{"url":"http://public2.vulnerablecode.io/api/packages/432242?format=json","purl":"pkg:apk/alpine/firefox-esr@60.7.0-r0?arch=armhf&distroversion=v3.17&reponame=community","type":"apk","namespace":"alpine","name":"firefox-esr","version":"60.7.0-r0","qualifiers":{"arch":"armhf","distroversion":"v3.17","reponame":"community"},"subpath":"","is_vulnerable":false,"next_non_vulnerable_version":"60.7.1-r0","latest_non_vulnerable_version":"102.1.0-r0","affected_by_vulnerabilities":[],"fixing_vulnerabilities":[{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/63343?format=json","vulnerability_id":"VCID-2z7p-2uj3-2qfb","summary":"If hyperthreading is not disabled, a timing attack vulnerability exists, similar to previous Spectre attacks. Apple has shipped macOS 10.14.5 with an option to disable hyperthreading in applications running untrusted code in a thread through a new sysctl. Firefox now makes use of it on the main thread and any worker threads. *Note: users need to update to macOS 10.14.5 in order to take advantage of this change.*","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-9815.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-9815.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2019-9815","reference_id":"","reference_type":"","scores":[{"value":"0.0102","scoring_system":"epss","scoring_elements":"0.7731","published_at":"2026-04-29T12:55:00Z"},{"value":"0.0102","scoring_system":"epss","scoring_elements":"0.77257","published_at":"2026-04-21T12:55:00Z"},{"value":"0.0102","scoring_system":"epss","scoring_elements":"0.7729","published_at":"2026-04-24T12:55:00Z"},{"value":"0.0102","scoring_system":"epss","scoring_elements":"0.77295","published_at":"2026-04-26T12:55:00Z"},{"value":"0.0102","scoring_system":"epss","scoring_elements":"0.77162","published_at":"2026-04-01T12:55:00Z"},{"value":"0.0102","scoring_system":"epss","scoring_elements":"0.77169","published_at":"2026-04-02T12:55:00Z"},{"value":"0.0102","scoring_system":"epss","scoring_elements":"0.77198","published_at":"2026-04-04T12:55:00Z"},{"value":"0.0102","scoring_system":"epss","scoring_elements":"0.77179","published_at":"2026-04-07T12:55:00Z"},{"value":"0.0102","scoring_system":"epss","scoring_elements":"0.77212","published_at":"2026-04-08T12:55:00Z"},{"value":"0.0102","scoring_system":"epss","scoring_elements":"0.7722","published_at":"2026-04-09T12:55:00Z"},{"value":"0.0102","scoring_system":"epss","scoring_elements":"0.77248","published_at":"2026-04-11T12:55:00Z"},{"value":"0.0102","scoring_system":"epss","scoring_elements":"0.77227","published_at":"2026-04-12T12:55:00Z"},{"value":"0.0102","scoring_system":"epss","scoring_elements":"0.77224","published_at":"2026-04-13T12:55:00Z"},{"value":"0.0102","scoring_system":"epss","scoring_elements":"0.77263","published_at":"2026-04-16T12:55:00Z"},{"value":"0.0102","scoring_system":"epss","scoring_elements":"0.77265","published_at":"2026-04-18T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2019-9815"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1712624","reference_id":"1712624","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1712624"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2019-13","reference_id":"mfsa2019-13","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2019-13"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2019-14","reference_id":"mfsa2019-14","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2019-14"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2019-15","reference_id":"mfsa2019-15","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2019-15"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/432242?format=json","purl":"pkg:apk/alpine/firefox-esr@60.7.0-r0?arch=armhf&distroversion=v3.17&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/firefox-esr@60.7.0-r0%3Farch=armhf&distroversion=v3.17&reponame=community"}],"aliases":["CVE-2019-9815"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-2z7p-2uj3-2qfb"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/63354?format=json","vulnerability_id":"VCID-5zmj-5xkc-zkgc","summary":"A vulnerability exists in the Windows sandbox where an uninitialized value in memory can be leaked to a renderer from a broker when making a call to access an otherwise unavailable file. This results in the potential leaking of information stored at that memory location. *Note: this issue only occurs on Windows. Other operating systems are unaffected.*","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-11694.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-11694.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2019-11694","reference_id":"","reference_type":"","scores":[{"value":"0.00398","scoring_system":"epss","scoring_elements":"0.60602","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00398","scoring_system":"epss","scoring_elements":"0.60628","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00398","scoring_system":"epss","scoring_elements":"0.60616","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00398","scoring_system":"epss","scoring_elements":"0.60601","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00398","scoring_system":"epss","scoring_elements":"0.60613","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00398","scoring_system":"epss","scoring_elements":"0.60458","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00398","scoring_system":"epss","scoring_elements":"0.60534","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00398","scoring_system":"epss","scoring_elements":"0.6056","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00398","scoring_system":"epss","scoring_elements":"0.60529","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00398","scoring_system":"epss","scoring_elements":"0.60578","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00398","scoring_system":"epss","scoring_elements":"0.60594","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00398","scoring_system":"epss","scoring_elements":"0.60618","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00398","scoring_system":"epss","scoring_elements":"0.60603","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00398","scoring_system":"epss","scoring_elements":"0.60582","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00398","scoring_system":"epss","scoring_elements":"0.60623","published_at":"2026-04-16T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2019-11694"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1712620","reference_id":"1712620","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1712620"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2019-13","reference_id":"mfsa2019-13","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2019-13"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2019-14","reference_id":"mfsa2019-14","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2019-14"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2019-15","reference_id":"mfsa2019-15","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2019-15"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/432242?format=json","purl":"pkg:apk/alpine/firefox-esr@60.7.0-r0?arch=armhf&distroversion=v3.17&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/firefox-esr@60.7.0-r0%3Farch=armhf&distroversion=v3.17&reponame=community"}],"aliases":["CVE-2019-11694"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-5zmj-5xkc-zkgc"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/63347?format=json","vulnerability_id":"VCID-7ej9-whhw-97hn","summary":"A vulnerability where a JavaScript compartment mismatch can occur while working with the fetch API, resulting in a potentially exploitable crash.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-9819.json","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-9819.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2019-9819","reference_id":"","reference_type":"","scores":[{"value":"0.00554","scoring_system":"epss","scoring_elements":"0.68165","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00554","scoring_system":"epss","scoring_elements":"0.68077","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00554","scoring_system":"epss","scoring_elements":"0.68114","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00554","scoring_system":"epss","scoring_elements":"0.68126","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00554","scoring_system":"epss","scoring_elements":"0.68109","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00554","scoring_system":"epss","scoring_elements":"0.68151","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00554","scoring_system":"epss","scoring_elements":"0.6816","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00554","scoring_system":"epss","scoring_elements":"0.68014","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00554","scoring_system":"epss","scoring_elements":"0.68035","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00554","scoring_system":"epss","scoring_elements":"0.68055","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00554","scoring_system":"epss","scoring_elements":"0.68033","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00554","scoring_system":"epss","scoring_elements":"0.68085","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00554","scoring_system":"epss","scoring_elements":"0.68099","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00554","scoring_system":"epss","scoring_elements":"0.68124","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00554","scoring_system":"epss","scoring_elements":"0.68111","published_at":"2026-04-12T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2019-9819"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-18511","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-18511"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11691","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11691"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11692","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11692"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11693","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11693"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11698","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11698"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5798","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5798"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7317","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7317"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9797","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9797"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9800","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9800"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9816","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9816"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9817","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9817"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9819","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9819"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9820","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9820"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1712628","reference_id":"1712628","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1712628"},{"reference_url":"https://security.archlinux.org/ASA-201905-8","reference_id":"ASA-201905-8","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201905-8"},{"reference_url":"https://security.archlinux.org/ASA-201905-9","reference_id":"ASA-201905-9","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201905-9"},{"reference_url":"https://security.archlinux.org/AVG-965","reference_id":"AVG-965","reference_type":"","scores":[{"value":"Critical","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-965"},{"reference_url":"https://security.archlinux.org/AVG-966","reference_id":"AVG-966","reference_type":"","scores":[{"value":"Critical","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-966"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2019-13","reference_id":"mfsa2019-13","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2019-13"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2019-14","reference_id":"mfsa2019-14","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2019-14"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2019-15","reference_id":"mfsa2019-15","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2019-15"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:1265","reference_id":"RHSA-2019:1265","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2019:1265"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:1267","reference_id":"RHSA-2019:1267","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2019:1267"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:1269","reference_id":"RHSA-2019:1269","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2019:1269"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:1308","reference_id":"RHSA-2019:1308","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2019:1308"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:1309","reference_id":"RHSA-2019:1309","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2019:1309"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:1310","reference_id":"RHSA-2019:1310","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2019:1310"},{"reference_url":"https://usn.ubuntu.com/3991-1/","reference_id":"USN-3991-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3991-1/"},{"reference_url":"https://usn.ubuntu.com/3997-1/","reference_id":"USN-3997-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3997-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/432242?format=json","purl":"pkg:apk/alpine/firefox-esr@60.7.0-r0?arch=armhf&distroversion=v3.17&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/firefox-esr@60.7.0-r0%3Farch=armhf&distroversion=v3.17&reponame=community"}],"aliases":["CVE-2019-9819"],"risk_score":4.5,"exploitability":"0.5","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-7ej9-whhw-97hn"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/63346?format=json","vulnerability_id":"VCID-8hgj-7cb6-fbbp","summary":"A race condition is present in the crash generation server used to generate data for the crash reporter. This issue can lead to a use-after-free in the main process, resulting in a potentially exploitable crash and a sandbox escape. *Note: this vulnerability only affects Windows. Other operating systems are unaffected.*","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-9818.