Django REST framework

Package Instance

Lookup for vulnerable packages by Package URL.

Purlpkg:apk/alpine/firefox-esr@68.3.0-r0?arch=x86&distroversion=v3.16&reponame=community
Typeapk
Namespacealpine
Namefirefox-esr
Version68.3.0-r0
Qualifiers
arch x86
distroversion v3.16
reponame community
Subpath
Is_vulnerablefalse
Next_non_vulnerable_version68.4.1-r0
Latest_non_vulnerable_version91.12.0-r0
Affected_by_vulnerabilities
Fixing_vulnerabilities
0
url VCID-3819-3qjj-zuh4
vulnerability_id VCID-3819-3qjj-zuh4
summary When using nested workers, a use-after-free could occur during worker destruction. This resulted in a potentially exploitable crash.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-17008.json
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-17008.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2019-17008
reference_id
reference_type
scores
0
value 0.00866
scoring_system epss
scoring_elements 0.75519
published_at 2026-06-09T12:55:00Z
1
value 0.00866
scoring_system epss
scoring_elements 0.75485
published_at 2026-06-04T12:55:00Z
2
value 0.00866
scoring_system epss
scoring_elements 0.75513
published_at 2026-06-05T12:55:00Z
3
value 0.00866
scoring_system epss
scoring_elements 0.75517
published_at 2026-06-06T12:55:00Z
4
value 0.00866
scoring_system epss
scoring_elements 0.75507
published_at 2026-06-07T12:55:00Z
5
value 0.00866
scoring_system epss
scoring_elements 0.75494
published_at 2026-06-08T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2019-17008
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-17005
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-17005
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-17008
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-17008
4
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-17010
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-17010
5
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-17011
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-17011
6
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-17012
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-17012
7
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
8
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1779431
reference_id 1779431
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1779431
9
reference_url https://security.archlinux.org/ASA-201912-1
reference_id ASA-201912-1
reference_type
scores
url https://security.archlinux.org/ASA-201912-1
10
reference_url https://security.archlinux.org/ASA-201912-2
reference_id ASA-201912-2
reference_type
scores
url https://security.archlinux.org/ASA-201912-2
11
reference_url https://security.archlinux.org/AVG-1071
reference_id AVG-1071
reference_type
scores
0
value Critical
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-1071
12
reference_url https://security.archlinux.org/AVG-1072
reference_id AVG-1072
reference_type
scores
0
value Critical
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-1072
13
reference_url https://security.gentoo.org/glsa/202003-02
reference_id GLSA-202003-02
reference_type
scores
url https://security.gentoo.org/glsa/202003-02
14
reference_url https://security.gentoo.org/glsa/202003-10
reference_id GLSA-202003-10
reference_type
scores
url https://security.gentoo.org/glsa/202003-10
15
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2019-36
reference_id mfsa2019-36
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2019-36
16
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2019-37
reference_id mfsa2019-37
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2019-37
17
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2019-38
reference_id mfsa2019-38
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2019-38
18
reference_url https://access.redhat.com/errata/RHSA-2019:4107
reference_id RHSA-2019:4107
reference_type
scores
url https://access.redhat.com/errata/RHSA-2019:4107
19
reference_url https://access.redhat.com/errata/RHSA-2019:4108
reference_id RHSA-2019:4108
reference_type
scores
url https://access.redhat.com/errata/RHSA-2019:4108
20
reference_url https://access.redhat.com/errata/RHSA-2019:4111
reference_id RHSA-2019:4111
reference_type
scores
url https://access.redhat.com/errata/RHSA-2019:4111
21
reference_url https://access.redhat.com/errata/RHSA-2019:4148
reference_id RHSA-2019:4148
reference_type
scores
url https://access.redhat.com/errata/RHSA-2019:4148
22
