Package Instance
Lookup for vulnerable packages by Package URL.
GET /api/packages/4690?format=api
{ "url": "http://public2.vulnerablecode.io/api/packages/4690?format=api", "purl": "pkg:ebuild/www-client/firefox@102.10.0", "type": "ebuild", "namespace": "www-client", "name": "firefox", "version": "102.10.0", "qualifiers": {}, "subpath": "", "is_vulnerable": false, "next_non_vulnerable_version": "103.0", "latest_non_vulnerable_version": "137.0.1", "affected_by_vulnerabilities": [], "fixing_vulnerabilities": [ { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/14929?format=api", "vulnerability_id": "VCID-146p-gdus-sbh1", "summary": "", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-0767.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-0767.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2023-0767", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00249", "scoring_system": "epss", "scoring_elements": "0.48393", "published_at": "2026-06-11T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2023-0767" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-46871", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-46871" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-46877", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-46877" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0430", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0430" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0616", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0616" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0767", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0767" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-23598", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-23598" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-23601", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-23601" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-23602", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-23602" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-23603", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-23603" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-23605", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-23605" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25728", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25728" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25729", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25729" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25730", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25730" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25732", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25732" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25735", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25735" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25737", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25737" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25739", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25739" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25742", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25742" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25744", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25744" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25746", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25746" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2170377", "reference_id": "2170377", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2170377" }, { "reference_url": "https://alas.aws.amazon.com/AL2/ALAS-2023-1992.html", "reference_id": "ALAS-2023-1992.html", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-23T13:27:56Z/" } ], "url": "https://alas.aws.amazon.com/AL2/ALAS-2023-1992.html" }, { "reference_url": "https://security.gentoo.org/glsa/202305-35", "reference_id": "GLSA-202305-35", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202305-35" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-05", "reference_id": "mfsa2023-05", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-05" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2023-05/", "reference_id": "mfsa2023-05", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-23T13:27:56Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2023-05/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-06", "reference_id": "mfsa2023-06", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-06" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2023-06/", "reference_id": "mfsa2023-06", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-23T13:27:56Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2023-06/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-07", "reference_id": "mfsa2023-07", "reference_type": "", "scores": [ { "value": "low", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-07" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2023-07/", "reference_id": "mfsa2023-07", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-23T13:27:56Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2023-07/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1252", "reference_id": "RHSA-2023:1252", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1252" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1332", "reference_id": "RHSA-2023:1332", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1332" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1365", "reference_id": "RHSA-2023:1365", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1365" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1366", "reference_id": "RHSA-2023:1366", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1366" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1368", "reference_id": "RHSA-2023:1368", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1368" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1369", "reference_id": "RHSA-2023:1369", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1369" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1370", "reference_id": "RHSA-2023:1370", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1370" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1406", "reference_id": "RHSA-2023:1406", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1406" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1436", "reference_id": "RHSA-2023:1436", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1436" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1442", "reference_id": "RHSA-2023:1442", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1442" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1443", "reference_id": "RHSA-2023:1443", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1443" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1444", "reference_id": "RHSA-2023:1444", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1444" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1445", "reference_id": "RHSA-2023:1445", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1445" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1472", "reference_id": "RHSA-2023:1472", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1472" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1479", "reference_id": "RHSA-2023:1479", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1479" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1677", "reference_id": "RHSA-2023:1677", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1677" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1804640", "reference_id": "show_bug.cgi?id=1804640", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-23T13:27:56Z/" } ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1804640" }, { "reference_url": "https://usn.ubuntu.com/5880-1/", "reference_id": "USN-5880-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5880-1/" }, { "reference_url": "https://usn.ubuntu.com/5892-1/", "reference_id": "USN-5892-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5892-1/" }, { "reference_url": "https://usn.ubuntu.com/5892-2/", "reference_id": "USN-5892-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5892-2/" }, { "reference_url": "https://usn.ubuntu.com/5943-1/", "reference_id": "USN-5943-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5943-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/4690?format=api", "purl": "pkg:ebuild/www-client/firefox@102.10.0", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox@102.10.