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-9818.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2019-9818","reference_id":"","reference_type":"","scores":[{"value":"0.00343","scoring_system":"epss","scoring_elements":"0.56919","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00343","scoring_system":"epss","scoring_elements":"0.57009","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00343","scoring_system":"epss","scoring_elements":"0.57007","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00343","scoring_system":"epss","scoring_elements":"0.56917","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00343","scoring_system":"epss","scoring_elements":"0.56935","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00343","scoring_system":"epss","scoring_elements":"0.56865","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00343","scoring_system":"epss","scoring_elements":"0.56962","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00343","scoring_system":"epss","scoring_elements":"0.56983","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00343","scoring_system":"epss","scoring_elements":"0.56959","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00343","scoring_system":"epss","scoring_elements":"0.5701","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00343","scoring_system":"epss","scoring_elements":"0.57012","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00343","scoring_system":"epss","scoring_elements":"0.57024","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00343","scoring_system":"epss","scoring_elements":"0.57004","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00343","scoring_system":"epss","scoring_elements":"0.5698","published_at":"2026-04-13T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2019-9818"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1712627","reference_id":"1712627","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1712627"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2019-13","reference_id":"mfsa2019-13","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2019-13"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2019-14","reference_id":"mfsa2019-14","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2019-14"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2019-15","reference_id":"mfsa2019-15","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2019-15"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/432242?format=json","purl":"pkg:apk/alpine/firefox-esr@60.7.0-r0?arch=armhf&distroversion=v3.17&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/firefox-esr@60.7.0-r0%3Farch=armhf&distroversion=v3.17&reponame=community"}],"aliases":["CVE-2019-9818"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-8hgj-7cb6-fbbp"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/63348?format=json","vulnerability_id":"VCID-92qb-fqpr-27hm","summary":"A use-after-free vulnerability can occur in the chrome event handler when it is freed while still in use. This results in a potentially exploitable crash.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-9820.json","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-9820.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2019-9820","reference_id":"","reference_type":"","scores":[{"value":"0.00554","scoring_system":"epss","scoring_elements":"0.68165","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00554","scoring_system":"epss","scoring_elements":"0.68114","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00554","scoring_system":"epss","scoring_elements":"0.68126","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00554","scoring_system":"epss","scoring_elements":"0.68109","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00554","scoring_system":"epss","scoring_elements":"0.68151","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00554","scoring_system":"epss","scoring_elements":"0.6816","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00554","scoring_system":"epss","scoring_elements":"0.68014","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00554","scoring_system":"epss","scoring_elements":"0.68035","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00554","scoring_system":"epss","scoring_elements":"0.68055","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00554","scoring_system":"epss","scoring_elements":"0.68033","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00554","scoring_system":"epss","scoring_elements":"0.68085","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00554","scoring_system":"epss","scoring_elements":"0.68099","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00554","scoring_system":"epss","scoring_elements":"0.68124","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00554","scoring_system":"epss","scoring_elements":"0.68111","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00554","scoring_system":"epss","scoring_elements":"0.68077","published_at":"2026-04-13T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2019-9820"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-18511","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-18511"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11691","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11691"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11692","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11692"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11693","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11693"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11698","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11698"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5798","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5798"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7317","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7317"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9797","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9797"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9800","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9800"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9816","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9816"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9817","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9817"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9819","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9819"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9820","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9820"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1712629","reference_id":"1712629","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1712629"},{"reference_url":"https://security.archlinux.org/ASA-201905-9","reference_id":"ASA-201905-9","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201905-9"},{"reference_url":"https://security.archlinux.org/AVG-966","reference_id":"AVG-966","reference_type":"","scores":[{"value":"Critical","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-966"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2019-13","reference_id":"mfsa2019-13","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2019-13"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2019-14","reference_id":"mfsa2019-14","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2019-14"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2019-15","reference_id":"mfsa2019-15","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2019-15"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:1265","reference_id":"RHSA-2019:1265","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2019:1265"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:1267","reference_id":"RHSA-2019:1267","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2019:1267"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:1269","reference_id":"RHSA-2019:1269","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2019:1269"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:1308","reference_id":"RHSA-2019:1308","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2019:1308"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:1309","reference_id":"RHSA-2019:1309","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2019:1309"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:1310","reference_id":"RHSA-2019:1310","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2019:1310"},{"reference_url":"https://usn.ubuntu.com/3991-1/","reference_id":"USN-3991-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3991-1/"},{"reference_url":"https://usn.ubuntu.com/3997-1/","reference_id":"USN-3997-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3997-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/432242?format=json","purl":"pkg:apk/alpine/firefox-esr@60.7.0-r0?arch=armhf&distroversion=v3.17&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/firefox-esr@60.7.0-r0%3Farch=armhf&distroversion=v3.17&reponame=community"}],"aliases":["CVE-2019-9820"],"risk_score":4.5,"exploitability":"0.5","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-92qb-fqpr-27hm"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/10277?format=json","vulnerability_id":"VCID-fx8t-41tv-hkdu","summary":"Use After Free\npng_image_free in png.c in libpng has a use-after-free because png_image_free_function is called under png_safe_execute.","references":[{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00002.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00002.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00029.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00029.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00084.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00084.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00038.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00038.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00044.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00044.html"},{"reference_url":"http://packetstormsecurity.com/files/152561/Slackware-Security-Advisory-libpng-Updates.html","reference_id":"","reference_type":"","scores":[],"url":"http://packetstormsecurity.com/files/152561/Slackware-Security-Advisory-libpng-Updates.html"},{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-7317.json","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-7317.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2019-7317","reference_id":"","reference_type":"","scores":[{"value":"0.00565","scoring_system":"epss","scoring_elements":"0.68516","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00565","scoring_system":"epss","scoring_elements":"0.68444","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00565","scoring_system":"epss","scoring_elements":"0.6847","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00565","scoring_system":"epss","scoring_elements":"0.68458","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00565","scoring_system":"epss","scoring_elements":"0.68426","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00565","scoring_system":"epss","scoring_elements":"0.68464","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00565","scoring_system":"epss","scoring_elements":"0.68477","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00565","scoring_system":"epss","scoring_elements":"0.68456","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00565","scoring_system":"epss","scoring_elements":"0.68504","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00565","scoring_system":"epss","scoring_elements":"0.6851","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00565","scoring_system":"epss","scoring_elements":"0.6836","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00565","scoring_system":"epss","scoring_elements":"0.68381","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00565","scoring_system":"epss","scoring_elements":"0.684","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00565","scoring_system":"epss","scoring_elements":"0.68376","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00565","scoring_system":"epss","scoring_elements":"0.68427","published_at":"2026-04-08T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2019-7317"},{"reference_url":"https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=12803","reference_id":"","reference_type":"","scores":[],"url":"https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=12803"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-18511","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-18511"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11691","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11691"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11692","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11692"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11693","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11693"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11698","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11698"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5798","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5798"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7317","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7317"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9797","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9797"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9800","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9800"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9816","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9816"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9817","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9817"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9819","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9819"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9820","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9820"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://github.com/glennrp/libpng/issues/275","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/glennrp/libpng/issues/275"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2019/05/msg00032.html","reference_id":"","reference_type":"","scores":[],"url":"https://lists.debian.org/debian-lts-announce/2019/05/msg00032.html"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2019/05/msg00038.html","reference_id":"","reference_type":"","scores":[],"url":"https://lists.debian.org/debian-lts-announce/