","purl":"pkg:deb/debian/firefox-esr@140.11.0esr-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zj6v-hmj8-syfy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.11.0esr-1%3Fdistro=trixie"}],"aliases":["CVE-2016-9067"],"risk_score":4.5,"exploitability":"0.5","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-s96w-66ft-6bdq"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/2043?format=json","vulnerability_id":"VCID-sbd7-awjb-jqap","summary":"","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2016-9080","reference_id":"","reference_type":"","scores":[{"value":"0.01847","scoring_system":"epss","scoring_elements":"0.83465","published_at":"2026-06-14T12:55:00Z"},{"value":"0.01847","scoring_system":"epss","scoring_elements":"0.83398","published_at":"2026-06-11T12:55:00Z"},{"value":"0.01847","scoring_system":"epss","scoring_elements":"0.83459","published_at":"2026-06-12T12:55:00Z"},{"value":"0.01847","scoring_system":"epss","scoring_elements":"0.83468","published_at":"2026-06-13T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2016-9080"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.8","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:P/I:P/A:P"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://security.archlinux.org/ASA-201612-15","reference_id":"ASA-201612-15","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201612-15"},{"reference_url":"https://security.archlinux.org/AVG-106","reference_id":"AVG-106","reference_type":"","scores":[{"value":"Critical","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-106"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2016-94","reference_id":"mfsa2016-94","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2016-94"},{"reference_url":"https://usn.ubuntu.com/3155-1/","reference_id":"USN-3155-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3155-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/41799?format=json","purl":"pkg:deb/debian/firefox-esr@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/41784?format=json","purl":"pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/41782?format=json","purl":"pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zj6v-hmj8-syfy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/41786?format=json","purl":"pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zj6v-hmj8-syfy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/41785?format=json","purl":"pkg:deb/debian/firefox-esr@140.11.0esr-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zj6v-hmj8-syfy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.11.0esr-1%3Fdistro=trixie"}],"aliases":["CVE-2016-9080"],"risk_score":4.5,"exploitability":"0.5","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-sbd7-awjb-jqap"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/1101?format=json","vulnerability_id":"VCID-sest-bfue-63gg","summary":"","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-2817.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-2817.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2016-2817","reference_id":"","reference_type":"","scores":[{"value":"0.00399","scoring_system":"epss","scoring_elements":"0.61103","published_at":"2026-06-11T12:55:00Z"},{"value":"0.00399","scoring_system":"epss","scoring_elements":"0.61208","published_at":"2026-06-12T12:55:00Z"},{"value":"0.00399","scoring_system":"epss","scoring_elements":"0.61217","published_at":"2026-06-13T12:55:00Z"},{"value":"0.00399","scoring_system":"epss","scoring_elements":"0.61214","published_at":"2026-06-14T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2016-2817"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.8","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:P/I:P/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1330285","reference_id":"1330285","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1330285"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2817","reference_id":"CVE-2016-2817","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2817"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2016-46","reference_id":"mfsa2016-46","reference_type":"","scores":[{"value":"none","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2016-46"},{"reference_url":"https://usn.ubuntu.com/2936-1/","reference_id":"USN-2936-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/2936-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/41799?format=json","purl":"pkg:deb/debian/firefox-esr@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/41784?format=json","purl":"pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/41782?format=json","purl":"pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zj6v-hmj8-syfy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/41786?format=json","purl":"pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zj6v-hmj8-syfy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/41785?format=json","purl":"pkg:deb/debian/firefox-esr@140.11.0esr-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zj6v-hmj8-syfy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.11.0esr-1%3Fdistro=trixie"}],"aliases":["CVE-2016-2817"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-sest-bfue-63gg"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/9941?format=json","vulnerability_id":"VCID-sgad-z5pa-jkd7","summary":"","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-38501.json","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-38501.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2021-38501","reference_id":"","reference_type":"","scores":[{"value":"0.00502","scoring_system":"epss","scoring_elements":"0.66592","published_at":"2026-06-12T12:55:00Z"},{"value":"0.00502","scoring_system":"epss","scoring_elements":"0.66605","published_at":"2026-06-14T12:55:00Z"},{"value":"0.00502","scoring_system":"epss","scoring_elements":"0.66607","published_at":"2026-06-13T12:55:00Z"},{"value":"0.00502","scoring_system":"epss","scoring_elements":"0.66499","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2021-38501"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2011101","reference_id":"2011101","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2011101"},{"reference_url":"https://security.archlinux.org/AVG-2443","reference_id":"AVG-2443","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-2443"},{"reference_url":"https://security.archlinux.org/AVG-2459","reference_id":"AVG-2459","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-2459"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2021-43","reference_id":"mfsa2021-43","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2021-43"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2021-45","reference_id":"mfsa2021-45","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2021-45"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2021-47","reference_id":"mfsa2021-47","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2021-47"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:3755","reference_id":"RHSA-2021:3755","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:3755"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:3756","reference_id":"RHSA-2021:3756","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:3756"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:3757","reference_id":"RHSA-2021:3757","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:3757"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:3791","reference_id":"RHSA-2021:3791","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:3791"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:3838","reference_id":"RHSA-2021:3838","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:3838"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:3839","reference_id":"RHSA-2021:3839","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:3839"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:3840","reference_id":"RHSA-2021:3840","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:3840"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:3841","reference_id":"RHSA-2021:3841","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:3841"},{"reference_url":"https://usn.ubuntu.com/5107-1/","reference_id":"USN-5107-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5107-1/"},{"reference_url":"https://usn.ubuntu.com/5132-1/","reference_id":"USN-5132-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5132-1/"},{"reference_url":"https://usn.ubuntu.com/5248-1/","reference_id":"USN-5248-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5248-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/41799?format=json","purl":"pkg:deb/debian/firefox-esr@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/41784?format=json","purl":"pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/41782?format=json","purl":"pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zj6v-hmj8-syfy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/41786?format=json","purl":"pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zj6v-hmj8-syfy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/41785?format=json","purl":"pkg:deb/debian/firefox-esr@140.11.0esr-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zj6v-hmj8-syfy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.11.0esr-1%3Fdistro=trixie"}],"aliases":["CVE-2021-38501"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-sgad-z5pa-jkd7"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/2033?format=json","vulnerability_id":"VCID-sqnc-n11z-tqhr","summary":"","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-9068.json","reference_id":"","reference_type":"","scores":[{"value":"8.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-9068.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2016-9068","reference_id":"","reference_type":"","scores":[{"value":"0.01719","scoring_system":"epss","scoring_elements":"0.82866","published_at":"2026-06-14T12:55:00Z"},{"value":"0.01719","scoring_system":"epss","scoring_elements":"0.82801","published_at":"2026-06-11T12:55:00Z"},{"value":"0.01719","scoring_system":"epss","scoring_elements":"0.82862","published_at":"2026-06-12T12:55:00Z"},{"value":"0.01719","scoring_system":"epss","scoring_elements":"0.82871","published_at":"2026-06-13T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2016-9068"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.8","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:P/I:P/A:P"},{"value":"8.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1396542","reference_id":"1396542","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1396542"},{"reference_url":"https://security.archlinux.org/ASA-201611-16","reference_id":"ASA-201611-16","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201611-16"},{"reference_url":"https://security.archlinux.org/AVG-72","reference_id":"AVG-72","reference_type":"","scores":[{"value":"Critical","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-72"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2016-89","reference_id":"mfsa2016-89","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2016-89"},{"reference_url":"https://usn.ubuntu.com/3124-1/","reference_id":"USN-3124-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3124-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/41799?format=json","purl":"pkg:deb/debian/firefox-esr@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/41784?format=json","purl":"pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/41782?format=json","purl":"pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zj6v-hmj8-syfy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/41786?format=json","purl":"pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zj6v-hmj8-syfy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/41785?format=json","purl":"pkg:deb/debian/firefox-esr@140.11.0esr-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zj6v-hmj8-syfy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.11.0esr-1%3Fdistro=trixie"}],"aliases":["CVE-2016-9068"],"risk_score":4.5,"exploitability":"0.5","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-sqnc-n11z-tqhr"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/1097?format=json","vulnerability_id":"VCID-swh9-hapj-v7bf","summary":"","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-2813.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-2813.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2016-2813","reference_id":"","reference_type":"","scores":[{"value":"0.00472","scoring_system":"epss","scoring_elements":"0.6512","published_at":"2026-06-11T12:55:00Z"},{"value":"0.00472","scoring_system":"epss","scoring_elements":"0.6522","published_at":"2026-06-12T12:55:00Z"},{"value":"0.00472","scoring_system":"epss","scoring_elements":"0.65231","published_at":"2026-06-13T12:55:00Z"},{"value":"0.00472","scoring_system":"epss","scoring_elements":"0.65229","published_at":"2026-06-14T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2016-2813"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"2.6","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:H/Au:N/C:P/I:N/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1330278","reference_id":"1330278","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1330278"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2813","reference_id":"CVE-2016-2813","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2813"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2016-43","reference_id":"mfsa2016-43","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2016-43"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/41799?format=json","purl":"pkg:deb/debian/firefox-esr@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/41784?format=json","purl":"pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/41782?format=json","purl":"pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zj6v-hmj8-syfy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/41786?format=json","purl":"pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zj6v-hmj8-syfy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/41785?format=json","purl":"pkg:deb/debian/firefox-esr@140.11.0esr-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zj6v-hmj8-syfy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.11.0esr-1%3Fdistro=trixie"}],"aliases":["CVE-2016-2813"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-swh9-hapj-v7bf"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/212928?format=json","vulnerability_id":"VCID-t1cd-d54e-5yhm","summary":"Given an installed malicious file picker application, an attacker was able to overwrite local files and thus overwrite Firefox settings (but not access the previous profile). *Note: This issue only affected Firefox for Android. Other operating systems are unaffected.