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/4691?format=api", "purl": "pkg:ebuild/www-client/firefox@112.0", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox@112.0" } ], "aliases": [ "CVE-2023-0767" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-146p-gdus-sbh1" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/129303?format=api", "vulnerability_id": "VCID-168h-jmc7-h3c7", "summary": "Under certain circumstances, a ServiceWorker's offline cache may have leaked to the file system when using private browsing mode. This vulnerability affects Firefox < 111.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2023-25750", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00279", "scoring_system": "epss", "scoring_elements": "0.5163", "published_at": "2026-06-11T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2023-25750" }, { "reference_url": "https://security.gentoo.org/glsa/202305-35", "reference_id": "GLSA-202305-35", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202305-35" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-09", "reference_id": "mfsa2023-09", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-09" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2023-09/", "reference_id": "mfsa2023-09", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-09T18:47:41Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2023-09/" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1814733", "reference_id": "show_bug.cgi?id=1814733", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-09T18:47:41Z/" } ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1814733" }, { "reference_url": "https://usn.ubuntu.com/5954-1/", "reference_id": "USN-5954-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5954-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/4690?format=api", "purl": "pkg:ebuild/www-client/firefox@102.10.0", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox@102.10.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/4691?format=api", "purl": "pkg:ebuild/www-client/firefox@112.0", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox@112.0" } ], "aliases": [ "CVE-2023-25750" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-168h-jmc7-h3c7" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/129105?format=api", "vulnerability_id": "VCID-2hsy-7yvg-27fb", "summary": "Module load requests that failed were not being checked as to whether or not they were cancelled causing a use-after-free in <code>ScriptLoadContext</code>. This vulnerability affects Firefox < 110, Thunderbird < 102.8, and Firefox ESR < 102.8.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-25739.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-25739.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2023-25739", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00208", "scoring_system": "epss", "scoring_elements": "0.43245", "published_at": "2026-06-11T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2023-25739" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-46871", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-46871" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-46877", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-46877" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0430", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0430" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0616", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0616" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0767", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0767" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-23598", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-23598" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-23601", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-23601" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-23602", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-23602" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-23603", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-23603" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-23605", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-23605" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25728", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25728" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25729", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25729" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25730", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25730" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25732", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25732" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25735", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25735" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25737", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25737" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25739", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25739" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25742", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25742" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25744", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25744" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25746", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25746" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2170381", "reference_id": "2170381", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2170381" }, { "reference_url": "https://security.gentoo.org/glsa/202305-35", "reference_id": "GLSA-202305-35", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202305-35" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-05", "reference_id": "mfsa2023-05", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-05" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2023-05/", "reference_id": "mfsa2023-05", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2025-01-09T20:05:46Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2023-05/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-06", "reference_id": "mfsa2023-06", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-06" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2023-06/", "reference_id": "mfsa2023-06", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2025-01-09T20:05:46Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2023-06/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-07", "reference_id": "mfsa2023-07", "reference_type": "", "scores": [ { "value": "low", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-07" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2023-07/", "reference_id": "mfsa2023-07", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2025-01-09T20:05:46Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2023-07/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:0805", "reference_id": "RHSA-2023:0805", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:0805" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:0806", "reference_id": "RHSA-2023:0806", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:0806" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:0807", "reference_id": "RHSA-2023:0807", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:0807" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:0808", "reference_id": "RHSA-2023:0808", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:0808" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:0809", "reference_id": "RHSA-2023:0809", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:0809" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:0810", "reference_id": "RHSA-2023:0810", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:0810" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:0811", "reference_id": "RHSA-2023:0811", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:0811" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:0812", "reference_id": "RHSA-2023:0812", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:0812" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:0817", "reference_id": "RHSA-2023:0817", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:0817" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:0818", "reference_id": "RHSA-2023:0818", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:0818" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:0819", "reference_id": "RHSA-2023:0819", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:0819" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:0820", "reference_id": "RHSA-2023:0820", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:0820" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:0821", "reference_id": "RHSA-2023:0821", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:0821" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:0822", "reference_id": "RHSA-2023:0822", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:0822" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:0823", "reference_id": "RHSA-2023:0823", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:0823" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:0824", "reference_id": "RHSA-2023:0824", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:0824" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1811939", "reference_id": "show_bug.cgi?id=1811939", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2025-01-09T20:05:46Z/" } ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1811939" }, { "reference_url": "https://usn.ubuntu.com/5880-1/", "reference_id": "USN-5880-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5880-1/" }, { "reference_url": "https://usn.ubuntu.com/5943-1/", "reference_id": "USN-5943-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5943-1/" }, { "reference_url": "https://usn.ubuntu.com/6120-1/", "reference_id": "USN-6120-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6120-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/4690?format=api", "purl": "pkg:ebuild/www-client/firefox@102.10.0", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox@102.10.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/4691?format=api", "purl": "pkg:ebuild/www-client/firefox@112.0", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox@112.0" } ], "aliases": [ "CVE-2023-25739" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-2hsy-7yvg-27fb" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/129174?format=api", "vulnerability_id": "VCID-2uhf-ar3k-4qdr", "summary": "When importing a SPKI RSA public key as ECDSA P-256, the key would be handled incorrectly causing the tab to crash. This vulnerability affects Firefox < 110, Thunderbird < 102.8, and Firefox ESR < 102.8.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-25742.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-25742.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2023-25742", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00124", "scoring_system": "epss", "scoring_elements": "0.31191", "published_at": "2026-06-11T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2023-25742" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-46871", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-46871" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-46877", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-46877" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0430", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0430" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0616", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0616" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0767", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0767" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-23598", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-23598" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-23601", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-23601" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-23602", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-23602" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-23603", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-23603" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-23605", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-23605" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25728", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25728" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25729", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25729" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25730", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25730" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25732", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25732" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25735", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25735" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25737", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25737" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25739", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25739" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25742", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25742" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25744", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25744" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25746", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25746" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2170390", "reference_id": "2170390", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2170390" }, { "reference_url": "https://security.gentoo.org/glsa/202305-35", "reference_id": "GLSA-202305-35", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202305-35" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-05", "reference_id": "mfsa2023-05", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-05" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2023-05/", "reference_id": "mfsa2023-05", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-09T16:15:37Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2023-05/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-06", "reference_id": "mfsa2023-06", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-06" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2023-06/", "reference_id": "mfsa2023-06", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-09T16:15:37Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2023-06/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-07", "reference_id": "mfsa2023-07", "reference_type": "", "scores": [ { "value": "low", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-07" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2023-07/", "reference_id": "mfsa2023-07", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-09T16:15:37Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2023-07/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:0805", "reference_id": "RHSA-2023:0805", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:0805" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:0806", "reference_id": "RHSA-2023:0806", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:0806" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:0807", "reference_id": "RHSA-2023:0807", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:0807" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:0808", "reference_id": "RHSA-2023:0808", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:0808" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:0809", "reference_id": "RHSA-2023:0809", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:0809" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:0810", "reference_id": "RHSA-2023:0810", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:0810" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:0811", "reference_id": "RHSA-2023:0811", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:0811" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:0812", "reference_id": "RHSA-2023:0812", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:0812" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:0817", "reference_id": "RHSA-2023:0817", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:0817" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:0818", "reference_id": "RHSA-2023:0818", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:0818" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:0819", "reference_id": "RHSA-2023:0819", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:0819" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:0820", "reference_id": "RHSA-2023:0820", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:0820" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:0821", "reference_id": "RHSA-2023:0821", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:0821" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:0822", "reference_id": "RHSA-2023:0822", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:0822" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:0823", "reference_id": "RHSA-2023:0823", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:0823" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:0824", "reference_id": "RHSA-2023:0824", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:0824" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1813424", "reference_id": "show_bug.cgi?id=1813424", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-09T16:15:37Z/" } ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1813424" }, { "reference_url": "https://usn.ubuntu.com/5880-1/", "reference_id": "USN-5880-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5880-1/" }, { "reference_url": "https://usn.ubuntu.com/5943-1/", "reference_id": "USN-5943-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5943-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/4690?format=api", "purl": "pkg:ebuild/www-client/firefox@102.10.0", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox@102.10.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/4691?format=api", "purl": "pkg:ebuild/www-client/firefox@112.0", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox@112.0" } ], "aliases": [ "CVE-2023-25742" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-2uhf-ar3k-4qdr" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/15022?format=api", "vulnerability_id": "VCID-487h-jn1c-a3am", "summary": "", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-1999.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-1999.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2023-1999", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00353", "scoring_system": "epss", "scoring_elements": "0.58031", "published_at": "2026-06-11T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2023-1999" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0547", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0547" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1945", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1945" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1999", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1999" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-28427", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-28427" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29479", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29479" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29533", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29533" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29535", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29535" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29536", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29536" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29539", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29539" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29541", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29541" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29548", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29548" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29550", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29550" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1035371", "reference_id": "1035371", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1035371" }, { "reference_url": "https://security.gentoo.org/glsa/202309-05", "reference_id": "202309-05", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-26T19:14:09Z/" } ], "url": "https://security.gentoo.org/glsa/202309-05" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2186102", "reference_id": "2186102", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2186102" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2023-1999", "reference_id": "CVE-2023-1999", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-1999" }, { "reference_url": "https://security.gentoo.org/glsa/202305-35", "reference_id": "GLSA-202305-35", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202305-35" }, { "reference_url": "https://chromium.googlesource.com/webm/libwebp", "reference_id": "libwebp", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-26T19:14:09Z/" } ], "url": "https://chromium.googlesource.com/webm/libwebp" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-13", "reference_id": "mfsa2023-13", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-13" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-14", "reference_id": "mfsa2023-14", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-14" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-15", "reference_id": "mfsa2023-15", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-15" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1785", "reference_id": "RHSA-2023:1785", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1785" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1786", "reference_id": "RHSA-2023:1786", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1786" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1787", "reference_id": "RHSA-2023:1787", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1787" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1788", "reference_id": "RHSA-2023:1788", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1788" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1789", "reference_id": "RHSA-2023:1789", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1789" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1790", "reference_id": "RHSA-2023:1790", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1790" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1791", "reference_id": "RHSA-2023:1791", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1791" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1792", "reference_id": "RHSA-2023:1792", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1792" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1802", "reference_id": "RHSA-2023:1802", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1802" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1803", "reference_id": "RHSA-2023:1803", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1803" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1804", "reference_id": "RHSA-2023:1804", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1804" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1805", "reference_id": "RHSA-2023:1805", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1805" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1806", "reference_id": "RHSA-2023:1806", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1806" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1809", "reference_id": "RHSA-2023:1809", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1809" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1810", "reference_id": "RHSA-2023:1810", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1810" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1811", "reference_id": "RHSA-2023:1811", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1811" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:2072", "reference_id": "RHSA-2023:2072", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:2072" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:2073", "reference_id": "RHSA-2023:2073", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:2073" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:2075", "reference_id": "RHSA-2023:2075", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:2075" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:2076", "reference_id": "RHSA-2023:2076", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:2076" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:2077", "reference_id": "RHSA-2023:2077", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:2077" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:2078", "reference_id": "RHSA-2023:2078", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:2078" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:2084", "reference_id": "RHSA-2023:2084", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:2084" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:2085", "reference_id": "RHSA-2023:2085", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:2085" }, { "reference_url": "https://usn.ubuntu.com/6078-1/", "reference_id": "USN-6078-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6078-1/" }, { "reference_url": "https://usn.ubuntu.com/6078-2/", "reference_id": "USN-6078-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6078-2/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/4690?format=api", "purl": "pkg:ebuild/www-client/firefox@102.10.0", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox@102.10.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/4691?format=api", "purl": "pkg:ebuild/www-client/firefox@112.0", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox@112.0" } ], "aliases": [ "CVE-2023-1999" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-487h-jn1c-a3am" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/129114?format=api", "vulnerability_id": "VCID-5a3y-radv-j7e3", "summary": "Memory safety bugs present in Firefox ESR 102.7. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Thunderbird < 102.8 and Firefox ESR < 102.8.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-25746.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-25746.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2023-25746", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00145", "scoring_system": "epss", "scoring_elements": "0.34666", "published_at": "2026-06-11T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2023-25746" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-46871", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-46871" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-46877", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-46877" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0430", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0430" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0616", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0616" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0767", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0767" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-23598", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-23598" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-23601", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-23601" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-23602", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-23602" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-23603", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-23603" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-23605", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-23605" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25728", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25728" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25729", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25729" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25730", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25730" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25732", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25732" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25735", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25735" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25737", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25737" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25739", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25739" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25742", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25742" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25744", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25744" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25746", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25746" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2170402", "reference_id": "2170402", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2170402" }, { "reference_url": "https://bugzilla.mozilla.org/buglist.cgi?bug_id=1544127%2C1762368", "reference_id": "buglist.cgi?bug_id=1544127%2C1762368", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-01-09T19:10:21Z/" } ], "url": "https://bugzilla.mozilla.org/buglist.cgi?bug_id=1544127%2C1762368" }, { "reference_url": "https://security.gentoo.org/glsa/202305-35", "reference_id": "GLSA-202305-35", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202305-35" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-06", "reference_id": "mfsa2023-06", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-06" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2023-06/", "reference_id": "mfsa2023-06", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-01-09T19:10:21Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2023-06/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-07", "reference_id": "mfsa2023-07", "reference_type": "", "scores": [ { "value": "low", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-07" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2023-07/", "reference_id": "mfsa2023-07", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-01-09T19:10:21Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2023-07/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:0805", "reference_id": "RHSA-2023:0805", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:0805" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:0806", "reference_id": "RHSA-2023:0806", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:0806" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:0807", "reference_id": "RHSA-2023:0807", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:0807" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:0808", "reference_id": "RHSA-2023:0808", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:0808" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:0809", "reference_id": "RHSA-2023:0809", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:0809" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:0810", "reference_id": "RHSA-2023:0810", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:0810" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:0811", "reference_id": "RHSA-2023:0811", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:0811" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:0812", "reference_id": "RHSA-2023:0812", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:0812" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:0817", "reference_id": "RHSA-2023:0817", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:0817" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:0818", "reference_id": "RHSA-2023:0818", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:0818" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:0819", "reference_id": "RHSA-2023:0819", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:0819" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:0820", "reference_id": "RHSA-2023:0820", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:0820" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:0821", "reference_id": "RHSA-2023:0821", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:0821" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:0822", "reference_id": "RHSA-2023:0822", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:0822" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:0823", "reference_id": "RHSA-2023:0823", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:0823" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:0824", "reference_id": "RHSA-2023:0824", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:0824" }, { "reference_url": "https://usn.ubuntu.com/5943-1/", "reference_id": "USN-5943-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5943-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/4690?format=api", "purl": "pkg:ebuild/www-client/firefox@102.10.0", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox@102.10.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/4691?format=api", "purl": "pkg:ebuild/www-client/firefox@112.0", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox@112.0" } ], "aliases": [ "CVE-2023-25746" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-5a3y-radv-j7e3" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/140900?format=api", "vulnerability_id": "VCID-6u5t-un2p-sfcw", "summary": "When a secure cookie existed in the Firefox cookie jar an insecure cookie for the same domain could have been created, when it should have silently failed. This could have led to a desynchronization in expected results when reading from the secure cookie. This vulnerability affects Firefox for Android < 112, Firefox < 112, and Focus for Android < 112.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2023-29547", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00366", "scoring_system": "epss", "scoring_elements": "0.59006", "published_at": "2026-06-11T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2023-29547" }, { "reference_url": "https://security.gentoo.org/glsa/202305-35", "reference_id": "GLSA-202305-35", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202305-35" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-13", "reference_id": "mfsa2023-13", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-13" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2023-13/", "reference_id": "mfsa2023-13", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-10T19:14:21Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2023-13/" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1783536", "reference_id": "show_bug.cgi?id=1783536", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-10T19:14:21Z/" } ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1783536" }, { "reference_url": "https://usn.ubuntu.com/6010-1/", "reference_id": "USN-6010-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6010-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/4690?format=api", "purl": "pkg:ebuild/www-client/firefox@102.10.0", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox@102.10.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/4691?format=api", "purl": "pkg:ebuild/www-client/firefox@112.0", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox@112.0" } ], "aliases": [ "CVE-2023-29547" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-6u5t-un2p-sfcw" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/128983?format=api", "vulnerability_id": "VCID-8jdx-sc77-tybh", "summary": "After downloading a Windows <code>.url</code> shortcut from the local filesystem, an attacker could supply a remote path that would lead to unexpected network requests from the operating system. This also had the potential to leak NTLM credentials to the resource.<br>*This bug only affects Firefox on Windows. Other operating systems are unaffected.*. This vulnerability affects Firefox < 110, Thunderbird < 102.8, and Firefox ESR < 102.8.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-25734.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-25734.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2023-25734", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00179", "scoring_system": "epss", "scoring_elements": "0.39295", "published_at": "2026-06-11T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2023-25734" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2170384", "reference_id": "2170384", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2170384" }, { "reference_url": "https://security.gentoo.org/glsa/202305-35", "reference_id": "GLSA-202305-35", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202305-35" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-05", "reference_id": "mfsa2023-05", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-05" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2023-05/", "reference_id": "mfsa2023-05", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2025-01-09T20:59:56Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2023-05/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-06", "reference_id": "mfsa2023-06", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-06" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2023-06/", "reference_id": "mfsa2023-06", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2025-01-09T20:59:56Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2023-06/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-07", "reference_id": "mfsa2023-07", "reference_type": "", "scores": [ { "value": "low", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-07" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2023-07/", "reference_id": "mfsa2023-07", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2025-01-09T20:59:56Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2023-07/" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1784451", "reference_id": "show_bug.cgi?id=1784451", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2025-01-09T20:59:56Z/" } ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1784451" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1809923", "reference_id": "show_bug.cgi?id=1809923", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2025-01-09T20:59:56Z/" } ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1809923" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1810143", "reference_id": "show_bug.cgi?id=1810143", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2025-01-09T20:59:56Z/" } ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1810143" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1812338", "reference_id": "show_bug.cgi?id=1812338", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2025-01-09T20:59:56Z/" } ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1812338" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/4690?format=api", "purl": "pkg:ebuild/www-client/firefox@102.10.0", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox@102.10.