2019/05/msg00038.html"},{"reference_url":"https://seclists.org/bugtraq/2019/Apr/30","reference_id":"","reference_type":"","scores":[],"url":"https://seclists.org/bugtraq/2019/Apr/30"},{"reference_url":"https://seclists.org/bugtraq/2019/Apr/36","reference_id":"","reference_type":"","scores":[],"url":"https://seclists.org/bugtraq/2019/Apr/36"},{"reference_url":"https://seclists.org/bugtraq/2019/May/56","reference_id":"","reference_type":"","scores":[],"url":"https://seclists.org/bugtraq/2019/May/56"},{"reference_url":"https://seclists.org/bugtraq/2019/May/59","reference_id":"","reference_type":"","scores":[],"url":"https://seclists.org/bugtraq/2019/May/59"},{"reference_url":"https://seclists.org/bugtraq/2019/May/67","reference_id":"","reference_type":"","scores":[],"url":"https://seclists.org/bugtraq/2019/May/67"},{"reference_url":"https://security.gentoo.org/glsa/201908-02","reference_id":"","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201908-02"},{"reference_url":"https://security.netapp.com/advisory/ntap-20190719-0005/","reference_id":"","reference_type":"","scores":[],"url":"https://security.netapp.com/advisory/ntap-20190719-0005/"},{"reference_url":"https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbst03977en_us","reference_id":"","reference_type":"","scores":[],"url":"https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbst03977en_us"},{"reference_url":"https://www.debian.org/security/2019/dsa-4435","reference_id":"","reference_type":"","scores":[],"url":"https://www.debian.org/security/2019/dsa-4435"},{"reference_url":"https://www.debian.org/security/2019/dsa-4448","reference_id":"","reference_type":"","scores":[],"url":"https://www.debian.org/security/2019/dsa-4448"},{"reference_url":"https://www.debian.org/security/2019/dsa-4451","reference_id":"","reference_type":"","scores":[],"url":"https://www.debian.org/security/2019/dsa-4451"},{"reference_url":"https://www.oracle.com/security-alerts/cpuApr2021.html","reference_id":"","reference_type":"","scores":[],"url":"https://www.oracle.com/security-alerts/cpuApr2021.html"},{"reference_url":"https://www.oracle.com/security-alerts/cpuoct2021.html","reference_id":"","reference_type":"","scores":[],"url":"https://www.oracle.com/security-alerts/cpuoct2021.html"},{"reference_url":"https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html","reference_id":"","reference_type":"","scores":[],"url":"https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html"},{"reference_url":"http://www.securityfocus.com/bid/108098","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/bid/108098"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1672409","reference_id":"1672409","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1672409"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=921355","reference_id":"921355","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=921355"},{"reference_url":"https://security.archlinux.org/ASA-201904-10","reference_id":"ASA-201904-10","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201904-10"},{"reference_url":"https://security.archlinux.org/ASA-201905-8","reference_id":"ASA-201905-8","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201905-8"},{"reference_url":"https://security.archlinux.org/ASA-201905-9","reference_id":"ASA-201905-9","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201905-9"},{"reference_url":"https://security.archlinux.org/AVG-868","reference_id":"AVG-868","reference_type":"","scores":[{"value":"Low","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-868"},{"reference_url":"https://security.archlinux.org/AVG-965","reference_id":"AVG-965","reference_type":"","scores":[{"value":"Critical","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-965"},{"reference_url":"https://security.archlinux.org/AVG-966","reference_id":"AVG-966","reference_type":"","scores":[{"value":"Critical","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-966"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:hpe:xp7_command_view_advanced_edition_suite:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:hpe:xp7_command_view_advanced_edition_suite:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:hpe:xp7_command_view_advanced_edition_suite:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:hp:xp7_command_view:*:*:*:*:advanced:*:*:*","reference_id":"cpe:2.3:a:hp:xp7_command_view:*:*:*:*:advanced:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:hp:xp7_command_view:*:*:*:*:advanced:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:libpng:libpng:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:libpng:libpng:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:libpng:libpng:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:-:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:-:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:-:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird:-:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:thunderbird:-:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird:-:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:netapp:active_iq_unified_manager:9.6:*:*:*:*:vmware_vsphere:*:*","reference_id":"cpe:2.3:a:netapp:active_iq_unified_manager:9.6:*:*:*:*:vmware_vsphere:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:netapp:active_iq_unified_manager:9.6:*:*:*:*:vmware_vsphere:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:netapp:active_iq_unified_manager:9.6:*:*:*:*:windows:*:*","reference_id":"cpe:2.3:a:netapp:active_iq_unified_manager:9.6:*:*:*:*:windows:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:netapp:active_iq_unified_manager:9.6:*:*:*:*:windows:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:netapp:active_iq_unified_manager:*:*:*:*:*:vmware_vsphere:*:*","reference_id":"cpe:2.3:a:netapp:active_iq_unified_manager:*:*:*:*:*:vmware_vsphere:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:netapp:active_iq_unified_manager:*:*:*:*:*:vmware_vsphere:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:netapp:active_iq_unified_manager:*:*:*:*:*:windows:*:*","reference_id":"cpe:2.3:a:netapp:active_iq_unified_manager:*:*:*:*:*:windows:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:netapp:active_iq_unified_manager:*:*:*:*:*:windows:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:netapp:cloud_backup:-:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:netapp:cloud_backup:-:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:netapp:cloud_backup:-:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:netapp:e-series_santricity_management:-:*:*:*:*:vcenter:*:*","reference_id":"cpe:2.3:a:netapp:e-series_santricity_management:-:*:*:*:*:vcenter:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:netapp:e-series_santricity_management:-:*:*:*:*:vcenter:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:netapp:e-series_santricity_storage_manager:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:netapp:e-series_santricity_storage_manager:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:netapp:e-series_santricity_storage_manager:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:netapp:e-series_santricity_unified_manager:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:netapp:e-series_santricity_unified_manager:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:netapp:e-series_santricity_unified_manager:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:netapp:e-series_santricity_web_services:*:*:*:*:*:web_services_proxy:*:*","reference_id":"cpe:2.3:a:netapp:e-series_santricity_web_services:*:*:*:*:*:web_services_proxy:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:netapp:e-series_santricity_web_services:*:*:*:*:*:web_services_proxy:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:netapp:oncommand_insight:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:netapp:oncommand_insight:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:netapp:oncommand_insight:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:netapp:oncommand_workflow_automation:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:netapp:oncommand_workflow_automation:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:netapp:oncommand_workflow_automation:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:netapp:plug-in_for_symantec_netbackup:-:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:netapp:plug-in_for_symantec_netbackup:-:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:netapp:plug-in_for_symantec_netbackup:-:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:netapp:snapmanager:3.4.2:p1:*:*:*:oracle:*:*","reference_id":"cpe:2.3:a:netapp:snapmanager:3.4.2:p1:*:*:*:oracle:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:netapp:snapmanager:3.4.2:p1:*:*:*:oracle:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:netapp:snapmanager:3.4.2:p1:*:*:*:sap:*:*","reference_id":"cpe:2.3:a:netapp:snapmanager:3.4.2:p1:*:*:*:sap:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:netapp:snapmanager:3.4.2:p1:*:*:*:sap:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:netapp:snapmanager:*:*:*:*:*:oracle:*:*","reference_id":"cpe:2.3:a:netapp:snapmanager:*:*:*:*:*:oracle:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:netapp:snapmanager:*:*:*:*:*:oracle:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:netapp:snapmanager:*:*:*:*:*:sap:*:*","reference_id":"cpe:2.3:a:netapp:snapmanager:*:*:*:*:*:sap:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:netapp:snapmanager:*:*:*:*:*:sap:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:netapp:steelstore:-:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:netapp:steelstore:-:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:netapp:steelstore:-:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:opensuse:package_hub:-:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:opensuse:package_hub:-:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:opensuse:package_hub:-:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:hyperion_infrastructure_technology:11.2.6.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:oracle:hyperion_infrastructure_technology:11.2.6.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:hyperion_infrastructure_technology:11.2.6.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:java_se:7u221:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:oracle:java_se:7u221:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:java_se:7u221:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:java_se:8u212:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:oracle:java_se:8u212:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:java_se:8u212:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:jdk:11.0.3:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:oracle:jdk:11.0.3:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:jdk:11.0.3:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:jdk:12.0.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:oracle:jdk:12.0.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:jdk:12.0.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:mysql:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:oracle:mysql:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:mysql:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:satellite:5.8:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:redhat:satellite:5.8:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:satellite:5.8:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:esm:*:*:*","reference_id":"cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:esm:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:esm:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*","reference_id":"cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.10:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:canonical:ubuntu_linux:18.10:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.10:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:19.04:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:canonical:ubuntu_linux:19.04:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:19.04:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:15.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:opensuse:leap:15.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:15.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:42.3:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:opensuse:leap:42.3:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:42.3:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems:6.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems:6.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems:6.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems:7.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems:7.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems:7.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems:8.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems:8.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems:8.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_for_power_big_endian:6.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_for_power_big_endian:6.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_for_power_big_endian:6.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_for_power_big_endian:7.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_for_power_big_endian:7.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_for_power_big_endian:7.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_for_power_little_endian:7.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_for_power_little_endian:7.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_for_power_little_endian:7.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_for_power_little_endian:8.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_for_power_little_endian:8.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_for_power_little_endian:8.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_for_scientific_computing:6.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_for_scientific_computing:6.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_for_scientific_computing:6.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_for_scientific_computing:7.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_for_scientific_computing:7.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_for_scientific_computing:7.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:suse:linux_enterprise:12.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:suse:linux_enterprise:12.