reference_url https://access.redhat.com/errata/RHSA-2019:4195
reference_id RHSA-2019:4195
reference_type
scores
url https://access.redhat.com/errata/RHSA-2019:4195
23
reference_url https://access.redhat.com/errata/RHSA-2019:4205
reference_id RHSA-2019:4205
reference_type
scores
url https://access.redhat.com/errata/RHSA-2019:4205
24
reference_url https://access.redhat.com/errata/RHSA-2020:0292
reference_id RHSA-2020:0292
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:0292
25
reference_url https://access.redhat.com/errata/RHSA-2020:0295
reference_id RHSA-2020:0295
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:0295
26
reference_url https://usn.ubuntu.com/4216-1/
reference_id USN-4216-1
reference_type
scores
url https://usn.ubuntu.com/4216-1/
27
reference_url https://usn.ubuntu.com/4216-2/
reference_id USN-4216-2
reference_type
scores
url https://usn.ubuntu.com/4216-2/
28
reference_url https://usn.ubuntu.com/4241-1/
reference_id USN-4241-1
reference_type
scores
url https://usn.ubuntu.com/4241-1/
fixed_packages
0
url pkg:apk/alpine/firefox-esr@68.3.0-r0?arch=x86&distroversion=v3.16&reponame=community
purl pkg:apk/alpine/firefox-esr@68.3.0-r0?arch=x86&distroversion=v3.16&reponame=community
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:apk/alpine/firefox-esr@68.3.0-r0%3Farch=x86&distroversion=v3.16&reponame=community
aliases CVE-2019-17008
risk_score 4.5
exploitability 0.5
weighted_severity 9.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-3819-3qjj-zuh4
1
url VCID-7xpb-r1ud-bfe9
vulnerability_id VCID-7xpb-r1ud-bfe9
summary Mozilla developers Christoph Diehl, Nathan Froyd, Jason Kratzer, Christian Holler, Karl Tomlinson, Tyson Smith reported memory safety bugs present in Firefox 70 and Firefox ESR 68.2. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-17012.json
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-17012.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2019-17012
reference_id
reference_type
scores
0
value 0.0185
scoring_system epss
scoring_elements 0.8338
published_at 2026-06-09T12:55:00Z
1
value 0.0185
scoring_system epss
scoring_elements 0.83352
published_at 2026-06-04T12:55:00Z
2
value 0.0185
scoring_system epss
scoring_elements 0.83376
published_at 2026-06-05T12:55:00Z
3
value 0.0185
scoring_system epss
scoring_elements 0.83378
published_at 2026-06-06T12:55:00Z
4
value 0.0185
scoring_system epss
scoring_elements 0.83374
published_at 2026-06-07T12:55:00Z
5
value 0.0185
scoring_system epss
scoring_elements 0.83367
published_at 2026-06-08T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2019-17012
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-17005
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-17005
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-17008
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-17008
4
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-17010
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-17010
5
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-17011
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-17011
6
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-17012
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-17012
7
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
8
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1779437
reference_id 1779437
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1779437
9
reference_url https://security.archlinux.org/ASA-201912-1
reference_id ASA-201912-1
reference_type
scores
url https://security.archlinux.org/ASA-201912-1
10
reference_url https://security.archlinux.org/ASA-201912-2
reference_id ASA-201912-2
reference_type
scores
url https://security.archlinux.org/ASA-201912-2
11
reference_url https://security.archlinux.org/AVG-1071
reference_id AVG-1071
reference_type
scores
0
value Critical
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-1071
12
reference_url https://security.archlinux.org/AVG-1072
reference_id AVG-1072
reference_type
scores
0
value Critical
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-1072
13
reference_url https://security.gentoo.org/glsa/202003-02
reference_id GLSA-202003-02
reference_type
scores
url https://security.gentoo.org/glsa/202003-02
14
reference_url https://security.gentoo.org/glsa/202003-10
reference_id GLSA-202003-10
reference_type
scores
url https://security.gentoo.org/glsa/202003-10
15
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2019-36