*. This vulnerability affects Firefox ESR < 68.11.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-15650.json","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-15650.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2020-15650","reference_id":"","reference_type":"","scores":[{"value":"0.00162","scoring_system":"epss","scoring_elements":"0.36936","published_at":"2026-06-11T12:55:00Z"},{"value":"0.00162","scoring_system":"epss","scoring_elements":"0.37114","published_at":"2026-06-12T12:55:00Z"},{"value":"0.00162","scoring_system":"epss","scoring_elements":"0.3714","published_at":"2026-06-13T12:55:00Z"},{"value":"0.00162","scoring_system":"epss","scoring_elements":"0.37125","published_at":"2026-06-14T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2020-15650"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1870410","reference_id":"1870410","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1870410"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2020-31","reference_id":"mfsa2020-31","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2020-31"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/41799?format=json","purl":"pkg:deb/debian/firefox-esr@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/41784?format=json","purl":"pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/41782?format=json","purl":"pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zj6v-hmj8-syfy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/41786?format=json","purl":"pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zj6v-hmj8-syfy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/41785?format=json","purl":"pkg:deb/debian/firefox-esr@140.11.0esr-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zj6v-hmj8-syfy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.11.0esr-1%3Fdistro=trixie"}],"aliases":["CVE-2020-15650"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-t1cd-d54e-5yhm"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/7622?format=json","vulnerability_id":"VCID-t4r8-auts-8yca","summary":"","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-12389.json","reference_id":"","reference_type":"","scores":[{"value":"10.0","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-12389.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2020-12389","reference_id":"","reference_type":"","scores":[{"value":"0.00669","scoring_system":"epss","scoring_elements":"0.7188","published_at":"2026-06-12T12:55:00Z"},{"value":"0.00669","scoring_system":"epss","scoring_elements":"0.71795","published_at":"2026-06-11T12:55:00Z"},{"value":"0.00669","scoring_system":"epss","scoring_elements":"0.71891","published_at":"2026-06-14T12:55:00Z"},{"value":"0.00669","scoring_system":"epss","scoring_elements":"0.71894","published_at":"2026-06-13T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2020-12389"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1831945","reference_id":"1831945","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1831945"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2020-16","reference_id":"mfsa2020-16","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2020-16"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2020-17","reference_id":"mfsa2020-17","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2020-17"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/41799?format=json","purl":"pkg:deb/debian/firefox-esr@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/41784?format=json","purl":"pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/41782?format=json","purl":"pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zj6v-hmj8-syfy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/41786?format=json","purl":"pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zj6v-hmj8-syfy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/41785?format=json","purl":"pkg:deb/debian/firefox-esr@140.11.0esr-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zj6v-hmj8-syfy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.11.0esr-1%3Fdistro=trixie"}],"aliases":["CVE-2020-12389"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-t4r8-auts-8yca"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/196990?format=json","vulnerability_id":"VCID-t7gs-maju-c3fe","summary":"multiple issues","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2017-5391","reference_id":"","reference_type":"","scores":[{"value":"0.02446","scoring_system":"epss","scoring_elements":"0.85518","published_at":"2026-06-11T12:55:00Z"},{"value":"0.02446","scoring_system":"epss","scoring_elements":"0.85569","published_at":"2026-06-12T12:55:00Z"},{"value":"0.02446","scoring_system":"epss","scoring_elements":"0.85579","published_at":"2026-06-13T12:55:00Z"},{"value":"0.02446","scoring_system":"epss","scoring_elements":"0.85571","published_at":"2026-06-14T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2017-5391"},{"reference_url":"https://security.archlinux.org/ASA-201701-39","reference_id":"ASA-201701-39","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201701-39"},{"reference_url":"https://security.archlinux.org/AVG-157","reference_id":"AVG-157","reference_type":"","scores":[{"value":"Critical","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-157"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2017-01","reference_id":"mfsa2017-01","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2017-01"},{"reference_url":"https://usn.ubuntu.com/3175-1/","reference_id":"USN-3175-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3175-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/41799?format=json","purl":"pkg:deb/debian/firefox-esr@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/41784?format=json","purl":"pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/41782?format=json","purl":"pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zj6v-hmj8-syfy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/41786?format=json","purl":"pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zj6v-hmj8-syfy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/41785?format=json","purl":"pkg:deb/debian/firefox-esr@140.11.0esr-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zj6v-hmj8-syfy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.11.0esr-1%3Fdistro=trixie"}],"aliases":["CVE-2017-5391"],"risk_score":4.5,"exploitability":"0.5","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-t7gs-maju-c3fe"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/6134?format=json","vulnerability_id":"VCID-tqq2-t879-uuhk","summary":"","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-11751.json","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-11751.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2019-11751","reference_id":"","reference_type":"","scores":[{"value":"0.00501","scoring_system":"epss","scoring_elements":"0.66528","published_at":"2026-06-12T12:55:00Z"},{"value":"0.00501","scoring_system":"epss","scoring_elements":"0.66435","published_at":"2026-06-11T12:55:00Z"},{"value":"0.00501","scoring_system":"epss","scoring_elements":"0.66541","published_at":"2026-06-14T12:55:00Z"},{"value":"0.00501","scoring_system":"epss","scoring_elements":"0.66543","published_at":"2026-06-13T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2019-11751"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1748668","reference_id":"1748668","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1748668"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2019-25","reference_id":"mfsa2019-25","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2019-25"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2019-26","reference_id":"mfsa2019-26","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2019-26"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/41799?format=json","purl":"pkg:deb/debian/firefox-esr@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/41784?format=json","purl":"pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/41782?format=json","purl":"pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zj6v-hmj8-syfy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/41786?format=json","purl":"pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zj6v-hmj8-syfy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/41785?format=json","purl":"pkg:deb/debian/firefox-esr@140.11.0esr-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zj6v-hmj8-syfy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.11.0esr-1%3Fdistro=trixie"}],"aliases":["CVE-2019-11751"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-tqq2-t879-uuhk"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/1094?format=json","vulnerability_id":"VCID-tzas-8qm7-m3cx","summary":"","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-2810.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-2810.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2016-2810","reference_id":"","reference_type":"","scores":[{"value":"0.00272","scoring_system":"epss","scoring_elements":"0.50892","published_at":"2026-06-11T12:55:00Z"},{"value":"0.00272","scoring_system":"epss","scoring_elements":"0.51024","published_at":"2026-06-12T12:55:00Z"},{"value":"0.00272","scoring_system":"epss","scoring_elements":"0.51039","published_at":"2026-06-13T12:55:00Z"},{"value":"0.00272","scoring_system":"epss","scoring_elements":"0.51026","published_at":"2026-06-14T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2016-2810"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:P/I:N/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1330274","reference_id":"1330274","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1330274"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2810","reference_id":"CVE-2016-2810","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2810"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2016-41","reference_id":"mfsa2016-41","reference_type":"","scores":[{"value":"none","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2016-41"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/41799?format=json","purl":"pkg:deb/debian/firefox-esr@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/41784?format=json","purl":"pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/41782?format=json","purl":"pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zj6v-hmj8-syfy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/41786?format=json","purl":"pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zj6v-hmj8-syfy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/41785?format=json","purl":"pkg:deb/debian/firefox-esr@140.11.0esr-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zj6v-hmj8-syfy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.11.0esr-1%3Fdistro=trixie"}],"aliases":["CVE-2016-2810"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-tzas-8qm7-m3cx"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/25835?format=json","vulnerability_id":"VCID-u8nr-sdza-57b2","summary":"","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-6426.json","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-6426.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-6426","reference_id":"","reference_type":"","scores":[{"value":"0.00138","scoring_system":"epss","scoring_elements":"0.33706","published_at":"2026-06-14T12:55:00Z"},{"value":"0.00138","scoring_system":"epss","scoring_elements":"0.33731","published_at":"2026-06-13T12:55:00Z"},{"value":"0.00138","scoring_system":"epss","scoring_elements":"0.33709","published_at":"2026-06-12T12:55:00Z"},{"value":"0.00138","scoring_system":"epss","scoring_elements":"0.33529","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-6426"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"8.2","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2374560","reference_id":"2374560","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2374560"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-51","reference_id":"mfsa2025-51","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-51"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2025-51/","reference_id":"mfsa2025-51","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-06-25T14:21:30Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2025-51/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-53","reference_id":"mfsa2025-53","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-53"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2025-53/","reference_id":"mfsa2025-53","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-06-25T14:21:30Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2025-53/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-54","reference_id":"mfsa2025-54","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-54"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2025-54/","reference_id":"mfsa2025-54","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-06-25T14:21:30Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2025-54/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-55","reference_id":"mfsa2025-55","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-55"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2025-55/","reference_id":"mfsa2025-55","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-06-25T14:21:30Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2025-55/"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1964385","reference_id":"show_bug.cgi?id=1964385","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-06-25T14:21:30Z/"}],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1964385"},{"reference_url":"https://usn.ubuntu.com/7663-1/","reference_id":"USN-7663-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7663-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/41799?format=json","purl":"pkg:deb/debian/firefox-esr@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/41784?format=json","purl":"pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/41782?format=json","purl":"pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zj6v-hmj8-syfy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/41786?format=json","purl":"pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zj6v-hmj8-syfy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/41785?format=json","purl":"pkg:deb/debian/firefox-esr@140.11.0esr-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zj6v-hmj8-syfy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.11.0esr-1%3Fdistro=trixie"}],"aliases":["CVE-2025-6426"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-u8nr-sdza-57b2"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/196995?format=json","vulnerability_id":"VCID-unmt-jsyx-f3bg","summary":"multiple