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:suse:linux_enterprise:12.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2019-7317","reference_id":"CVE-2019-7317","reference_type":"","scores":[{"value":"2.6","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:H/Au:N/C:N/I:N/A:P"},{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:H"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2019-7317"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2019-13","reference_id":"mfsa2019-13","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2019-13"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2019-14","reference_id":"mfsa2019-14","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2019-14"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2019-15","reference_id":"mfsa2019-15","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2019-15"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:1265","reference_id":"RHSA-2019:1265","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2019:1265"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:1267","reference_id":"RHSA-2019:1267","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2019:1267"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:1269","reference_id":"RHSA-2019:1269","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2019:1269"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:1308","reference_id":"RHSA-2019:1308","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2019:1308"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:1309","reference_id":"RHSA-2019:1309","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2019:1309"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:1310","reference_id":"RHSA-2019:1310","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2019:1310"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:2494","reference_id":"RHSA-2019:2494","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2019:2494"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:2495","reference_id":"RHSA-2019:2495","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2019:2495"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:2585","reference_id":"RHSA-2019:2585","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2019:2585"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:2590","reference_id":"RHSA-2019:2590","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2019:2590"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:2592","reference_id":"RHSA-2019:2592","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2019:2592"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:2737","reference_id":"RHSA-2019:2737","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2019:2737"},{"reference_url":"https://usn.ubuntu.com/3962-1/","reference_id":"USN-3962-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3962-1/"},{"reference_url":"https://usn.ubuntu.com/3991-1/","reference_id":"USN-3991-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3991-1/"},{"reference_url":"https://usn.ubuntu.com/3997-1/","reference_id":"USN-3997-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3997-1/"},{"reference_url":"https://usn.ubuntu.com/4080-1/","reference_id":"USN-4080-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4080-1/"},{"reference_url":"https://usn.ubuntu.com/4083-1/","reference_id":"USN-4083-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4083-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/432242?format=json","purl":"pkg:apk/alpine/firefox-esr@60.7.0-r0?arch=armhf&distroversion=v3.17&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/firefox-esr@60.7.0-r0%3Farch=armhf&distroversion=v3.17&reponame=community"}],"aliases":["CVE-2019-7317"],"risk_score":4.5,"exploitability":"0.5","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-fx8t-41tv-hkdu"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/63345?format=json","vulnerability_id":"VCID-g3nf-qnz2-h7gg","summary":"Images from a different domain can be read using a canvas object in some circumstances. This could be used to steal image data from a different site in violation of same-origin policy.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-9817.json","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-9817.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2019-9817","reference_id":"","reference_type":"","scores":[{"value":"0.00191","scoring_system":"epss","scoring_elements":"0.40769","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00191","scoring_system":"epss","scoring_elements":"0.41022","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00191","scoring_system":"epss","scoring_elements":"0.41065","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00191","scoring_system":"epss","scoring_elements":"0.41035","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00191","scoring_system":"epss","scoring_elements":"0.40961","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00191","scoring_system":"epss","scoring_elements":"0.40866","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00191","scoring_system":"epss","scoring_elements":"0.40853","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00191","scoring_system":"epss","scoring_elements":"0.4096","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00191","scoring_system":"epss","scoring_elements":"0.41041","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00191","scoring_system":"epss","scoring_elements":"0.41073","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00191","scoring_system":"epss","scoring_elements":"0.40999","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00191","scoring_system":"epss","scoring_elements":"0.41049","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00191","scoring_system":"epss","scoring_elements":"0.41056","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00191","scoring_system":"epss","scoring_elements":"0.41074","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00191","scoring_system":"epss","scoring_elements":"0.41038","published_at":"2026-04-12T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2019-9817"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-18511","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-18511"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11691","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11691"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11692","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11692"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11693","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11693"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11698","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11698"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5798","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5798"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7317","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7317"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9797","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9797"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9800","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9800"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9816","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9816"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9817","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9817"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9819","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9819"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9820","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9820"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1712626","reference_id":"1712626","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1712626"},{"reference_url":"https://security.archlinux.org/ASA-201905-8","reference_id":"ASA-201905-8","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201905-8"},{"reference_url":"https://security.archlinux.org/ASA-201905-9","reference_id":"ASA-201905-9","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201905-9"},{"reference_url":"https://security.archlinux.org/AVG-965","reference_id":"AVG-965","reference_type":"","scores":[{"value":"Critical","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-965"},{"reference_url":"https://security.archlinux.org/AVG-966","reference_id":"AVG-966","reference_type":"","scores":[{"value":"Critical","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-966"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2019-13","reference_id":"mfsa2019-13","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2019-13"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2019-14","reference_id":"mfsa2019-14","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2019-14"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2019-15","reference_id":"mfsa2019-15","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2019-15"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:1265","reference_id":"RHSA-2019:1265","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2019:1265"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:1267","reference_id":"RHSA-2019:1267","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2019:1267"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:1269","reference_id":"RHSA-2019:1269","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2019:1269"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:1308","reference_id":"RHSA-2019:1308","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2019:1308"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:1309","reference_id":"RHSA-2019:1309","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2019:1309"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:1310","reference_id":"RHSA-2019:1310","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2019:1310"},{"reference_url":"https://usn.ubuntu.com/3991-1/","reference_id":"USN-3991-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3991-1/"},{"reference_url":"https://usn.ubuntu.com/3997-1/","reference_id":"USN-3997-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3997-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/432242?format=json","purl":"pkg:apk/alpine/firefox-esr@60.7.0-r0?arch=armhf&distroversion=v3.17&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/firefox-esr@60.7.0-r0%3Farch=armhf&distroversion=v3.17&reponame=community"}],"aliases":["CVE-2019-9817"],"risk_score":4.5,"exploitability":"0.5","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-g3nf-qnz2-h7gg"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/63349?format=json","vulnerability_id":"VCID-k321-r7qq-gbb9","summary":"A use-after-free vulnerability can occur when working with XMLHttpRequest (XHR) in an event loop, causing the XHR main thread to be called after it has been freed. This results in a potentially exploitable crash.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-11691.json","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-11691.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2019-11691","reference_id":"","reference_type":"","scores":[{"value":"0.00516","scoring_system":"epss","scoring_elements":"0.66717","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00516","scoring_system":"epss","scoring_elements":"0.66678","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00516","scoring_system":"epss","scoring_elements":"0.66645","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00516","scoring_system":"epss","scoring_elements":"0.6668","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00516","scoring_system":"epss","scoring_elements":"0.66694","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00516","scoring_system":"epss","scoring_elements":"0.66679","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00516","scoring_system":"epss","scoring_elements":"0.66703","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00516","scoring_system":"epss","scoring_elements":"0.66572","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00516","scoring_system":"epss","scoring_elements":"0.66611","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00516","scoring_system":"epss","scoring_elements":"0.66638","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00516","scoring_system":"epss","scoring_elements":"0.66609","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00516","scoring_system":"epss","scoring_elements":"0.66657","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00516","scoring_system":"epss","scoring_elements":"0.66671","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00516","scoring_system":"epss","scoring_elements":"0.6669","published_at":"2026-04-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2019-11691"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-18511","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-18511"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11691","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11691"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11692","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11692"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11693","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11693"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11698","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11698"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5798","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5798"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7317","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7317"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9797","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9797"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9800","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9800"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9816","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9816"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9817","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9817"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9819","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9819"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9820","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9820"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1712617","reference_id":"1712617","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1712617"},{"reference_url":"https://security.archlinux.org/ASA-201905-8","reference_id":"ASA-201905-8","