reference_id mfsa2019-36
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2019-36
16
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2019-37
reference_id mfsa2019-37
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2019-37
17
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2019-38
reference_id mfsa2019-38
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2019-38
18
reference_url https://access.redhat.com/errata/RHSA-2019:4107
reference_id RHSA-2019:4107
reference_type
scores
url https://access.redhat.com/errata/RHSA-2019:4107
19
reference_url https://access.redhat.com/errata/RHSA-2019:4108
reference_id RHSA-2019:4108
reference_type
scores
url https://access.redhat.com/errata/RHSA-2019:4108
20
reference_url https://access.redhat.com/errata/RHSA-2019:4111
reference_id RHSA-2019:4111
reference_type
scores
url https://access.redhat.com/errata/RHSA-2019:4111
21
reference_url https://access.redhat.com/errata/RHSA-2019:4148
reference_id RHSA-2019:4148
reference_type
scores
url https://access.redhat.com/errata/RHSA-2019:4148
22
reference_url https://access.redhat.com/errata/RHSA-2019:4195
reference_id RHSA-2019:4195
reference_type
scores
url https://access.redhat.com/errata/RHSA-2019:4195
23
reference_url https://access.redhat.com/errata/RHSA-2019:4205
reference_id RHSA-2019:4205
reference_type
scores
url https://access.redhat.com/errata/RHSA-2019:4205
24
reference_url https://access.redhat.com/errata/RHSA-2020:0292
reference_id RHSA-2020:0292
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:0292
25
reference_url https://access.redhat.com/errata/RHSA-2020:0295
reference_id RHSA-2020:0295
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:0295
26
reference_url https://usn.ubuntu.com/4216-1/
reference_id USN-4216-1
reference_type
scores
url https://usn.ubuntu.com/4216-1/
27
reference_url https://usn.ubuntu.com/4216-2/
reference_id USN-4216-2
reference_type
scores
url https://usn.ubuntu.com/4216-2/
28
reference_url https://usn.ubuntu.com/4241-1/
reference_id USN-4241-1
reference_type
scores
url https://usn.ubuntu.com/4241-1/
fixed_packages
0
url pkg:apk/alpine/firefox-esr@68.3.0-r0?arch=x86&distroversion=v3.16&reponame=community
purl pkg:apk/alpine/firefox-esr@68.3.0-r0?arch=x86&distroversion=v3.16&reponame=community
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:apk/alpine/firefox-esr@68.3.0-r0%3Farch=x86&distroversion=v3.16&reponame=community
aliases CVE-2019-17012
risk_score 4.5
exploitability 0.5
weighted_severity 9.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-7xpb-r1ud-bfe9
2
url VCID-b3cr-fa8q-m7bw
vulnerability_id VCID-b3cr-fa8q-m7bw
summary Under certain conditions, when checking the Resist Fingerprinting preference during device orientation checks, a race condition could have caused a use-after-free and a potentially exploitable crash.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-17010.json
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-17010.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2019-17010
reference_id
reference_type
scores
0
value 0.01141
scoring_system epss
scoring_elements 0.78789
published_at 2026-06-09T12:55:00Z
1
value 0.01141
scoring_system epss
scoring_elements 0.78759
published_at 2026-06-04T12:55:00Z
2
value 0.01141
scoring_system epss
scoring_elements 0.78785
published_at 2026-06-05T12:55:00Z
3
value 0.01141
scoring_system epss
scoring_elements 0.78792
published_at 2026-06-06T12:55:00Z
4
value 0.01141
scoring_system epss
scoring_elements 0.78782
published_at 2026-06-07T12:55:00Z
5
value 0.01141
scoring_system epss
scoring_elements 0.78771
published_at 2026-06-08T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2019-17010
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-17005
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-17005
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-17008
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-17008
4
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-17010
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-17010
5
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-17011
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-17011
6
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-17012
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-17012
7
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
8
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1779434
reference_id 1779434