issues","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2017-5384","reference_id":"","reference_type":"","scores":[{"value":"0.00764","scoring_system":"epss","scoring_elements":"0.73874","published_at":"2026-06-11T12:55:00Z"},{"value":"0.00764","scoring_system":"epss","scoring_elements":"0.73948","published_at":"2026-06-12T12:55:00Z"},{"value":"0.00764","scoring_system":"epss","scoring_elements":"0.73963","published_at":"2026-06-14T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2017-5384"},{"reference_url":"https://security.archlinux.org/ASA-201701-39","reference_id":"ASA-201701-39","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201701-39"},{"reference_url":"https://security.archlinux.org/AVG-157","reference_id":"AVG-157","reference_type":"","scores":[{"value":"Critical","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-157"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2017-01","reference_id":"mfsa2017-01","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2017-01"},{"reference_url":"https://usn.ubuntu.com/3175-1/","reference_id":"USN-3175-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3175-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/41799?format=json","purl":"pkg:deb/debian/firefox-esr@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/41784?format=json","purl":"pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/41782?format=json","purl":"pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zj6v-hmj8-syfy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/41786?format=json","purl":"pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zj6v-hmj8-syfy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/41785?format=json","purl":"pkg:deb/debian/firefox-esr@140.11.0esr-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zj6v-hmj8-syfy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.11.0esr-1%3Fdistro=trixie"}],"aliases":["CVE-2017-5384"],"risk_score":4.5,"exploitability":"0.5","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-unmt-jsyx-f3bg"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/140187?format=json","vulnerability_id":"VCID-uzu6-54x4-b3f9","summary":"A website could have obscured the full screen notification by using a URL with a scheme handled by an external program, such as a mailto URL. This could have led to user confusion and possible spoofing attacks. This vulnerability affects Firefox < 116, Firefox ESR < 115.2, and Thunderbird < 115.2.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-4053.json","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-4053.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2023-4053","reference_id":"","reference_type":"","scores":[{"value":"0.00145","scoring_system":"epss","scoring_elements":"0.34808","published_at":"2026-06-14T12:55:00Z"},{"value":"0.00145","scoring_system":"epss","scoring_elements":"0.34827","published_at":"2026-06-13T12:55:00Z"},{"value":"0.00145","scoring_system":"epss","scoring_elements":"0.34802","published_at":"2026-06-12T12:55:00Z"},{"value":"0.00145","scoring_system":"epss","scoring_elements":"0.34624","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2023-4053"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2236078","reference_id":"2236078","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2236078"},{"reference_url":"https://security.gentoo.org/glsa/202402-25","reference_id":"GLSA-202402-25","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202402-25"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2023-29","reference_id":"mfsa2023-29","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2023-29"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2023-29/","reference_id":"mfsa2023-29","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-22T14:37:53Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2023-29/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2023-36","reference_id":"mfsa2023-36","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2023-36"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2023-36/","reference_id":"mfsa2023-36","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-22T14:37:53Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2023-36/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2023-38","reference_id":"mfsa2023-38","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2023-38"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2023-38/","reference_id":"mfsa2023-38","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-22T14:37:53Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2023-38/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4945","reference_id":"RHSA-2023:4945","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4945"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4946","reference_id":"RHSA-2023:4946","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4946"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4947","reference_id":"RHSA-2023:4947","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4947"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4948","reference_id":"RHSA-2023:4948","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4948"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4949","reference_id":"RHSA-2023:4949","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4949"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4950","reference_id":"RHSA-2023:4950","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4950"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4951","reference_id":"RHSA-2023:4951","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4951"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4952","reference_id":"RHSA-2023:4952","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4952"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4954","reference_id":"RHSA-2023:4954","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4954"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4955","reference_id":"RHSA-2023:4955","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4955"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4956","reference_id":"RHSA-2023:4956","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4956"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4957","reference_id":"RHSA-2023:4957","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4957"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4958","reference_id":"RHSA-2023:4958","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4958"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4959","reference_id":"RHSA-2023:4959","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4959"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:5019","reference_id":"RHSA-2023:5019","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:5019"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1839079","reference_id":"show_bug.cgi?id=1839079","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-22T14:37:53Z/"}],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1839079"},{"reference_url":"https://usn.ubuntu.com/6267-1/","reference_id":"USN-6267-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6267-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/41799?format=json","purl":"pkg:deb/debian/firefox-esr@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/42184?format=json","purl":"pkg:deb/debian/firefox-esr@115.2.0esr-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@115.2.0esr-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/41784?format=json","purl":"pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/41782?format=json","purl":"pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zj6v-hmj8-syfy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/41786?format=json","purl":"pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zj6v-hmj8-syfy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/41785?format=json","purl":"pkg:deb/debian/firefox-esr@140.11.0esr-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zj6v-hmj8-syfy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.11.0esr-1%3Fdistro=trixie"}],"aliases":["CVE-2023-4053"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-uzu6-54x4-b3f9"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/130462?format=json","vulnerability_id":"VCID-v5yj-mbn7-kkgj","summary":"When copying a network request from the developer tools panel as a curl command the output was not being properly sanitized and could allow arbitrary commands to be hidden within. This vulnerability affects Firefox < 109, Firefox ESR < 102.7, and Thunderbird < 102.7.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-23599.json","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-23599.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2023-23599","reference_id":"","reference_type":"","scores":[{"value":"0.00142","scoring_system":"epss","scoring_elements":"0.34299","published_at":"2026-06-14T12:55:00Z"},{"value":"0.00142","scoring_system":"epss","scoring_elements":"0.3432","published_at":"2026-06-13T12:55:00Z"},{"value":"0.00142","scoring_system":"epss","scoring_elements":"0.34295","published_at":"2026-06-12T12:55:00Z"},{"value":"0.00142","scoring_system":"epss","scoring_elements":"0.34118","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2023-23599"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2162339","reference_id":"2162339","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2162339"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2023-01","reference_id":"mfsa2023-01","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2023-01"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2023-01/","reference_id":"mfsa2023-01","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-09T16:21:01Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2023-01/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2023-02","reference_id":"mfsa2023-02","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2023-02"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2023-02/","reference_id":"mfsa2023-02","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-09T16:21:01Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2023-02/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2023-03","reference_id":"mfsa2023-03","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2023-03"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2023-03/","reference_id":"mfsa2023-03","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-09T16:21:01Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2023-03/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:0285","reference_id":"RHSA-2023:0285","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:0285"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:0286","reference_id":"RHSA-2023:0286","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:0286"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:0288","reference_id":"RHSA-2023:0288","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:0288"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:0289","reference_id":"RHSA-2023:0289","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:0289"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:0290","reference_id":"RHSA-2023:0290","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:0290"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:0294","reference_id":"RHSA-2023:0294","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:0294"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:0295","reference_id":"RHSA-2023:0295","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:0295"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:0296","reference_id":"RHSA-2023:0296","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:0296"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:0456","reference_id":"RHSA-2023:0456","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:0456"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:0457","reference_id":"RHSA-2023:0457","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:0457"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:0459","reference_id":"RHSA-2023:0459","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:0459"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:0460","reference_id":"RHSA-2023:0460","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:0460"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:0461","reference_id":"RHSA-2023:0461","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:0461"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:0462","reference_id":"RHSA-2023:0462","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:0462"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:0463","reference_id":"RHSA-2023:0463","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:0463"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:0476","reference_id":"RHSA-2023:0476","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:0476"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1777800","reference_id":"show_bug.cgi?id=1777800","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-09T16:21:01Z/"}],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1777800"},{"reference_url":"https://usn.ubuntu.com/5816-1/","reference_id":"USN-5816-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5816-1/"},{"reference_url":"https://usn.ubuntu.com/5824-1/","reference_id":"USN-5824-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5824-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/41799?format=json","purl":"pkg:deb/debian/firefox-esr@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/41784?format=json","purl":"pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/41782?format=json","purl":"pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zj6v-hmj8-syfy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/41786?format=json","purl":"pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zj6v-hmj8-syfy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/41785?format=json","purl":"pkg:deb/debian/firefox-esr@140.11.0esr-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zj6v-hmj8-syfy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.11.0esr-1%3Fdistro=trixie"}],"aliases":["CVE-2023-23599"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-v5yj-mbn7-kkgj"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/212833?format=json","vulnerability_id":"VCID-v83h-67f5-yuck","summary":"An attack using manipulation of \"updater.ini\" contents, used by the Mozilla Windows Updater, and privilege escalation through the Mozilla Maintenance Service to allow for arbitrary file execution and deletion by the Maintenance Service, which has privileged access. Note: This attack requires local system access and only affects Windows. Other operating systems are not affected. This vulnerability affects Firefox ESR < 52.2 and Firefox < 54.