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201905-8"},{"reference_url":"https://security.archlinux.org/ASA-201905-9","reference_id":"ASA-201905-9","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201905-9"},{"reference_url":"https://security.archlinux.org/AVG-965","reference_id":"AVG-965","reference_type":"","scores":[{"value":"Critical","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-965"},{"reference_url":"https://security.archlinux.org/AVG-966","reference_id":"AVG-966","reference_type":"","scores":[{"value":"Critical","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-966"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2019-13","reference_id":"mfsa2019-13","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2019-13"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2019-14","reference_id":"mfsa2019-14","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2019-14"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2019-15","reference_id":"mfsa2019-15","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2019-15"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:1265","reference_id":"RHSA-2019:1265","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2019:1265"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:1267","reference_id":"RHSA-2019:1267","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2019:1267"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:1269","reference_id":"RHSA-2019:1269","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2019:1269"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:1308","reference_id":"RHSA-2019:1308","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2019:1308"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:1309","reference_id":"RHSA-2019:1309","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2019:1309"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:1310","reference_id":"RHSA-2019:1310","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2019:1310"},{"reference_url":"https://usn.ubuntu.com/3991-1/","reference_id":"USN-3991-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3991-1/"},{"reference_url":"https://usn.ubuntu.com/3997-1/","reference_id":"USN-3997-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3997-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/432242?format=json","purl":"pkg:apk/alpine/firefox-esr@60.7.0-r0?arch=armhf&distroversion=v3.17&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/firefox-esr@60.7.0-r0%3Farch=armhf&distroversion=v3.17&reponame=community"}],"aliases":["CVE-2019-11691"],"risk_score":4.5,"exploitability":"0.5","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-k321-r7qq-gbb9"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/59138?format=json","vulnerability_id":"VCID-k8nw-bn74-6qe5","summary":"Multiple vulnerabilities have been found in Chromium, the worst of\n    which could result in the remote execution of code.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-5798.json","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-5798.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2019-5798","reference_id":"","reference_type":"","scores":[{"value":"0.01235","scoring_system":"epss","scoring_elements":"0.79284","published_at":"2026-04-29T12:55:00Z"},{"value":"0.01235","scoring_system":"epss","scoring_elements":"0.79267","published_at":"2026-04-26T12:55:00Z"},{"value":"0.01235","scoring_system":"epss","scoring_elements":"0.79261","published_at":"2026-04-24T12:55:00Z"},{"value":"0.01255","scoring_system":"epss","scoring_elements":"0.79336","published_at":"2026-04-07T12:55:00Z"},{"value":"0.01255","scoring_system":"epss","scoring_elements":"0.79362","published_at":"2026-04-08T12:55:00Z"},{"value":"0.01255","scoring_system":"epss","scoring_elements":"0.79371","published_at":"2026-04-09T12:55:00Z"},{"value":"0.01255","scoring_system":"epss","scoring_elements":"0.7932","published_at":"2026-04-01T12:55:00Z"},{"value":"0.01255","scoring_system":"epss","scoring_elements":"0.79327","published_at":"2026-04-02T12:55:00Z"},{"value":"0.01255","scoring_system":"epss","scoring_elements":"0.7935","published_at":"2026-04-04T12:55:00Z"},{"value":"0.01255","scoring_system":"epss","scoring_elements":"0.79368","published_at":"2026-04-13T12:55:00Z"},{"value":"0.01255","scoring_system":"epss","scoring_elements":"0.794","published_at":"2026-04-16T12:55:00Z"},{"value":"0.01255","scoring_system":"epss","scoring_elements":"0.79398","published_at":"2026-04-18T12:55:00Z"},{"value":"0.01255","scoring_system":"epss","scoring_elements":"0.79402","published_at":"2026-04-21T12:55:00Z"},{"value":"0.01255","scoring_system":"epss","scoring_elements":"0.79395","published_at":"2026-04-11T12:55:00Z"},{"value":"0.01255","scoring_system":"epss","scoring_elements":"0.79379","published_at":"2026-04-12T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2019-5798"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-18511","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-18511"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11691","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11691"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11692","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11692"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11693","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11693"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11698","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11698"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5787","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5787"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5788","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5788"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5789","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5789"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5790","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5790"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5791","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5791"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5792","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5792"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5793","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5793"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5794","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5794"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5795","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5795"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5796","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5796"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5797","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5797"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5798","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5798"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5799","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5799"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5800","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5800"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5802","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5802"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5803","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5803"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5844","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5844"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5845","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5845"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5846","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5846"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7317","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7317"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9797","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9797"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9800","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9800"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9816","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9816"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9817","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9817"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9819","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9819"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9820","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9820"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1688200","reference_id":"1688200","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1688200"},{"reference_url":"https://security.archlinux.org/ASA-201903-8","reference_id":"ASA-201903-8","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201903-8"},{"reference_url":"https://security.archlinux.org/ASA-201905-8","reference_id":"ASA-201905-8","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201905-8"},{"reference_url":"https://security.archlinux.org/AVG-923","reference_id":"AVG-923","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-923"},{"reference_url":"https://security.archlinux.org/AVG-965","reference_id":"AVG-965","reference_type":"","scores":[{"value":"Critical","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-965"},{"reference_url":"https://security.gentoo.org/glsa/201903-23","reference_id":"GLSA-201903-23","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201903-23"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2019-14","reference_id":"mfsa2019-14","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2019-14"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2019-15","reference_id":"mfsa2019-15","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2019-15"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:0708","reference_id":"RHSA-2019:0708","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2019:0708"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:1265","reference_id":"RHSA-2019:1265","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2019:1265"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:1267","reference_id":"RHSA-2019:1267","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2019:1267"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:1269","reference_id":"RHSA-2019:1269","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2019:1269"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:1308","reference_id":"RHSA-2019:1308","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2019:1308"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:1309","reference_id":"RHSA-2019:1309","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2019:1309"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:1310","reference_id":"RHSA-2019:1310","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2019:1310"},{"reference_url":"https://usn.ubuntu.com/3997-1/","reference_id":"USN-3997-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3997-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/432242?format=json","purl":"pkg:apk/alpine/firefox-esr@60.7.0-r0?arch=armhf&distroversion=v3.17&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/firefox-esr@60.7.0-r0%3Farch=armhf&distroversion=v3.17&reponame=community"}],"aliases":["CVE-2019-5798"],"risk_score":4.5,"exploitability":"0.5","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-k8nw-bn74-6qe5"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/63353?format=json","vulnerability_id":"VCID-sknm-65ff-4uck","summary":"Cross-origin images can be read from a canvas element in violation of the same-origin policy using the transferFromImageBitmap method.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-18511.json","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-18511.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2018-18511","reference_id":"","reference_type":"","scores":[{"value":"0.00802","scoring_system":"epss","scoring_elements":"0.74174","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00802","scoring_system":"epss","scoring_elements":"0.74092","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00802","scoring_system":"epss","scoring_elements":"0.74131","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00802","scoring_system":"epss","scoring_elements":"0.7414","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00802","scoring_system":"epss","scoring_elements":"0.74166","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00802","scoring_system":"epss","scoring_elements":"0.74175","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00802","scoring_system":"epss","scoring_elements":"0.74044","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00802","scoring_system":"epss","scoring_elements":"0.7405","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00802","scoring_system":"epss","scoring_elements":"0.74076","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00802","scoring_system":"epss","scoring_elements":"0.74048","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00802","scoring_system":"epss","scoring_elements":"0.74081","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00802","scoring_system":"epss","scoring_elements":"0.74096","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00802","scoring_system":"epss","scoring_elements":"0.74117","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00802","scoring_system":"epss","scoring_elements":"0.74099","published_at":"2026-04-12T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2018-18511"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-18511","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-18511"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11691","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11691"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11692","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11692"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11693","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11693"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11698","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11698"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5798","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5798"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7317","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7317"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9797","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9797"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9800","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