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1779434
9
reference_url https://security.archlinux.org/ASA-201912-1
reference_id ASA-201912-1
reference_type
scores
url https://security.archlinux.org/ASA-201912-1
10
reference_url https://security.archlinux.org/ASA-201912-2
reference_id ASA-201912-2
reference_type
scores
url https://security.archlinux.org/ASA-201912-2
11
reference_url https://security.archlinux.org/AVG-1071
reference_id AVG-1071
reference_type
scores
0
value Critical
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-1071
12
reference_url https://security.archlinux.org/AVG-1072
reference_id AVG-1072
reference_type
scores
0
value Critical
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-1072
13
reference_url https://security.gentoo.org/glsa/202003-02
reference_id GLSA-202003-02
reference_type
scores
url https://security.gentoo.org/glsa/202003-02
14
reference_url https://security.gentoo.org/glsa/202003-10
reference_id GLSA-202003-10
reference_type
scores
url https://security.gentoo.org/glsa/202003-10
15
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2019-36
reference_id mfsa2019-36
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2019-36
16
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2019-37
reference_id mfsa2019-37
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2019-37
17
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2019-38
reference_id mfsa2019-38
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2019-38
18
reference_url https://access.redhat.com/errata/RHSA-2019:4107
reference_id RHSA-2019:4107
reference_type
scores
url https://access.redhat.com/errata/RHSA-2019:4107
19
reference_url https://access.redhat.com/errata/RHSA-2019:4108
reference_id RHSA-2019:4108
reference_type
scores
url https://access.redhat.com/errata/RHSA-2019:4108
20
reference_url https://access.redhat.com/errata/RHSA-2019:4111
reference_id RHSA-2019:4111
reference_type
scores
url https://access.redhat.com/errata/RHSA-2019:4111
21
reference_url https://access.redhat.com/errata/RHSA-2019:4148
reference_id RHSA-2019:4148
reference_type
scores
url https://access.redhat.com/errata/RHSA-2019:4148
22
reference_url https://access.redhat.com/errata/RHSA-2019:4195
reference_id RHSA-2019:4195
reference_type
scores
url https://access.redhat.com/errata/RHSA-2019:4195
23
reference_url https://access.redhat.com/errata/RHSA-2019:4205
reference_id RHSA-2019:4205
reference_type
scores
url https://access.redhat.com/errata/RHSA-2019:4205
24
reference_url https://access.redhat.com/errata/RHSA-2020:0292
reference_id RHSA-2020:0292
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:0292
25
reference_url https://access.redhat.com/errata/RHSA-2020:0295
reference_id RHSA-2020:0295
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:0295
26
reference_url https://usn.ubuntu.com/4216-1/
reference_id USN-4216-1
reference_type
scores
url https://usn.ubuntu.com/4216-1/
27
reference_url https://usn.ubuntu.com/4216-2/
reference_id USN-4216-2
reference_type
scores
url https://usn.ubuntu.com/4216-2/
28
reference_url https://usn.ubuntu.com/4241-1/
reference_id USN-4241-1
reference_type
scores
url https://usn.ubuntu.com/4241-1/
fixed_packages
0
url pkg:apk/alpine/firefox-esr@68.3.0-r0?arch=x86&distroversion=v3.16&reponame=community
purl pkg:apk/alpine/firefox-esr@68.3.0-r0?arch=x86&distroversion=v3.16&reponame=community
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:apk/alpine/firefox-esr@68.3.0-r0%3Farch=x86&distroversion=v3.16&reponame=community
aliases CVE-2019-17010
risk_score 4.5
exploitability 0.5
weighted_severity 9.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-b3cr-fa8q-m7bw
3
url VCID-bpz1-86sf-5ygu
vulnerability_id VCID-bpz1-86sf-5ygu
summary Under certain conditions, when retrieving a document from a DocShell in the antitracking code, a race condition could cause a use-after-free condition and a potentially exploitable crash.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-17011.json
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-17011.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2019-17011
reference_id
reference_type
scores
0
value 0.01141
scoring_system epss
scoring_elements 0.78789
published_at 2026-06-09T12:55:00Z
1
value 0.01141
scoring_system epss
scoring_elements 0.78759
published_at 2026-06-04T12:55:00Z
2
value 0.01141
scoring_system epss
scoring_elements 0.78785
published_at 2026-06-05T12:55:00Z