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/4691?format=api", "purl": "pkg:ebuild/www-client/firefox@112.0", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox@112.0" } ], "aliases": [ "CVE-2023-25734" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-8jdx-sc77-tybh" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/134140?format=api", "vulnerability_id": "VCID-8m4k-ex63-nyh5", "summary": "Dragging a URL from a cross-origin iframe that was removed during the drag could have led to user confusion and website spoofing attacks. This vulnerability affects Firefox < 111, Firefox ESR < 102.9, and Thunderbird < 102.9.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-28164.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-28164.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2023-28164", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00085", "scoring_system": "epss", "scoring_elements": "0.24633", "published_at": "2026-06-11T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2023-28164" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25751", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25751" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25752", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25752" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-28162", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-28162" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-28164", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-28164" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-28176", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-28176" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2178470", "reference_id": "2178470", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2178470" }, { "reference_url": "https://security.gentoo.org/glsa/202305-35", "reference_id": "GLSA-202305-35", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202305-35" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-09", "reference_id": "mfsa2023-09", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-09" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2023-09/", "reference_id": "mfsa2023-09", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-09T14:58:40Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2023-09/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-10", "reference_id": "mfsa2023-10", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-10" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2023-10/", "reference_id": "mfsa2023-10", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-09T14:58:40Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2023-10/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-11", "reference_id": "mfsa2023-11", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-11" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2023-11/", "reference_id": "mfsa2023-11", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-09T14:58:40Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2023-11/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1333", "reference_id": "RHSA-2023:1333", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1333" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1336", "reference_id": "RHSA-2023:1336", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1336" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1337", "reference_id": "RHSA-2023:1337", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1337" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1364", "reference_id": "RHSA-2023:1364", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1364" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1367", "reference_id": "RHSA-2023:1367", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1367" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1401", "reference_id": "RHSA-2023:1401", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1401" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1402", "reference_id": "RHSA-2023:1402", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1402" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1403", "reference_id": "RHSA-2023:1403", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1403" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1404", "reference_id": "RHSA-2023:1404", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1404" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1407", "reference_id": "RHSA-2023:1407", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1407" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1442", "reference_id": "RHSA-2023:1442", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1442" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1443", "reference_id": "RHSA-2023:1443", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1443" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1444", "reference_id": "RHSA-2023:1444", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1444" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1445", "reference_id": "RHSA-2023:1445", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1445" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1472", "reference_id": "RHSA-2023:1472", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1472" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1479", "reference_id": "RHSA-2023:1479", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1479" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1809122", "reference_id": "show_bug.cgi?id=1809122", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-09T14:58:40Z/" } ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1809122" }, { "reference_url": "https://usn.ubuntu.com/5954-1/", "reference_id": "USN-5954-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5954-1/" }, { "reference_url": "https://usn.ubuntu.com/5972-1/", "reference_id": "USN-5972-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5972-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/4690?format=api", "purl": "pkg:ebuild/www-client/firefox@102.10.0", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox@102.10.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/4691?format=api", "purl": "pkg:ebuild/www-client/firefox@112.0", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox@112.0" } ], "aliases": [ "CVE-2023-28164" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-8m4k-ex63-nyh5" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/140665?format=api", "vulnerability_id": "VCID-99n5-hnrs-m3hf", "summary": "Memory safety bugs present in Firefox 111. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox for Android < 112, Firefox < 112, and Focus for Android < 112.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2023-29551", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00278", "scoring_system": "epss", "scoring_elements": "0.51585", "published_at": "2026-06-11T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2023-29551" }, { "reference_url": "https://bugzilla.mozilla.org/buglist.cgi?bug_id=1763625%2C1814314%2C1815798%2C1815890%2C1819239%2C1819465%2C1819486%2C1819492%2C1819957%2C1820514%2C1820776%2C1821838%2C1822175%2C1823547", "reference_id": "buglist.cgi?bug_id=1763625%2C1814314%2C1815798%2C1815890%2C1819239%2C1819465%2C1819486%2C1819492%2C1819957%2C1820514%2C1820776%2C1821838%2C1822175%2C1823547", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-01-08T21:31:50Z/" } ], "url": "https://bugzilla.mozilla.org/buglist.cgi?bug_id=1763625%2C1814314%2C1815798%2C1815890%2C1819239%2C1819465%2C1819486%2C1819492%2C1819957%2C1820514%2C1820776%2C1821838%2C1822175%2C1823547" }, { "reference_url": "https://security.gentoo.org/glsa/202305-35", "reference_id": "GLSA-202305-35", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202305-35" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-13", "reference_id": "mfsa2023-13", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-13" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2023-13/", "reference_id": "mfsa2023-13", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-01-08T21:31:50Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2023-13/" }, { "reference_url": "https://usn.ubuntu.com/6010-1/", "reference_id": "USN-6010-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6010-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/4690?format=api", "purl": "pkg:ebuild/www-client/firefox@102.10.0", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox@102.10.