9800"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9816","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9816"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9817","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9817"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9819","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9819"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9820","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9820"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1676997","reference_id":"1676997","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1676997"},{"reference_url":"https://security.archlinux.org/ASA-201902-16","reference_id":"ASA-201902-16","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201902-16"},{"reference_url":"https://security.archlinux.org/AVG-896","reference_id":"AVG-896","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-896"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2019-04","reference_id":"mfsa2019-04","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2019-04"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2019-14","reference_id":"mfsa2019-14","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2019-14"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2019-15","reference_id":"mfsa2019-15","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2019-15"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:1265","reference_id":"RHSA-2019:1265","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2019:1265"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:1267","reference_id":"RHSA-2019:1267","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2019:1267"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:1269","reference_id":"RHSA-2019:1269","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2019:1269"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:1308","reference_id":"RHSA-2019:1308","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2019:1308"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:1309","reference_id":"RHSA-2019:1309","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2019:1309"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:1310","reference_id":"RHSA-2019:1310","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2019:1310"},{"reference_url":"https://usn.ubuntu.com/3896-1/","reference_id":"USN-3896-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3896-1/"},{"reference_url":"https://usn.ubuntu.com/3997-1/","reference_id":"USN-3997-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3997-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/432242?format=json","purl":"pkg:apk/alpine/firefox-esr@60.7.0-r0?arch=armhf&distroversion=v3.17&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/firefox-esr@60.7.0-r0%3Farch=armhf&distroversion=v3.17&reponame=community"}],"aliases":["CVE-2018-18511"],"risk_score":4.5,"exploitability":"0.5","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-sknm-65ff-4uck"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/63344?format=json","vulnerability_id":"VCID-sq1u-5jfc-dyh1","summary":"A possible vulnerability exists where type confusion can occur when manipulating JavaScript objects in object groups, allowing for the bypassing of security checks within these groups. *Note: this vulnerability has only been demonstrated with UnboxedObjects, which are disabled by default on all supported releases.*","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-9816.json","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-9816.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2019-9816","reference_id":"","reference_type":"","scores":[{"value":"0.38245","scoring_system":"epss","scoring_elements":"0.97242","published_at":"2026-04-29T12:55:00Z"},{"value":"0.38245","scoring_system":"epss","scoring_elements":"0.97226","published_at":"2026-04-12T12:55:00Z"},{"value":"0.38245","scoring_system":"epss","scoring_elements":"0.97227","published_at":"2026-04-13T12:55:00Z"},{"value":"0.38245","scoring_system":"epss","scoring_elements":"0.97235","published_at":"2026-04-16T12:55:00Z"},{"value":"0.38245","scoring_system":"epss","scoring_elements":"0.97237","published_at":"2026-04-18T12:55:00Z"},{"value":"0.38245","scoring_system":"epss","scoring_elements":"0.9724","published_at":"2026-04-24T12:55:00Z"},{"value":"0.38245","scoring_system":"epss","scoring_elements":"0.97241","published_at":"2026-04-26T12:55:00Z"},{"value":"0.38245","scoring_system":"epss","scoring_elements":"0.97199","published_at":"2026-04-01T12:55:00Z"},{"value":"0.38245","scoring_system":"epss","scoring_elements":"0.97205","published_at":"2026-04-02T12:55:00Z"},{"value":"0.38245","scoring_system":"epss","scoring_elements":"0.9721","published_at":"2026-04-04T12:55:00Z"},{"value":"0.38245","scoring_system":"epss","scoring_elements":"0.97211","published_at":"2026-04-07T12:55:00Z"},{"value":"0.38245","scoring_system":"epss","scoring_elements":"0.97221","published_at":"2026-04-08T12:55:00Z"},{"value":"0.38245","scoring_system":"epss","scoring_elements":"0.97222","published_at":"2026-04-09T12:55:00Z"},{"value":"0.38245","scoring_system":"epss","scoring_elements":"0.97225","published_at":"2026-04-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2019-9816"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-18511","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-18511"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11691","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11691"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11692","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11692"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11693","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11693"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11698","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11698"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5798","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5798"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7317","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7317"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9797","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9797"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9800","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9800"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9816","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9816"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9817","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9817"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9819","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9819"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9820","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9820"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1712625","reference_id":"1712625","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1712625"},{"reference_url":"https://security.archlinux.org/ASA-201905-8","reference_id":"ASA-201905-8","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201905-8"},{"reference_url":"https://security.archlinux.org/ASA-201905-9","reference_id":"ASA-201905-9","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201905-9"},{"reference_url":"https://security.archlinux.org/AVG-965","reference_id":"AVG-965","reference_type":"","scores":[{"value":"Critical","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-965"},{"reference_url":"https://security.archlinux.org/AVG-966","reference_id":"AVG-966","reference_type":"","scores":[{"value":"Critical","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-966"},{"reference_url":"https://bugs.chromium.org/p/project-zero/issues/detail?id=1808","reference_id":"CVE-2019-9816","reference_type":"exploit","scores":[],"url":"https://bugs.chromium.org/p/project-zero/issues/detail?id=1808"},{"reference_url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/dos/46940.txt","reference_id":"CVE-2019-9816","reference_type":"exploit","scores":[],"url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/dos/46940.txt"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2019-13","reference_id":"mfsa2019-13","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2019-13"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2019-14","reference_id":"mfsa2019-14","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2019-14"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2019-15","reference_id":"mfsa2019-15","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2019-15"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:1265","reference_id":"RHSA-2019:1265","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2019:1265"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:1267","reference_id":"RHSA-2019:1267","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2019:1267"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:1269","reference_id":"RHSA-2019:1269","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2019:1269"},{"reference_url":"https://usn.ubuntu.com/3991-1/","reference_id":"USN-3991-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3991-1/"},{"reference_url":"https://usn.ubuntu.com/3997-1/","reference_id":"USN-3997-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3997-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/432242?format=json","purl":"pkg:apk/alpine/firefox-esr@60.7.0-r0?arch=armhf&distroversion=v3.17&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/firefox-esr@60.7.0-r0%3Farch=armhf&distroversion=v3.17&reponame=community"}],"aliases":["CVE-2019-9816"],"risk_score":10.0,"exploitability":"2.0","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-sq1u-5jfc-dyh1"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/63321?format=json","vulnerability_id":"VCID-tff1-6wkz-jyar","summary":"Cross-origin images can be read in violation of the same-origin policy by exporting an image after using createImageBitmap to read the image and then rendering the resulting bitmap image within a canvas element.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-9797.json","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-9797.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2019-9797","reference_id":"","reference_type":"","scores":[{"value":"0.00481","scoring_system":"epss","scoring_elements":"0.65167","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00481","scoring_system":"epss","scoring_elements":"0.65109","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00481","scoring_system":"epss","scoring_elements":"0.65145","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00481","scoring_system":"epss","scoring_elements":"0.65155","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00481","scoring_system":"epss","scoring_elements":"0.65139","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00481","scoring_system":"epss","scoring_elements":"0.65154","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00481","scoring_system":"epss","scoring_elements":"0.65024","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00481","scoring_system":"epss","scoring_elements":"0.65075","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00481","scoring_system":"epss","scoring_elements":"0.65101","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00481","scoring_system":"epss","scoring_elements":"0.65065","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00481","scoring_system":"epss","scoring_elements":"0.65114","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00481","scoring_system":"epss","scoring_elements":"0.65127","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00481","scoring_system":"epss","scoring_elements":"0.65146","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00481","scoring_system":"epss","scoring_elements":"0.65136","published_at":"2026-04-12T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2019-9797"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-18511","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-18511"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11691","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11691"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11692","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11692"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11693","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11693"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11698","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11698"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5798","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5798"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7317","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7317"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9797","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9797"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9800","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9800"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9816","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9816"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9817","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9817"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9819","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9819"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9820","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9820"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1712622","reference_id":"1712622","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1712622"},{"reference_url":"https://security.archlinux.org/ASA-201903-11","reference_id":"ASA-201903-11","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201903-11"},{"reference_url":"https://security.archlinux.org/AVG-925","reference_id":"AVG-925","reference_type":"","scores":[{"value":"Critical","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-925"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2019-07","reference_id":"mfsa2019-07","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2019-07"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2019-14","reference_id":"mfsa2019-14","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2019-14"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2019-15","reference_id":"mfsa2019-15","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2019-15"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:1265","reference_id":"RHSA-2019:1265","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2019:1265"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:1267","reference_id":"RHSA-2019:1267","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2019:1267"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:1269","reference_id":"RHSA-2019:1269","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2019:1269"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:1308","reference_id":"RHSA-2019:1308","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2019:1308"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:1309","reference_id":"RHSA-2019:1309","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2019:1309"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:1310","reference_id":"RHSA-2019:1310","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2019:1310"},{"reference_url":"https://usn.ubuntu.com/3918-1/","reference_id":"USN-3918-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3918-1/"},{"reference_url":"https://usn.ubuntu.com/3918-2/","reference_id":"USN-3918-2","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3918-2/"},{"reference_url":"https://usn.ubuntu.com/3997-1/","reference_id":"USN-3997-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3997-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/432242?format=json","purl":"pkg:apk/alpine/firefox-esr@60.7.0-r0?arch=armhf&distroversion=v3.17&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/firefox-esr@60.7.0-r0%3Farch=armhf&distroversion=v3.17&reponame=community"}],"aliases":["CVE-2019-9797"],"risk_score":4.5,"exploitability":"0.5","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-tff1-6wkz-jyar"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/63356?format=json","vulnerability_id":"VCID-tfry-ch3y-fyb1","summary":"Mozilla developers and community members Olli Pettay, Bogdan Tara, Jan de Mooij, Jason Kratzer, Jan Varga, Gary Kwong, Tim Guan-tin Chien, Tyson Smith, Ronald Crane, and Ted Campbell reported memory safety bugs present in Firefox 66 and Firefox ESR 60.6. Some of these bugs showed evidence of memory corruption and we presume that with enough effort that some of these could be exploited to run arbitrary code.