3
value 0.01141
scoring_system epss
scoring_elements 0.78792
published_at 2026-06-06T12:55:00Z
4
value 0.01141
scoring_system epss
scoring_elements 0.78782
published_at 2026-06-07T12:55:00Z
5
value 0.01141
scoring_system epss
scoring_elements 0.78771
published_at 2026-06-08T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2019-17011
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-17005
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-17005
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-17008
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-17008
4
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-17010
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-17010
5
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-17011
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-17011
6
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-17012
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-17012
7
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
8
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1779436
reference_id 1779436
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1779436
9
reference_url https://security.archlinux.org/ASA-201912-1
reference_id ASA-201912-1
reference_type
scores
url https://security.archlinux.org/ASA-201912-1
10
reference_url https://security.archlinux.org/ASA-201912-2
reference_id ASA-201912-2
reference_type
scores
url https://security.archlinux.org/ASA-201912-2
11
reference_url https://security.archlinux.org/AVG-1071
reference_id AVG-1071
reference_type
scores
0
value Critical
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-1071
12
reference_url https://security.archlinux.org/AVG-1072
reference_id AVG-1072
reference_type
scores
0
value Critical
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-1072
13
reference_url https://security.gentoo.org/glsa/202003-02
reference_id GLSA-202003-02
reference_type
scores
url https://security.gentoo.org/glsa/202003-02
14
reference_url https://security.gentoo.org/glsa/202003-10
reference_id GLSA-202003-10
reference_type
scores
url https://security.gentoo.org/glsa/202003-10
15
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2019-36
reference_id mfsa2019-36
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2019-36
16
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2019-37
reference_id mfsa2019-37
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2019-37
17
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2019-38
reference_id mfsa2019-38
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2019-38
18
reference_url https://access.redhat.com/errata/RHSA-2019:4107
reference_id RHSA-2019:4107
reference_type
scores
url https://access.redhat.com/errata/RHSA-2019:4107
19
reference_url https://access.redhat.com/errata/RHSA-2019:4108
reference_id RHSA-2019:4108
reference_type
scores
url https://access.redhat.com/errata/RHSA-2019:4108
20
reference_url https://access.redhat.com/errata/RHSA-2019:4111
reference_id RHSA-2019:4111
reference_type
scores
url https://access.redhat.com/errata/RHSA-2019:4111
21
reference_url https://access.redhat.com/errata/RHSA-2019:4148
reference_id RHSA-2019:4148
reference_type
scores
url https://access.redhat.com/errata/RHSA-2019:4148
22
reference_url https://access.redhat.com/errata/RHSA-2019:4195
reference_id RHSA-2019:4195
reference_type
scores
url https://access.redhat.com/errata/RHSA-2019:4195
23
reference_url https://access.redhat.com/errata/RHSA-2019:4205
reference_id RHSA-2019:4205
reference_type
scores
url https://access.redhat.com/errata/RHSA-2019:4205
24
reference_url https://access.redhat.com/errata/RHSA-2020:0292
reference_id RHSA-2020:0292
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:0292
25
reference_url https://access.redhat.com/errata/RHSA-2020:0295
reference_id RHSA-2020:0295
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:0295
26
reference_url https://usn.ubuntu.com/4216-1/
reference_id USN-4216-1
reference_type
scores
url https://usn.ubuntu.com/4216-1/
27
reference_url https://usn.ubuntu.com/4216-2/
reference_id USN-4216-2
reference_type
scores
url https://usn.ubuntu.com/4216-2/
28
reference_url https://usn.ubuntu.com/4241-1/
reference_id USN-4241-1
reference_type
scores
url https://usn.ubuntu.com/4241-1/
fixed_packages
0
url pkg:apk/alpine/firefox-esr@68.3.0-r0?arch=x86&distroversion=v3.16&reponame=community