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2017-7766","reference_id":"","reference_type":"","scores":[{"value":"0.00174","scoring_system":"epss","scoring_elements":"0.38639","published_at":"2026-06-11T12:55:00Z"},{"value":"0.00174","scoring_system":"epss","scoring_elements":"0.38812","published_at":"2026-06-12T12:55:00Z"},{"value":"0.00174","scoring_system":"epss","scoring_elements":"0.38835","published_at":"2026-06-13T12:55:00Z"},{"value":"0.00174","scoring_system":"epss","scoring_elements":"0.38825","published_at":"2026-06-14T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2017-7766"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2017-15","reference_id":"mfsa2017-15","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2017-15"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2017-16","reference_id":"mfsa2017-16","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2017-16"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/41799?format=json","purl":"pkg:deb/debian/firefox-esr@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/41784?format=json","purl":"pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/41782?format=json","purl":"pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zj6v-hmj8-syfy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/41786?format=json","purl":"pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zj6v-hmj8-syfy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/41785?format=json","purl":"pkg:deb/debian/firefox-esr@140.11.0esr-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zj6v-hmj8-syfy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.11.0esr-1%3Fdistro=trixie"}],"aliases":["CVE-2017-7766"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-v83h-67f5-yuck"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/1519?format=json","vulnerability_id":"VCID-v9a7-k1sv-33g1","summary":"","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-5289.json","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-5289.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2016-5289","reference_id":"","reference_type":"","scores":[{"value":"0.01811","scoring_system":"epss","scoring_elements":"0.83298","published_at":"2026-06-12T12:55:00Z"},{"value":"0.01811","scoring_system":"epss","scoring_elements":"0.83303","published_at":"2026-06-14T12:55:00Z"},{"value":"0.01811","scoring_system":"epss","scoring_elements":"0.83237","published_at":"2026-06-11T12:55:00Z"},{"value":"0.01811","scoring_system":"epss","scoring_elements":"0.83307","published_at":"2026-06-13T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2016-5289"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.8","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:P/I:P/A:P"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1395098","reference_id":"1395098","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1395098"},{"reference_url":"https://security.archlinux.org/ASA-201611-16","reference_id":"ASA-201611-16","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201611-16"},{"reference_url":"https://security.archlinux.org/AVG-72","reference_id":"AVG-72","reference_type":"","scores":[{"value":"Critical","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-72"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2016-89","reference_id":"mfsa2016-89","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2016-89"},{"reference_url":"https://usn.ubuntu.com/3124-1/","reference_id":"USN-3124-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3124-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/41799?format=json","purl":"pkg:deb/debian/firefox-esr@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/41784?format=json","purl":"pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/41782?format=json","purl":"pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zj6v-hmj8-syfy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/41786?format=json","purl":"pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zj6v-hmj8-syfy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/41785?format=json","purl":"pkg:deb/debian/firefox-esr@140.11.0esr-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zj6v-hmj8-syfy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.11.0esr-1%3Fdistro=trixie"}],"aliases":["CVE-2016-5289"],"risk_score":4.5,"exploitability":"0.5","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-v9a7-k1sv-33g1"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/3567?format=json","vulnerability_id":"VCID-vbw2-xvku-4bcv","summary":"","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-5430.json","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-5430.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2017-5430","reference_id":"","reference_type":"","scores":[{"value":"0.00746","scoring_system":"epss","scoring_elements":"0.73581","published_at":"2026-06-12T12:55:00Z"},{"value":"0.00746","scoring_system":"epss","scoring_elements":"0.73594","published_at":"2026-06-14T12:55:00Z"},{"value":"0.00746","scoring_system":"epss","scoring_elements":"0.73507","published_at":"2026-06-11T12:55:00Z"},{"value":"0.00746","scoring_system":"epss","scoring_elements":"0.73596","published_at":"2026-06-13T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2017-5430"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.8","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:P/I:P/A:P"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1443331","reference_id":"1443331","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1443331"},{"reference_url":"https://security.archlinux.org/ASA-201704-6","reference_id":"ASA-201704-6","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201704-6"},{"reference_url":"https://security.archlinux.org/AVG-249","reference_id":"AVG-249","reference_type":"","scores":[{"value":"Critical","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-249"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2017-10","reference_id":"mfsa2017-10","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2017-10"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2017-12","reference_id":"mfsa2017-12","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2017-12"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2017-13","reference_id":"mfsa2017-13","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2017-13"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:1106","reference_id":"RHSA-2017:1106","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:1106"},{"reference_url":"https://usn.ubuntu.com/3260-1/","reference_id":"USN-3260-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3260-1/"},{"reference_url":"https://usn.ubuntu.com/3278-1/","reference_id":"USN-3278-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3278-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/41799?format=json","purl":"pkg:deb/debian/firefox-esr@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/41784?format=json","purl":"pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/41782?format=json","purl":"pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zj6v-hmj8-syfy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/41786?format=json","purl":"pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zj6v-hmj8-syfy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/41785?format=json","purl":"pkg:deb/debian/firefox-esr@140.11.0esr-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zj6v-hmj8-syfy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.11.0esr-1%3Fdistro=trixie"}],"aliases":["CVE-2017-5430"],"risk_score":4.5,"exploitability":"0.5","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-vbw2-xvku-4bcv"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/140633?format=json","vulnerability_id":"VCID-vjzb-cksu-8uad","summary":"A newline in a filename could have been used to bypass the file extension security mechanisms that replace malicious file extensions such as .lnk  with .download. This could have led to accidental execution of malicious code.\n\n*This bug only affects Firefox and Thunderbird on Windows. Other versions of Firefox and Thunderbird are unaffected.* This vulnerability affects Firefox < 112, Firefox ESR < 102.10, and Thunderbird < 102.10.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-29542.json","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-29542.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2023-29542","reference_id":"","reference_type":"","scores":[{"value":"0.00134","scoring_system":"epss","scoring_elements":"0.33077","published_at":"2026-06-11T12:55:00Z"},{"value":"0.00134","scoring_system":"epss","scoring_elements":"0.33255","published_at":"2026-06-14T12:55:00Z"},{"value":"0.00134","scoring_system":"epss","scoring_elements":"0.33278","published_at":"2026-06-13T12:55:00Z"},{"value":"0.00134","scoring_system":"epss","scoring_elements":"0.33258","published_at":"2026-06-12T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2023-29542"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2186107","reference_id":"2186107","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2186107"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2023-13","reference_id":"mfsa2023-13","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2023-13"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2023-13/","reference_id":"mfsa2023-13","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-12-11T15:45:52Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2023-13/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2023-14","reference_id":"mfsa2023-14","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2023-14"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2023-14/","reference_id":"mfsa2023-14","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-12-11T15:45:52Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2023-14/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2023-15","reference_id":"mfsa2023-15","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2023-15"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2023-15/","reference_id":"mfsa2023-15","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-12-11T15:45:52Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2023-15/"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1810793","reference_id":"show_bug.cgi?id=1810793","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-12-11T15:45:52Z/"}],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1810793"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1815062","reference_id":"show_bug.cgi?id=1815062","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-12-11T15:45:52Z/"}],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1815062"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/41799?format=json","purl":"pkg:deb/debian/firefox-esr@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/41784?format=json","purl":"pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/41782?format=json","purl":"pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zj6v-hmj8-syfy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/41786?format=json","purl":"pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zj6v-hmj8-syfy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/41785?format=json","purl":"pkg:deb/debian/firefox-esr@140.11.0esr-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zj6v-hmj8-syfy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.11.0esr-1%3Fdistro=trixie"}],"aliases":["CVE-2023-29542"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-vjzb-cksu-8uad"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/30176?format=json","vulnerability_id":"VCID-vnae-cbn4-aqh6","summary":"","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-8959.json","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-8959.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-8959","reference_id":"","reference_type":"","scores":[{"value":"0.00164","scoring_system":"epss","scoring_elements":"0.37422","published_at":"2026-06-14T12:55:00Z"},{"value":"0.00164","scoring_system":"epss","scoring_elements":"0.37436","published_at":"2026-06-13T12:55:00Z"},{"value":"0.00164","scoring_system":"epss","scoring_elements":"0.37411","published_at":"2026-06-12T12:55:00Z"},{"value":"0.00164","scoring_system":"epss","scoring_elements":"0.37234","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-8959"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2479861","reference_id":"2479861","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2479861"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-46","reference_id":"mfsa2026-46","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-46"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-46/","reference_id":"mfsa2026-46","reference_type":"","scores":[{"value":"9.6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-05-19T16:07:42Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-46/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-48","reference_id":"mfsa2026-48","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-48"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-48/","reference_id":"mfsa2026-48","reference_type":"","scores":[{"value":"9.6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-05-19T16:07:42Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-48/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-50","reference_id":"mfsa2026-50","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-50"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-50/","reference_id":"mfsa2026-50","reference_type":"","scores":[{"value":"9.6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-05-19T16:07:42Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-50/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-51","reference_id":"mfsa2026-51","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2026-51"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2026-51/","reference_id":"mfsa2026-51","reference_type":"","scores":[{"value":"9.6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-05-19T16:07:42Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2026-51/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:21381","reference_id":"RHSA-2026:21381","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:21381"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:22325","reference_id":"RHSA-2026:22325","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:22325"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:22643","reference_id":"RHSA-2026:22643","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:22643"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=2034754","reference_id":"show_bug.cgi?id=2034754","reference_type":"","scores":[{"value":"9.6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-05-19T16:07:42Z/"}],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=2034754"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/41799?format=json","purl":"pkg:deb/debian/firefox-esr@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/41784?format=json","purl":"pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/41782?format=json","purl":"pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zj6v-hmj8-syfy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/41786?format=json","purl":"pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zj6v-hmj8-syfy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/41785?format=json","purl":"pkg:deb/debian/firefox-esr@140.11.0esr-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zj6v-hmj8-syfy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.11.0esr-1%3Fdistro=trixie"}],"aliases":["CVE-2026-8959"],"risk_score":4.3,"exploitability":"0.5","weighted_severity":"8.6","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-vnae-cbn4-aqh6"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/139903?format=json","vulnerability_id":"VCID-vqq5-t48g-z3ap","summary":"On Windows, an integer overflow could occur in `RecordedSourceSurfaceCreation` which resulted in a heap buffer overflow potentially leaking sensitive data that could have led to a sandbox escape.