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-9800.json","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-9800.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2019-9800","reference_id":"","reference_type":"","scores":[{"value":"0.00554","scoring_system":"epss","scoring_elements":"0.68165","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00554","scoring_system":"epss","scoring_elements":"0.68077","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00554","scoring_system":"epss","scoring_elements":"0.68114","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00554","scoring_system":"epss","scoring_elements":"0.68126","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00554","scoring_system":"epss","scoring_elements":"0.68109","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00554","scoring_system":"epss","scoring_elements":"0.68151","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00554","scoring_system":"epss","scoring_elements":"0.6816","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00554","scoring_system":"epss","scoring_elements":"0.68014","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00554","scoring_system":"epss","scoring_elements":"0.68035","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00554","scoring_system":"epss","scoring_elements":"0.68055","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00554","scoring_system":"epss","scoring_elements":"0.68033","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00554","scoring_system":"epss","scoring_elements":"0.68085","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00554","scoring_system":"epss","scoring_elements":"0.68099","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00554","scoring_system":"epss","scoring_elements":"0.68124","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00554","scoring_system":"epss","scoring_elements":"0.68111","published_at":"2026-04-12T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2019-9800"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-18511","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-18511"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11691","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11691"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11692","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11692"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11693","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11693"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11698","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11698"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5798","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5798"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7317","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7317"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9797","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9797"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9800","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9800"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9816","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9816"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9817","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9817"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9819","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9819"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9820","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9820"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1712623","reference_id":"1712623","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1712623"},{"reference_url":"https://security.archlinux.org/ASA-201905-8","reference_id":"ASA-201905-8","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201905-8"},{"reference_url":"https://security.archlinux.org/ASA-201905-9","reference_id":"ASA-201905-9","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201905-9"},{"reference_url":"https://security.archlinux.org/AVG-965","reference_id":"AVG-965","reference_type":"","scores":[{"value":"Critical","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-965"},{"reference_url":"https://security.archlinux.org/AVG-966","reference_id":"AVG-966","reference_type":"","scores":[{"value":"Critical","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-966"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2019-13","reference_id":"mfsa2019-13","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2019-13"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2019-14","reference_id":"mfsa2019-14","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2019-14"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2019-15","reference_id":"mfsa2019-15","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2019-15"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:1265","reference_id":"RHSA-2019:1265","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2019:1265"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:1267","reference_id":"RHSA-2019:1267","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2019:1267"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:1269","reference_id":"RHSA-2019:1269","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2019:1269"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:1308","reference_id":"RHSA-2019:1308","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2019:1308"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:1309","reference_id":"RHSA-2019:1309","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2019:1309"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:1310","reference_id":"RHSA-2019:1310","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2019:1310"},{"reference_url":"https://usn.ubuntu.com/3991-1/","reference_id":"USN-3991-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3991-1/"},{"reference_url":"https://usn.ubuntu.com/3997-1/","reference_id":"USN-3997-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3997-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/432242?format=json","purl":"pkg:apk/alpine/firefox-esr@60.7.0-r0?arch=armhf&distroversion=v3.17&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/firefox-esr@60.7.0-r0%3Farch=armhf&distroversion=v3.17&reponame=community"}],"aliases":["CVE-2019-9800"],"risk_score":4.5,"exploitability":"0.5","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-tfry-ch3y-fyb1"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/63352?format=json","vulnerability_id":"VCID-ugjs-4tca-d3dk","summary":"The bufferdata function in WebGL is vulnerable to a buffer overflow with specific graphics drivers on Linux. This could result in malicious content freezing a tab or triggering a potentially exploitable crash. *Note: this issue only occurs on Linux. Other operating systems are unaffected.*","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-11693.json","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-11693.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2019-11693","reference_id":"","reference_type":"","scores":[{"value":"0.00598","scoring_system":"epss","scoring_elements":"0.69497","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00598","scoring_system":"epss","scoring_elements":"0.69401","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00598","scoring_system":"epss","scoring_elements":"0.6944","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00598","scoring_system":"epss","scoring_elements":"0.69451","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00598","scoring_system":"epss","scoring_elements":"0.69433","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00598","scoring_system":"epss","scoring_elements":"0.69484","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00598","scoring_system":"epss","scoring_elements":"0.69491","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00598","scoring_system":"epss","scoring_elements":"0.69333","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00598","scoring_system":"epss","scoring_elements":"0.69345","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00598","scoring_system":"epss","scoring_elements":"0.69362","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00598","scoring_system":"epss","scoring_elements":"0.69342","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00598","scoring_system":"epss","scoring_elements":"0.69392","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00598","scoring_system":"epss","scoring_elements":"0.69408","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00598","scoring_system":"epss","scoring_elements":"0.6943","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00598","scoring_system":"epss","scoring_elements":"0.69415","published_at":"2026-04-12T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2019-11693"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-18511","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-18511"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11691","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11691"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11692","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11692"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11693","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11693"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11698","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11698"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5798","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5798"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7317","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7317"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9797","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9797"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9800","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9800"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9816","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9816"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9817","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9817"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9819","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9819"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9820","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9820"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1712619","reference_id":"1712619","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1712619"},{"reference_url":"https://security.archlinux.org/ASA-201905-8","reference_id":"ASA-201905-8","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201905-8"},{"reference_url":"https://security.archlinux.org/ASA-201905-9","reference_id":"ASA-201905-9","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201905-9"},{"reference_url":"https://security.archlinux.org/AVG-965","reference_id":"AVG-965","reference_type":"","scores":[{"value":"Critical","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-965"},{"reference_url":"https://security.archlinux.org/AVG-966","reference_id":"AVG-966","reference_type":"","scores":[{"value":"Critical","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-966"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2019-13","reference_id":"mfsa2019-13","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2019-13"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2019-14","reference_id":"mfsa2019-14","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2019-14"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2019-15","reference_id":"mfsa2019-15","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2019-15"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:1265","reference_id":"RHSA-2019:1265","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2019:1265"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:1267","reference_id":"RHSA-2019:1267","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2019:1267"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:1269","reference_id":"RHSA-2019:1269","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2019:1269"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:1308","reference_id":"RHSA-2019:1308","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2019:1308"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:1309","reference_id":"RHSA-2019:1309","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2019:1309"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:1310","reference_id":"RHSA-2019:1310","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2019:1310"},{"reference_url":"https://usn.ubuntu.com/3991-1/","reference_id":"USN-3991-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3991-1/"},{"reference_url":"https://usn.ubuntu.com/3997-1/","reference_id":"USN-3997-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3997-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/432242?format=json","purl":"pkg:apk/alpine/firefox-esr@60.7.0-r0?arch=armhf&distroversion=v3.17&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/firefox-esr@60.7.0-r0%3Farch=armhf&distroversion=v3.17&reponame=community"}],"aliases":["CVE-2019-11693"],"risk_score":4.5,"exploitability":"0.5","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-ugjs-4tca-d3dk"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/63350?format=json","vulnerability_id":"VCID-vvpm-3zhz-77dm","summary":"A use-after-free vulnerability can occur when listeners are removed from the event listener manager while still in use, resulting in a potentially exploitable crash.