purl pkg:apk/alpine/firefox-esr@68.3.0-r0?arch=x86&distroversion=v3.16&reponame=community
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:apk/alpine/firefox-esr@68.3.0-r0%3Farch=x86&distroversion=v3.16&reponame=community
aliases CVE-2019-17011
risk_score 4.5
exploitability 0.5
weighted_severity 9.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-bpz1-86sf-5ygu
4
url VCID-d82e-qy3k-uuaa
vulnerability_id VCID-d82e-qy3k-uuaa
summary The plain text serializer used a fixed-size array for the number of elements it could process; however it was possible to overflow the static-sized array leading to memory corruption and a potentially exploitable crash.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-17005.json
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-17005.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2019-17005
reference_id
reference_type
scores
0
value 0.02469
scoring_system epss
scoring_elements 0.85564
published_at 2026-06-09T12:55:00Z
1
value 0.02469
scoring_system epss
scoring_elements 0.85541
published_at 2026-06-04T12:55:00Z
2
value 0.02469
scoring_system epss
scoring_elements 0.85563
published_at 2026-06-05T12:55:00Z
3
value 0.02469
scoring_system epss
scoring_elements 0.85568
published_at 2026-06-06T12:55:00Z
4
value 0.02469
scoring_system epss
scoring_elements 0.85565
published_at 2026-06-07T12:55:00Z
5
value 0.02469
scoring_system epss
scoring_elements 0.8555
published_at 2026-06-08T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2019-17005
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-17005
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-17005
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-17008
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-17008
4
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-17010
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-17010
5
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-17011
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-17011
6
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-17012
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-17012
7
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
8
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1779435
reference_id 1779435
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1779435
9
reference_url https://security.archlinux.org/ASA-201912-1
reference_id ASA-201912-1
reference_type
scores
url https://security.archlinux.org/ASA-201912-1
10
reference_url https://security.archlinux.org/ASA-201912-2
reference_id ASA-201912-2
reference_type
scores
url https://security.archlinux.org/ASA-201912-2
11
reference_url https://security.archlinux.org/AVG-1071
reference_id AVG-1071
reference_type
scores
0
value Critical
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-1071
12
reference_url https://security.archlinux.org/AVG-1072
reference_id AVG-1072
reference_type
scores
0
value Critical
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-1072
13
reference_url https://security.gentoo.org/glsa/202003-02
reference_id GLSA-202003-02
reference_type
scores
url https://security.gentoo.org/glsa/202003-02
14
reference_url https://security.gentoo.org/glsa/202003-10
reference_id GLSA-202003-10
reference_type
scores
url https://security.gentoo.org/glsa/202003-10
15
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2019-36
reference_id mfsa2019-36
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2019-36
16
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2019-37
reference_id mfsa2019-37
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2019-37
17
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2019-38
reference_id mfsa2019-38
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2019-38
18
reference_url https://access.redhat.com/errata/RHSA-2019:4107
reference_id RHSA-2019:4107
reference_type
scores
url https://access.redhat.com/errata/RHSA-2019:4107
19
reference_url https://access.redhat.com/errata/RHSA-2019:4108
reference_id RHSA-2019:4108
reference_type
scores
url https://access.redhat.com/errata/RHSA-2019:4108
20
reference_url https://access.redhat.com/errata/RHSA-2019:4111
reference_id RHSA-2019:4111
reference_type
scores
url https://access.redhat.com/errata/RHSA-2019:4111
21
reference_url https://access.redhat.com/errata/RHSA-2019:4148
reference_id RHSA-2019:4148
reference_type
scores
url https://access.redhat.com/errata/RHSA-2019:4148
22
reference_url https://access.redhat.com/errata/RHSA-2019:4195