\n*This bug only affects Firefox on Windows. Other operating systems are unaffected.* This vulnerability affects Firefox < 117, Firefox ESR < 102.15, Firefox ESR < 115.2, Thunderbird < 102.15, and Thunderbird < 115.2.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-4576.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-4576.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2023-4576","reference_id":"","reference_type":"","scores":[{"value":"0.00235","scoring_system":"epss","scoring_elements":"0.46698","published_at":"2026-06-11T12:55:00Z"},{"value":"0.00235","scoring_system":"epss","scoring_elements":"0.46836","published_at":"2026-06-14T12:55:00Z"},{"value":"0.00235","scoring_system":"epss","scoring_elements":"0.46855","published_at":"2026-06-13T12:55:00Z"},{"value":"0.00235","scoring_system":"epss","scoring_elements":"0.46841","published_at":"2026-06-12T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2023-4576"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2236074","reference_id":"2236074","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2236074"},{"reference_url":"https://security.gentoo.org/glsa/202402-25","reference_id":"GLSA-202402-25","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202402-25"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2023-34","reference_id":"mfsa2023-34","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2023-34"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2023-34/","reference_id":"mfsa2023-34","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-09-26T14:57:46Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2023-34/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2023-35","reference_id":"mfsa2023-35","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2023-35"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2023-35/","reference_id":"mfsa2023-35","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-09-26T14:57:46Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2023-35/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2023-36","reference_id":"mfsa2023-36","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2023-36"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2023-36/","reference_id":"mfsa2023-36","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-09-26T14:57:46Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2023-36/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2023-37","reference_id":"mfsa2023-37","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2023-37"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2023-37/","reference_id":"mfsa2023-37","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-09-26T14:57:46Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2023-37/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2023-38","reference_id":"mfsa2023-38","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2023-38"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2023-38/","reference_id":"mfsa2023-38","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-09-26T14:57:46Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2023-38/"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1846694","reference_id":"show_bug.cgi?id=1846694","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-09-26T14:57:46Z/"}],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1846694"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/41799?format=json","purl":"pkg:deb/debian/firefox-esr@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/41784?format=json","purl":"pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/41782?format=json","purl":"pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zj6v-hmj8-syfy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/41786?format=json","purl":"pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zj6v-hmj8-syfy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/41785?format=json","purl":"pkg:deb/debian/firefox-esr@140.11.0esr-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zj6v-hmj8-syfy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.11.0esr-1%3Fdistro=trixie"}],"aliases":["CVE-2023-4576"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-vqq5-t48g-z3ap"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/7621?format=json","vulnerability_id":"VCID-vv6p-8cn3-z7fj","summary":"","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-12388.json","reference_id":"","reference_type":"","scores":[{"value":"10.0","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-12388.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2020-12388","reference_id":"","reference_type":"","scores":[{"value":"0.00574","scoring_system":"epss","scoring_elements":"0.69305","published_at":"2026-06-12T12:55:00Z"},{"value":"0.00574","scoring_system":"epss","scoring_elements":"0.69213","published_at":"2026-06-11T12:55:00Z"},{"value":"0.00574","scoring_system":"epss","scoring_elements":"0.69311","published_at":"2026-06-14T12:55:00Z"},{"value":"0.00574","scoring_system":"epss","scoring_elements":"0.69317","published_at":"2026-06-13T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2020-12388"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1831944","reference_id":"1831944","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1831944"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2020-16","reference_id":"mfsa2020-16","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2020-16"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2020-17","reference_id":"mfsa2020-17","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2020-17"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/41799?format=json","purl":"pkg:deb/debian/firefox-esr@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/41784?format=json","purl":"pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/41782?format=json","purl":"pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zj6v-hmj8-syfy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/41786?format=json","purl":"pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zj6v-hmj8-syfy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/41785?format=json","purl":"pkg:deb/debian/firefox-esr@140.11.0esr-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zj6v-hmj8-syfy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.11.0esr-1%3Fdistro=trixie"}],"aliases":["CVE-2020-12388"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-vv6p-8cn3-z7fj"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/1109?format=json","vulnerability_id":"VCID-vwjv-ym6f-83e3","summary":"","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2016-2826","reference_id":"","reference_type":"","scores":[{"value":"0.00053","scoring_system":"epss","scoring_elements":"0.1696","published_at":"2026-06-11T12:55:00Z"},{"value":"0.00053","scoring_system":"epss","scoring_elements":"0.17115","published_at":"2026-06-12T12:55:00Z"},{"value":"0.00053","scoring_system":"epss","scoring_elements":"0.17128","published_at":"2026-06-13T12:55:00Z"},{"value":"0.00053","scoring_system":"epss","scoring_elements":"0.171","published_at":"2026-06-14T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2016-2826"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"4.1","scoring_system":"cvssv2","scoring_elements":"AV:L/AC:M/Au:S/C:P/I:P/A:P"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2826","reference_id":"CVE-2016-2826","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2826"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2016-55","reference_id":"mfsa2016-55","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2016-55"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/41799?format=json","purl":"pkg:deb/debian/firefox-esr@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/41784?format=json","purl":"pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/41782?format=json","purl":"pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zj6v-hmj8-syfy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/41786?format=json","purl":"pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zj6v-hmj8-syfy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/41785?format=json","purl":"pkg:deb/debian/firefox-esr@140.11.0esr-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zj6v-hmj8-syfy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.11.0esr-1%3Fdistro=trixie"}],"aliases":["CVE-2016-2826"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-vwjv-ym6f-83e3"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/727?format=json","vulnerability_id":"VCID-wcnf-9kfp-nqcf","summary":"","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-0718.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-0718.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2016-0718","reference_id":"","reference_type":"","scores":[{"value":"0.02827","scoring_system":"epss","scoring_elements":"0.86487","published_at":"2026-06-11T12:55:00Z"},{"value":"0.02827","scoring_system":"epss","scoring_elements":"0.86538","published_at":"2026-06-12T12:55:00Z"},{"value":"0.02827","scoring_system":"epss","scoring_elements":"0.86548","published_at":"2026-06-13T12:55:00Z"},{"value":"0.02827","scoring_system":"epss","scoring_elements":"0.86546","published_at":"2026-06-14T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2016-0718"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0718","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0718"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4472","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4472"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.8","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:P/I:P/A:P"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1296102","reference_id":"1296102","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1296102"},{"reference_url":"https://security.gentoo.org/glsa/201701-21","reference_id":"GLSA-201701-21","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201701-21"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2016-68","reference_id":"mfsa2016-68","reference_type":"","scores":[{"value":"none","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2016-68"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:2824","reference_id":"RHSA-2016:2824","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:2824"},{"reference_url":"https://access.redhat.com/errata/RHSA-2018:2486","reference_id":"RHSA-2018:2486","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2018:2486"},{"reference_url":"https://usn.ubuntu.com/2983-1/","reference_id":"USN-2983-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/2983-1/"},{"reference_url":"https://usn.ubuntu.com/3013-1/","reference_id":"USN-3013-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3013-1/"},{"reference_url":"https://usn.ubuntu.com/3044-1/","reference_id":"USN-3044-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3044-1/"},{"reference_url":"https://usn.ubuntu.com/7199-1/","reference_id":"USN-7199-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7199-1/"},{"reference_url":"https://usn.ubuntu.com/USN-5455-1/","reference_id":"USN-USN-5455-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/USN-5455-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/41799?format=json","purl":"pkg:deb/debian/firefox-esr@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/41784?format=json","purl":"pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/41782?format=json","purl":"pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zj6v-hmj8-syfy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/41786?format=json","purl":"pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zj6v-hmj8-syfy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/41785?format=json","purl":"pkg:deb/debian/firefox-esr@140.11.0esr-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zj6v-hmj8-syfy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.11.0esr-1%3Fdistro=trixie"}],"aliases":["CVE-2016-0718"],"risk_score":1.7,"exploitability":"0.5","weighted_severity":"3.4","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-wcnf-9kfp-nqcf"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/2220?format=json","vulnerability_id":"VCID-wcq9-awh7-2qa6","summary":"","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2016-9903","reference_id":"","reference_type":"","scores":[{"value":"0.0071","scoring_system":"epss","scoring_elements":"0.72774","published_at":"2026-06-14T12:55:00Z"},{"value":"0.0071","scoring_system":"epss","scoring_elements":"0.72685","published_at":"2026-06-11T12:55:00Z"},{"value":"0.0071","scoring_system":"epss","scoring_elements":"0.72761","published_at":"2026-06-12T12:55:00Z"},{"value":"0.0071","scoring_system":"epss","scoring_elements":"0.72776","published_at":"2026-06-13T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2016-9903"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"0","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:H/Au:M/C:N/I:N/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://security.archlinux.org/ASA-201612-15","reference_id":"ASA-201612-15","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201612-15"},{"reference_url":"https://security.archlinux.org/AVG-106","reference_id":"AVG-106","reference_type":"","scores":[{"value":"Critical","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-106"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2016-94","reference_id":"mfsa2016-94","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2016-94"},{"reference_url":"https://usn.ubuntu.com/3155-1/","reference_id":"USN-3155-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3155-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/41799?format=json","purl":"pkg:deb/debian/firefox-esr@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/41784?format=json","purl":"pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/41782?format=json","purl":"pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zj6v-hmj8-syfy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/41786?format=json","purl":"pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zj6v-hmj8-syfy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/41785?format=json","purl":"pkg:deb/debian/firefox-esr@140.11.0esr-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zj6v-hmj8-syfy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.11.0esr-1%3Fdistro=trixie"}],"aliases":["CVE-2016-9903"],"risk_score":4.5,"exploitability":"0.5","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-wcq9-awh7-2qa6"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/197241?format=json","vulnerability_id":"VCID-wdsq-6fq7-rqgz","summary":"multiple