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-11692.json","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-11692.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2019-11692","reference_id":"","reference_type":"","scores":[{"value":"0.00516","scoring_system":"epss","scoring_elements":"0.66717","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00516","scoring_system":"epss","scoring_elements":"0.66678","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00516","scoring_system":"epss","scoring_elements":"0.66645","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00516","scoring_system":"epss","scoring_elements":"0.6668","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00516","scoring_system":"epss","scoring_elements":"0.66694","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00516","scoring_system":"epss","scoring_elements":"0.66679","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00516","scoring_system":"epss","scoring_elements":"0.66703","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00516","scoring_system":"epss","scoring_elements":"0.66572","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00516","scoring_system":"epss","scoring_elements":"0.66611","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00516","scoring_system":"epss","scoring_elements":"0.66638","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00516","scoring_system":"epss","scoring_elements":"0.66609","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00516","scoring_system":"epss","scoring_elements":"0.66657","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00516","scoring_system":"epss","scoring_elements":"0.66671","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00516","scoring_system":"epss","scoring_elements":"0.6669","published_at":"2026-04-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2019-11692"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-18511","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-18511"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11691","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11691"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11692","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11692"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11693","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11693"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11698","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11698"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5798","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5798"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7317","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7317"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9797","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9797"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9800","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9800"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9816","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9816"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9817","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9817"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9819","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9819"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9820","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9820"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1712618","reference_id":"1712618","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1712618"},{"reference_url":"https://security.archlinux.org/ASA-201905-8","reference_id":"ASA-201905-8","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201905-8"},{"reference_url":"https://security.archlinux.org/ASA-201905-9","reference_id":"ASA-201905-9","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201905-9"},{"reference_url":"https://security.archlinux.org/AVG-965","reference_id":"AVG-965","reference_type":"","scores":[{"value":"Critical","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-965"},{"reference_url":"https://security.archlinux.org/AVG-966","reference_id":"AVG-966","reference_type":"","scores":[{"value":"Critical","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-966"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2019-13","reference_id":"mfsa2019-13","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2019-13"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2019-14","reference_id":"mfsa2019-14","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2019-14"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2019-15","reference_id":"mfsa2019-15","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2019-15"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:1265","reference_id":"RHSA-2019:1265","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2019:1265"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:1267","reference_id":"RHSA-2019:1267","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2019:1267"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:1269","reference_id":"RHSA-2019:1269","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2019:1269"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:1308","reference_id":"RHSA-2019:1308","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2019:1308"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:1309","reference_id":"RHSA-2019:1309","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2019:1309"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:1310","reference_id":"RHSA-2019:1310","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2019:1310"},{"reference_url":"https://usn.ubuntu.com/3991-1/","reference_id":"USN-3991-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3991-1/"},{"reference_url":"https://usn.ubuntu.com/3997-1/","reference_id":"USN-3997-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3997-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/432242?format=json","purl":"pkg:apk/alpine/firefox-esr@60.7.0-r0?arch=armhf&distroversion=v3.17&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/firefox-esr@60.7.0-r0%3Farch=armhf&distroversion=v3.17&reponame=community"}],"aliases":["CVE-2019-11692"],"risk_score":4.5,"exploitability":"0.5","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-vvpm-3zhz-77dm"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/63355?format=json","vulnerability_id":"VCID-w5hu-w7mu-b3g3","summary":"If a crafted hyperlink is dragged and dropped to the bookmark bar or sidebar and the resulting bookmark is subsequently dragged and dropped into the web content area, an arbitrary query of a user's browser history can be run and transmitted to the content page via drop event data. This allows for the theft of browser history by a malicious site.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-11698.json","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-11698.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2019-11698","reference_id":"","reference_type":"","scores":[{"value":"0.00379","scoring_system":"epss","scoring_elements":"0.59439","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00379","scoring_system":"epss","scoring_elements":"0.59437","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00379","scoring_system":"epss","scoring_elements":"0.5947","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00379","scoring_system":"epss","scoring_elements":"0.59477","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00379","scoring_system":"epss","scoring_elements":"0.5946","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00379","scoring_system":"epss","scoring_elements":"0.59434","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00379","scoring_system":"epss","scoring_elements":"0.59454","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00379","scoring_system":"epss","scoring_elements":"0.59326","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00379","scoring_system":"epss","scoring_elements":"0.59399","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00379","scoring_system":"epss","scoring_elements":"0.59423","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00379","scoring_system":"epss","scoring_elements":"0.59389","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00379","scoring_system":"epss","scoring_elements":"0.5944","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00379","scoring_system":"epss","scoring_elements":"0.59453","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00379","scoring_system":"epss","scoring_elements":"0.59472","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00379","scoring_system":"epss","scoring_elements":"0.59456","published_at":"2026-04-12T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2019-11698"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-18511","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-18511"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11691","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11691"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11692","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11692"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11693","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11693"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11698","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11698"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5798","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5798"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7317","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7317"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9797","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9797"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9800","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9800"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9816","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9816"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9817","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9817"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9819","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9819"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9820","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9820"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1712621","reference_id":"1712621","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1712621"},{"reference_url":"https://security.archlinux.org/ASA-201905-8","reference_id":"ASA-201905-8","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201905-8"},{"reference_url":"https://security.archlinux.org/ASA-201905-9","reference_id":"ASA-201905-9","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201905-9"},{"reference_url":"https://security.archlinux.org/AVG-965","reference_id":"AVG-965","reference_type":"","scores":[{"value":"Critical","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-965"},{"reference_url":"https://security.archlinux.org/AVG-966","reference_id":"AVG-966","reference_type":"","scores":[{"value":"Critical","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-966"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2019-13","reference_id":"mfsa2019-13","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2019-13"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2019-14","reference_id":"mfsa2019-14","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2019-14"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2019-15","reference_id":"mfsa2019-15","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2019-15"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:1265","reference_id":"RHSA-2019:1265","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2019:1265"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:1267","reference_id":"RHSA-2019:1267","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2019:1267"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:1269","reference_id":"RHSA-2019:1269","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2019:1269"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:1308","reference_id":"RHSA-2019:1308","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2019:1308"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:1309","reference_id":"RHSA-2019:1309","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2019:1309"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:1310","reference_id":"RHSA-2019:1310","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2019:1310"},{"reference_url":"https://usn.ubuntu.com/3991-1/","reference_id":"USN-3991-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3991-1/"},{"reference_url":"https://usn.ubuntu.com/3997-1/","reference_id":"USN-3997-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3997-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/432242?format=json","purl":"pkg:apk/alpine/firefox-esr@60.7.0-r0?arch=armhf&distroversion=v3.17&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/firefox-esr@60.7.0-r0%3Farch=armhf&distroversion=v3.17&reponame=community"}],"aliases":["CVE-2019-11698"],"risk_score":4.5,"exploitability":"0.5","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-w5hu-w7mu-b3g3"}],"risk_score":null,"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/firefox-esr@60.7.0-r0%3Farch=armhf&distroversion=v3.17&reponame=community"}