reference_id RHSA-2019:4195
reference_type
scores
url https://access.redhat.com/errata/RHSA-2019:4195
23
reference_url https://access.redhat.com/errata/RHSA-2019:4205
reference_id RHSA-2019:4205
reference_type
scores
url https://access.redhat.com/errata/RHSA-2019:4205
24
reference_url https://access.redhat.com/errata/RHSA-2020:0292
reference_id RHSA-2020:0292
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:0292
25
reference_url https://access.redhat.com/errata/RHSA-2020:0295
reference_id RHSA-2020:0295
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:0295
26
reference_url https://usn.ubuntu.com/4216-1/
reference_id USN-4216-1
reference_type
scores
url https://usn.ubuntu.com/4216-1/
27
reference_url https://usn.ubuntu.com/4216-2/
reference_id USN-4216-2
reference_type
scores
url https://usn.ubuntu.com/4216-2/
28
reference_url https://usn.ubuntu.com/4241-1/
reference_id USN-4241-1
reference_type
scores
url https://usn.ubuntu.com/4241-1/
fixed_packages
0
url pkg:apk/alpine/firefox-esr@68.3.0-r0?arch=x86&distroversion=v3.16&reponame=community
purl pkg:apk/alpine/firefox-esr@68.3.0-r0?arch=x86&distroversion=v3.16&reponame=community
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:apk/alpine/firefox-esr@68.3.0-r0%3Farch=x86&distroversion=v3.16&reponame=community
aliases CVE-2019-17005
risk_score 4.5
exploitability 0.5
weighted_severity 9.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-d82e-qy3k-uuaa
5
url VCID-esk6-m4j8-3yf9
vulnerability_id VCID-esk6-m4j8-3yf9
summary When running, the updater service wrote status and log files to an unrestricted location; potentially allowing an unprivileged process to locate and exploit a vulnerability in file handling in the updater service. *Note: This attack requires local system access and only affects Windows. Other operating systems are not affected.*
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-17009.json
reference_id
reference_type
scores
0
value 7.8
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-17009.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2019-17009
reference_id
reference_type
scores
0
value 0.00136
scoring_system epss
scoring_elements 0.3322
published_at 2026-06-09T12:55:00Z
1
value 0.00136
scoring_system epss
scoring_elements 0.332
published_at 2026-06-08T12:55:00Z
2
value 0.00136
scoring_system epss
scoring_elements 0.33255
published_at 2026-06-05T12:55:00Z
3
value 0.00136
scoring_system epss
scoring_elements 0.33153
published_at 2026-06-04T12:55:00Z
4
value 0.00136
scoring_system epss
scoring_elements 0.3327
published_at 2026-06-06T12:55:00Z
5
value 0.00136
scoring_system epss
scoring_elements 0.33233
published_at 2026-06-07T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2019-17009
2
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 7.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
3
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1779433
reference_id 1779433
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1779433
4
reference_url https://security.archlinux.org/ASA-201912-1
reference_id ASA-201912-1
reference_type
scores
url https://security.archlinux.org/ASA-201912-1
5
reference_url https://security.archlinux.org/AVG-1071
reference_id AVG-1071
reference_type
scores
0
value Critical
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-1071
6
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2019-36
reference_id mfsa2019-36
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2019-36
7
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2019-37
reference_id mfsa2019-37
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2019-37
8
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2019-38
reference_id mfsa2019-38
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2019-38
fixed_packages
0
url pkg:apk/alpine/firefox-esr@68.3.0-r0?arch=x86&distroversion=v3.16&reponame=community
purl pkg:apk/alpine/firefox-esr@68.3.0-r0?arch=x86&distroversion=v3.16&reponame=community
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:apk/alpine/firefox-esr@68.3.0-r0%3Farch=x86&distroversion=v3.16&reponame=community
aliases CVE-2019-17009
risk_score 4.5
exploitability 0.5
weighted_severity 9.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-esk6-m4j8-3yf9
Risk_scorenull
Resource_urlhttp://public2.vulnerablecode.io/packages/pkg:apk/alpine/firefox-esr@68.3.0-r0%3Farch=x86&distroversion=v3.16&reponame=community