issues","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-29964.json","reference_id":"","reference_type":"","scores":[{"value":"7.1","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-29964.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2021-29964","reference_id":"","reference_type":"","scores":[{"value":"0.0031","scoring_system":"epss","scoring_elements":"0.54706","published_at":"2026-06-14T12:55:00Z"},{"value":"0.0031","scoring_system":"epss","scoring_elements":"0.54582","published_at":"2026-06-11T12:55:00Z"},{"value":"0.0031","scoring_system":"epss","scoring_elements":"0.54722","published_at":"2026-06-13T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2021-29964"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1966830","reference_id":"1966830","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1966830"},{"reference_url":"https://security.archlinux.org/AVG-2019","reference_id":"AVG-2019","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-2019"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2021-23","reference_id":"mfsa2021-23","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2021-23"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2021-24","reference_id":"mfsa2021-24","reference_type":"","scores":[{"value":"none","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2021-24"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2021-26","reference_id":"mfsa2021-26","reference_type":"","scores":[{"value":"none","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2021-26"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/41799?format=json","purl":"pkg:deb/debian/firefox-esr@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/41784?format=json","purl":"pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/41782?format=json","purl":"pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zj6v-hmj8-syfy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/41786?format=json","purl":"pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zj6v-hmj8-syfy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/41785?format=json","purl":"pkg:deb/debian/firefox-esr@140.11.0esr-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zj6v-hmj8-syfy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.11.0esr-1%3Fdistro=trixie"}],"aliases":["CVE-2021-29964"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-wdsq-6fq7-rqgz"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/1096?format=json","vulnerability_id":"VCID-whxt-hpbp-hfhd","summary":"","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-2812.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-2812.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2016-2812","reference_id":"","reference_type":"","scores":[{"value":"0.00634","scoring_system":"epss","scoring_elements":"0.70866","published_at":"2026-06-11T12:55:00Z"},{"value":"0.00634","scoring_system":"epss","scoring_elements":"0.70956","published_at":"2026-06-12T12:55:00Z"},{"value":"0.00634","scoring_system":"epss","scoring_elements":"0.70969","published_at":"2026-06-13T12:55:00Z"},{"value":"0.00634","scoring_system":"epss","scoring_elements":"0.70966","published_at":"2026-06-14T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2016-2812"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.1","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:N/I:N/A:C"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1330277","reference_id":"1330277","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1330277"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2812","reference_id":"CVE-2016-2812","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2812"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2016-42","reference_id":"mfsa2016-42","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2016-42"},{"reference_url":"https://usn.ubuntu.com/2936-1/","reference_id":"USN-2936-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/2936-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/41799?format=json","purl":"pkg:deb/debian/firefox-esr@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/41784?format=json","purl":"pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/41782?format=json","purl":"pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zj6v-hmj8-syfy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/41786?format=json","purl":"pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zj6v-hmj8-syfy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/41785?format=json","purl":"pkg:deb/debian/firefox-esr@140.11.0esr-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zj6v-hmj8-syfy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.11.0esr-1%3Fdistro=trixie"}],"aliases":["CVE-2016-2812"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-whxt-hpbp-hfhd"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/7406?format=json","vulnerability_id":"VCID-wpy8-tja9-aqf7","summary":"","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-9818.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-9818.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2019-9818","reference_id":"","reference_type":"","scores":[{"value":"0.00351","scoring_system":"epss","scoring_elements":"0.58008","published_at":"2026-06-12T12:55:00Z"},{"value":"0.00351","scoring_system":"epss","scoring_elements":"0.57896","published_at":"2026-06-11T12:55:00Z"},{"value":"0.00351","scoring_system":"epss","scoring_elements":"0.58014","published_at":"2026-06-14T12:55:00Z"},{"value":"0.00351","scoring_system":"epss","scoring_elements":"0.58024","published_at":"2026-06-13T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2019-9818"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1712627","reference_id":"1712627","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1712627"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2019-13","reference_id":"mfsa2019-13","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2019-13"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2019-14","reference_id":"mfsa2019-14","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2019-14"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2019-15","reference_id":"mfsa2019-15","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2019-15"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/41799?format=json","purl":"pkg:deb/debian/firefox-esr@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/41784?format=json","purl":"pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/41782?format=json","purl":"pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zj6v-hmj8-syfy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/41786?format=json","purl":"pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zj6v-hmj8-syfy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/41785?format=json","purl":"pkg:deb/debian/firefox-esr@140.11.0esr-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zj6v-hmj8-syfy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.11.0esr-1%3Fdistro=trixie"}],"aliases":["CVE-2019-9818"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-wpy8-tja9-aqf7"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/183548?format=json","vulnerability_id":"VCID-x6nc-pqzh-vyab","summary":"Multiple vulnerabilities have been found in Mozilla Firefox and\n    Thunderbird the worst of which could lead to the execution of arbitrary\n    code.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-2827.json","reference_id":"","reference_type":"","scores":[{"value":"5.6","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-2827.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2016-2827","reference_id":"","reference_type":"","scores":[{"value":"0.00448","scoring_system":"epss","scoring_elements":"0.63979","published_at":"2026-06-11T12:55:00Z"},{"value":"0.00448","scoring_system":"epss","scoring_elements":"0.64082","published_at":"2026-06-12T12:55:00Z"},{"value":"0.00448","scoring_system":"epss","scoring_elements":"0.64095","published_at":"2026-06-13T12:55:00Z"},{"value":"0.00448","scoring_system":"epss","scoring_elements":"0.64092","published_at":"2026-06-14T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2016-2827"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1377660","reference_id":"1377660","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1377660"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2016-85","reference_id":"mfsa2016-85","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2016-85"},{"reference_url":"https://usn.ubuntu.com/3076-1/","reference_id":"USN-3076-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3076-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/41799?format=json","purl":"pkg:deb/debian/firefox-esr@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/41784?format=json","purl":"pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/41782?format=json","purl":"pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zj6v-hmj8-syfy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/41786?format=json","purl":"pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zj6v-hmj8-syfy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/41785?format=json","purl":"pkg:deb/debian/firefox-esr@140.11.0esr-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zj6v-hmj8-syfy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.11.0esr-1%3Fdistro=trixie"}],"aliases":["CVE-2016-2827"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-x6nc-pqzh-vyab"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/197000?format=json","vulnerability_id":"VCID-x8ur-qphq-sua1","summary":"multiple issues","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2017-5374","reference_id":"","reference_type":"","scores":[{"value":"0.01847","scoring_system":"epss","scoring_elements":"0.83398","published_at":"2026-06-11T12:55:00Z"},{"value":"0.01847","scoring_system":"epss","scoring_elements":"0.83459","published_at":"2026-06-12T12:55:00Z"},{"value":"0.01847","scoring_system":"epss","scoring_elements":"0.83468","published_at":"2026-06-13T12:55:00Z"},{"value":"0.01847","scoring_system":"epss","scoring_elements":"0.83465","published_at":"2026-06-14T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2017-5374"},{"reference_url":"https://security.archlinux.org/ASA-201701-39","reference_id":"ASA-201701-39","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201701-39"},{"reference_url":"https://security.archlinux.org/AVG-157","reference_id":"AVG-157","reference_type":"","scores":[{"value":"Critical","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-157"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2017-01","reference_id":"mfsa2017-01","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2017-01"},{"reference_url":"https://usn.ubuntu.com/3175-1/","reference_id":"USN-3175-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3175-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/41799?format=json","purl":"pkg:deb/debian/firefox-esr@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/41784?format=json","purl":"pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/41782?format=json","purl":"pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zj6v-hmj8-syfy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/41786?format=json","purl":"pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zj6v-hmj8-syfy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/41785?format=json","purl":"pkg:deb/debian/firefox-esr@140.11.0esr-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zj6v-hmj8-syfy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.11.0esr-1%3Fdistro=trixie"}],"aliases":["CVE-2017-5374"],"risk_score":4.5,"exploitability":"0.5","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-x8ur-qphq-sua1"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/8695?format=json","vulnerability_id":"VCID-xg6t-s67m-fkhv","summary":"","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-6797.json","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-6797.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2020-6797","reference_id":"","reference_type":"","scores":[{"value":"0.0061","scoring_system":"epss","scoring_elements":"0.7033","published_at":"2026-06-12T12:55:00Z"},{"value":"0.0061","scoring_system":"epss","scoring_elements":"0.7024","published_at":"2026-06-11T12:55:00Z"},{"value":"0.0061","scoring_system":"epss","scoring_elements":"0.70341","published_at":"2026-06-14T12:55:00Z"},{"value":"0.0061","scoring_system":"epss","scoring_elements":"0.70344","published_at":"2026-06-13T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2020-6797"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1801917","reference_id":"1801917","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1801917"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2020-05","reference_id":"mfsa2020-05","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2020-05"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2020-06","reference_id":"mfsa2020-06","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2020-06"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2020-07","reference_id":"mfsa2020-07","reference_type":"","scores":[{"value":"none","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2020-07"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/41799?format=json","purl":"pkg:deb/debian/firefox-esr@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/41784?format=json","purl":"pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/41782?format=json","purl":"pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zj6v-hmj8-syfy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/41786?format=json","purl":"pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zj6v-hmj8-syfy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/41785?format=json","purl":"pkg:deb/debian/firefox-esr@140.11.0esr-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zj6v-hmj8-syfy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.11.0esr-1%3Fdistro=trixie"}],"aliases":["CVE-2020-6797"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-xg6t-s67m-fkhv"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/12011?format=json","vulnerability_id":"VCID-xpg4-sdv1-2fa7","summary":"","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-31739.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-31739.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-31739","reference_id":"","reference_type":"","scores":[{"value":"0.00531","scoring_system":"epss","scoring_elements":"0.6781","published_at":"2026-06-14T12:55:00Z"},{"value":"0.00531","scoring_system":"epss","scoring_elements":"0.67814","published_at":"2026-06-13T12:55:00Z"},{"value":"0.00531","scoring_system":"epss","scoring_elements":"0.67801","published_at":"2026-06-12T12:55:00Z"},{"value":"0.00531","scoring_system":"epss","scoring_elements":"0.67712","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-31739"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2092022","reference_id":"2092022","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2092022"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2022-20","reference_id":"mfsa2022-20","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2022-20"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2022-20/","reference_id":"mfsa2022-20","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-16T13:52:42Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2022-20/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2022-21","reference_id":"mfsa2022-21","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2022-21"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2022-21/","reference_id":"mfsa2022-21","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-16T13:52:42Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2022-21/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2022-22","reference_id":"mfsa2022-22","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2022-22"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2022-22/","reference_id":"mfsa2022-22","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-16T13:52:42Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2022-22/"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1765049","reference_id":"show_bug.cgi?id=1765049","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-16T13:52:42Z/"}],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1765049"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/41799?format=json","purl":"pkg:deb/debian/firefox-esr@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/41784?format=json","purl":"pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/41782?format=json","purl":"pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zj6v-hmj8-syfy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/41786?format=json","purl":"pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zj6v-hmj8-syfy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/41785?format=json","purl":"pkg:deb/debian/firefox-esr@140.11.0esr-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zj6v-hmj8-syfy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.11.0esr-1%3Fdistro=trixie"}],"aliases":["CVE-2022-31739"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-xpg4-sdv1-2fa7"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/25261?format=json","vulnerability_id":"VCID-y3yn-u9a4-duf7","summary":"","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-4084.json","reference_id":"","reference_type":"","scores":[{"value":"6.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-4084.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-4084","reference_id":"","reference_type":"","scores":[{"value":"0.00186","scoring_system":"epss","scoring_elements":"0.40498","published_at":"2026-06-14T12:55:00Z"},{"value":"0.00186","scoring_system":"epss","scoring_elements":"0.40509","published_at":"2026-06-13T12:55:00Z"},{"value":"0.00186","scoring_system":"epss","scoring_elements":"0.40486","published_at":"2026-06-12T12:55:00Z"},{"value":"0.00186","scoring_system":"epss","scoring_elements":"0.40319","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-4084"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2362911","reference_id":"2362911","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2362911"},{"reference_url":"https://bugzilla.mozilla.org/buglist.cgi?bug_id=1949994%2C1956698%2C1960198","reference_id":"buglist.cgi?bug_id=1949994%2C1956698%2C1960198","reference_type":"","scores":[{"value":"5.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-30T03:56:30Z/"}],"url":"https://bugzilla.mozilla.org/buglist.cgi?bug_id=1949994%2C1956698%2C1960198"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-29","reference_id":"mfsa2025-29","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-29"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2025-29/","reference_id":"mfsa2025-29","reference_type":"","scores":[{"value":"5.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-30T03:56:30Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2025-29/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-30","reference_id":"mfsa2025-30","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-30"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2025-30/","reference_id":"mfsa2025-30","reference_type":"","scores":[{"value":"5.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-30T03:56:30Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2025-30/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-32","reference_id":"mfsa2025-32","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2025-32"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2025-32/","reference_id":"mfsa2025-32","reference_type":"","scores":[{"value":"5.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-30T03:56:30Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2025-32/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/41799?format=json","purl":"pkg:deb/debian/firefox-esr@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/41784?format=json","purl":"pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/41782?format=json","purl":"pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zj6v-hmj8-syfy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/41786?format=json","purl":"pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zj6v-hmj8-syfy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/41785?format=json","purl":"pkg:deb/debian/firefox-esr@140.11.0esr-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zj6v-hmj8-syfy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.11.0esr-1%3Fdistro=trixie"}],"aliases":["CVE-2025-4084"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-y3yn-u9a4-duf7"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/212920?format=json","vulnerability_id":"VCID-y4wf-fhdd-ffgm","summary":"If hyperthreading is not disabled, a timing attack vulnerability exists, similar to previous Spectre attacks. Apple has shipped macOS 10.14.5 with an option to disable hyperthreading in applications running untrusted code in a thread through a new sysctl. Firefox now makes use of it on the main thread and any worker threads. *Note: users need to update to macOS 10.14.5 in order to take advantage of this change.*. This vulnerability affects Thunderbird < 60.7, Firefox < 67, and Firefox ESR < 60.7.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-9815.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-9815.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2019-9815","reference_id":"","reference_type":"","scores":[{"value":"0.00995","scoring_system":"epss","scoring_elements":"0.77363","published_at":"2026-06-11T12:55:00Z"},{"value":"0.00995","scoring_system":"epss","scoring_elements":"0.77432","published_at":"2026-06-12T12:55:00Z"},{"value":"0.00995","scoring_system":"epss","scoring_elements":"0.77447","published_at":"2026-06-13T12:55:00Z"},{"value":"0.00995","scoring_system":"epss","scoring_elements":"0.77438","published_at":"2026-06-14T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2019-9815"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1712624","reference_id":"1712624","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1712624"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2019-13","reference_id":"mfsa2019-13","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2019-13"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2019-14","reference_id":"mfsa2019-14","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2019-14"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2019-15","reference_id":"mfsa2019-15","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2019-15"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/41799?format=json","purl":"pkg:deb/debian/firefox-esr@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/41784?format=json","purl":"pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/41782?format=json","purl":"pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zj6v-hmj8-syfy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/41786?format=json","purl":"pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zj6v-hmj8-syfy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/41785?format=json","purl":"pkg:deb/debian/firefox-esr@140.11.0esr-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zj6v-hmj8-syfy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.11.0esr-1%3Fdistro=trixie"}],"aliases":["CVE-2019-9815"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-y4wf-fhdd-ffgm"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/196991?format=json","vulnerability_id":"VCID-z5s7-q73z-4bdr","summary":"multiple issues","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2017-5389","reference_id":"","reference_type":"","scores":[{"value":"0.00374","scoring_system":"epss","scoring_elements":"0.59493","published_at":"2026-06-11T12:55:00Z"},{"value":"0.00374","scoring_system":"epss","scoring_elements":"0.59603","published_at":"2026-06-12T12:55:00Z"},{"value":"0.00374","scoring_system":"epss","scoring_elements":"0.59614","published_at":"2026-06-13T12:55:00Z"},{"value":"0.00374","scoring_system":"epss","scoring_elements":"0.59604","published_at":"2026-06-14T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2017-5389"},{"reference_url":"https://security.archlinux.org/ASA-201701-39","reference_id":"ASA-201701-39","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201701-39"},{"reference_url":"https://security.archlinux.org/AVG-157","reference_id":"AVG-157","reference_type":"","scores":[{"value":"Critical","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-157"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2017-01","reference_id":"mfsa2017-01","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2017-01"},{"reference_url":"https://usn.ubuntu.com/3175-1/","reference_id":"USN-3175-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3175-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/41799?format=json","purl":"pkg:deb/debian/firefox-esr@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/41784?format=json","purl":"pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/41782?format=json","purl":"pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zj6v-hmj8-syfy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/41786?format=json","purl":"pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zj6v-hmj8-syfy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/41785?format=json","purl":"pkg:deb/debian/firefox-esr@140.11.0esr-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zj6v-hmj8-syfy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.11.0esr-1%3Fdistro=trixie"}],"aliases":["CVE-2017-5389"],"risk_score":4.5,"exploitability":"0.5","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-z5s7-q73z-4bdr"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/6557?format=json","vulnerability_id":"VCID-zm7u-xw4t-yugz","summary":"","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-17009.json","reference_id":"","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-17009.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2019-17009","reference_id":"","reference_type":"","scores":[{"value":"0.00136","scoring_system":"epss","scoring_elements":"0.33441","published_at":"2026-06-12T12:55:00Z"},{"value":"0.00136","scoring_system":"epss","scoring_elements":"0.33436","published_at":"2026-06-14T12:55:00Z"},{"value":"0.00136","scoring_system":"epss","scoring_elements":"0.33259","published_at":"2026-06-11T12:55:00Z"},{"value":"0.00136","scoring_system":"epss","scoring_elements":"0.33461","published_at":"2026-06-13T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2019-17009"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1779433","reference_id":"1779433","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1779433"},{"reference_url":"https://security.archlinux.org/ASA-201912-1","reference_id":"ASA-201912-1","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201912-1"},{"reference_url":"https://security.archlinux.org/AVG-1071","reference_id":"AVG-1071","reference_type":"","scores":[{"value":"Critical","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-1071"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2019-36","reference_id":"mfsa2019-36","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2019-36"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2019-37","reference_id":"mfsa2019-37","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2019-37"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2019-38","reference_id":"mfsa2019-38","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2019-38"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/41799?format=json","purl":"pkg:deb/debian/firefox-esr@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/41784?format=json","purl":"pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/41782?format=json","purl":"pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zj6v-hmj8-syfy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/41786?format=json","purl":"pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zj6v-hmj8-syfy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/41785?format=json","purl":"pkg:deb/debian/firefox-esr@140.11.0esr-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zj6v-hmj8-syfy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.11.0esr-1%3Fdistro=trixie"}],"aliases":["CVE-2019-17009"],"risk_score":4.5,"exploitability":"0.5","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-zm7u-xw4t-yugz"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/3548?format=json","vulnerability_id":"VCID-zr3g-9q6p-xkgt","summary":"","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2017-5409","reference_id":"","reference_type":"","scores":[{"value":"0.00109","scoring_system":"epss","scoring_elements":"0.2899","published_at":"2026-06-14T12:55:00Z"},{"value":"0.00109","scoring_system":"epss","scoring_elements":"0.28782","published_at":"2026-06-11T12:55:00Z"},{"value":"0.00109","scoring_system":"epss","scoring_elements":"0.28983","published_at":"2026-06-12T12:55:00Z"},{"value":"0.00109","scoring_system":"epss","scoring_elements":"0.29003","published_at":"2026-06-13T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2017-5409"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"1.5","scoring_system":"cvssv2","scoring_elements":"AV:L/AC:M/Au:S/C:N/I:P/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2017-05","reference_id":"mfsa2017-05","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2017-05"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2017-06","reference_id":"mfsa2017-06","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2017-06"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/41799?format=json","purl":"pkg:deb/debian/firefox-esr@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/41784?format=json","purl":"pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/41782?format=json","purl":"pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zj6v-hmj8-syfy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/41786?format=json","purl":"pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zj6v-hmj8-syfy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/41785?format=json","purl":"pkg:deb/debian/firefox-esr@140.11.0esr-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zj6v-hmj8-syfy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.11.0esr-1%3Fdistro=trixie"}],"aliases":["CVE-2017-5409"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-zr3g-9q6p-xkgt"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/6136?format=json","vulnerability_id":"VCID-zt22-sjh9-akfz","summary":"","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-11753.json","reference_id":"","reference_type":"","scores":[{"value":"7.0","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-11753.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2019-11753","reference_id":"","reference_type":"","scores":[{"value":"0.00062","scoring_system":"epss","scoring_elements":"0.19828","published_at":"2026-06-12T12:55:00Z"},{"value":"0.00062","scoring_system":"epss","scoring_elements":"0.19653","published_at":"2026-06-11T12:55:00Z"},{"value":"0.00062","scoring_system":"epss","scoring_elements":"0.1982","published_at":"2026-06-14T12:55:00Z"},{"value":"0.00062","scoring_system":"epss","scoring_elements":"0.19844","published_at":"2026-06-13T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2019-11753"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1748659","reference_id":"1748659","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1748659"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2019-25","reference_id":"mfsa2019-25","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2019-25"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2019-26","reference_id":"mfsa2019-26","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2019-26"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2019-27","reference_id":"mfsa2019-27","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2019-27"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/41799?format=json","purl":"pkg:deb/debian/firefox-esr@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/41784?format=json","purl":"pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/41782?format=json","purl":"pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zj6v-hmj8-syfy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/41786?format=json","purl":"pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zj6v-hmj8-syfy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/41785?format=json","purl":"pkg:deb/debian/firefox-esr@140.11.0esr-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zj6v-hmj8-syfy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.11.0esr-1%3Fdistro=trixie"}],"aliases":["CVE-2019-11753"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-zt22-sjh9-akfz"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/4639?format=json","vulnerability_id":"VCID-zt28-szym-83ec","summary":"","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-12391.json","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-12391.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2018-12391","reference_id":"","reference_type":"","scores":[{"value":"0.00547","scoring_system":"epss","scoring_elements":"0.68402","published_at":"2026-06-12T12:55:00Z"},{"value":"0.00547","scoring_system":"epss","scoring_elements":"0.68313","published_at":"2026-06-11T12:55:00Z"},{"value":"0.00547","scoring_system":"epss","scoring_elements":"0.6841","published_at":"2026-06-14T12:55:00Z"},{"value":"0.00547","scoring_system":"epss","scoring_elements":"0.68415","published_at":"2026-06-13T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2018-12391"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1642181","reference_id":"1642181","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1642181"},{"reference_url":"https://security.gentoo.org/glsa/201811-13","reference_id":"GLSA-201811-13","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201811-13"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2018-26","reference_id":"mfsa2018-26","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2018-26"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2018-27","reference_id":"mfsa2018-27","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2018-27"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2018-28","reference_id":"mfsa2018-28","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2018-28"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/41799?format=json","purl":"pkg:deb/debian/firefox-esr@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/41784?format=json","purl":"pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/41782?format=json","purl":"pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zj6v-hmj8-syfy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/41786?format=json","purl":"pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zj6v-hmj8-syfy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/41785?format=json","purl":"pkg:deb/debian/firefox-esr@140.11.0esr-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zj6v-hmj8-syfy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.11.0esr-1%3Fdistro=trixie"}],"aliases":["CVE-2018-12391"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-zt28-szym-83ec"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/134633?format=json","vulnerability_id":"VCID-ztv2-2eb6-1ubm","summary":"When downloading files through the Save As dialog on Windows with suggested filenames containing environment variable names, Windows would have resolved those in the context of the current user. <br>*This bug only affects Firefox on Windows. Other versions of Firefox are unaffected.*. This vulnerability affects Firefox < 111, Firefox ESR < 102.9, and Thunderbird < 102.9.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-28163.json","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-28163.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2023-28163","reference_id":"","reference_type":"","scores":[{"value":"0.00139","scoring_system":"epss","scoring_elements":"0.33889","published_at":"2026-06-14T12:55:00Z"},{"value":"0.00139","scoring_system":"epss","scoring_elements":"0.33714","published_at":"2026-06-11T12:55:00Z"},{"value":"0.00139","scoring_system":"epss","scoring_elements":"0.33892","published_at":"2026-06-12T12:55:00Z"},{"value":"0.00139","scoring_system":"epss","scoring_elements":"0.33914","published_at":"2026-06-13T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2023-28163"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2178468","reference_id":"2178468","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2178468"},{"reference_url":"https://security.gentoo.org/glsa/202305-35","reference_id":"GLSA-202305-35","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202305-35"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2023-09","reference_id":"mfsa2023-09","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2023-09"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2023-09/","reference_id":"mfsa2023-09","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-09T15:17:13Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2023-09/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2023-10","reference_id":"mfsa2023-10","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2023-10"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2023-10/","reference_id":"mfsa2023-10","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-09T15:17:13Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2023-10/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2023-11","reference_id":"mfsa2023-11","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2023-11"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2023-11/","reference_id":"mfsa2023-11","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-09T15:17:13Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2023-11/"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1817768","reference_id":"show_bug.cgi?id=1817768","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-09T15:17:13Z/"}],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1817768"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/41799?format=json","purl":"pkg:deb/debian/firefox-esr@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/41784?format=json","purl":"pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/41782?format=json","purl":"pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zj6v-hmj8-syfy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/41786?format=json","purl":"pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zj6v-hmj8-syfy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/41785?format=json","purl":"pkg:deb/debian/firefox-esr@140.11.0esr-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zj6v-hmj8-syfy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.11.0esr-1%3Fdistro=trixie"}],"aliases":["CVE-2023-28163"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-ztv2-2eb6-1ubm"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/9948?format=json","vulnerability_id":"VCID-zvqs-sgjx-ckfd","summary":"","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-38510.json","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-38510.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2021-38510","reference_id":"","reference_type":"","scores":[{"value":"0.00417","scoring_system":"epss","scoring_elements":"0.62285","published_at":"2026-06-12T12:55:00Z"},{"value":"0.00417","scoring_system":"epss","scoring_elements":"0.62291","published_at":"2026-06-14T12:55:00Z"},{"value":"0.00417","scoring_system":"epss","scoring_elements":"0.62296","published_at":"2026-06-13T12:55:00Z"},{"value":"0.00417","scoring_system":"epss","scoring_elements":"0.62183","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2021-38510"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2019629","reference_id":"2019629","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2019629"},{"reference_url":"https://security.archlinux.org/AVG-2512","reference_id":"AVG-2512","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-2512"},{"reference_url":"https://security.archlinux.org/AVG-2519","reference_id":"AVG-2519","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-2519"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2021-48","reference_id":"mfsa2021-48","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2021-48"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2021-49","reference_id":"mfsa2021-49","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2021-49"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2021-50","reference_id":"mfsa2021-50","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2021-50"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/41799?format=json","purl":"pkg:deb/debian/firefox-esr@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/41784?format=json","purl":"pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/41782?format=json","purl":"pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zj6v-hmj8-syfy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/41786?format=json","purl":"pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zj6v-hmj8-syfy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/41785?format=json","purl":"pkg:deb/debian/firefox-esr@140.11.0esr-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zj6v-hmj8-syfy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.11.0esr-1%3Fdistro=trixie"}],"aliases":["CVE-2021-38510"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-zvqs-sgjx-ckfd"}],"risk_score":null,"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@0%3Fdistro=trixie"}