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/4691?format=api", "purl": "pkg:ebuild/www-client/firefox@112.0", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox@112.0" } ], "aliases": [ "CVE-2023-29551" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-99n5-hnrs-m3hf" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/140624?format=api", "vulnerability_id": "VCID-9w4y-6yw2-t7b2", "summary": "If multiple instances of resource exhaustion occurred at the incorrect time, the garbage collector could have caused memory corruption and a potentially exploitable crash. This vulnerability affects Firefox for Android < 112, Firefox < 112, and Focus for Android < 112.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2023-29544", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00442", "scoring_system": "epss", "scoring_elements": "0.6372", "published_at": "2026-06-11T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2023-29544" }, { "reference_url": "https://security.gentoo.org/glsa/202305-35", "reference_id": "GLSA-202305-35", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202305-35" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-13", "reference_id": "mfsa2023-13", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-13" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2023-13/", "reference_id": "mfsa2023-13", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-10T19:12:31Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2023-13/" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1818781", "reference_id": "show_bug.cgi?id=1818781", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-10T19:12:31Z/" } ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1818781" }, { "reference_url": "https://usn.ubuntu.com/6010-1/", "reference_id": "USN-6010-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6010-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/4690?format=api", "purl": "pkg:ebuild/www-client/firefox@102.10.0", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox@102.10.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/4691?format=api", "purl": "pkg:ebuild/www-client/firefox@112.0", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox@112.0" } ], "aliases": [ "CVE-2023-29544" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-9w4y-6yw2-t7b2" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/140605?format=api", "vulnerability_id": "VCID-a3gp-6ktz-aqf2", "summary": "A website could have obscured the fullscreen notification by using a combination of <code>window.open</code>, fullscreen requests, <code>window.name</code> assignments, and <code>setInterval</code> calls. This could have led to user confusion and possible spoofing attacks. This vulnerability affects Firefox < 112, Focus for Android < 112, Firefox ESR < 102.10, Firefox for Android < 112, and Thunderbird < 102.10.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-29533.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-29533.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2023-29533", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00144", "scoring_system": "epss", "scoring_elements": "0.34517", "published_at": "2026-06-11T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2023-29533" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0547", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0547" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1945", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1945" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1999", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1999" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-28427", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-28427" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29479", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29479" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29533", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29533" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29535", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29535" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29536", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29536" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29539", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29539" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29541", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29541" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29548", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29548" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29550", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29550" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2186101", "reference_id": "2186101", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2186101" }, { "reference_url": "https://security.gentoo.org/glsa/202305-35", "reference_id": "GLSA-202305-35", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202305-35" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-13", "reference_id": "mfsa2023-13", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-13" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2023-13/", "reference_id": "mfsa2023-13", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-09T15:57:06Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2023-13/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-14", "reference_id": "mfsa2023-14", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-14" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2023-14/", "reference_id": "mfsa2023-14", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-09T15:57:06Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2023-14/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-15", "reference_id": "mfsa2023-15", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-15" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2023-15/", "reference_id": "mfsa2023-15", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-09T15:57:06Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2023-15/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1785", "reference_id": "RHSA-2023:1785", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1785" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1786", "reference_id": "RHSA-2023:1786", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1786" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1787", "reference_id": "RHSA-2023:1787", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1787" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1788", "reference_id": "RHSA-2023:1788", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1788" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1789", "reference_id": "RHSA-2023:1789", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1789" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1790", "reference_id": "RHSA-2023:1790", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1790" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1791", "reference_id": "RHSA-2023:1791", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1791" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1792", "reference_id": "RHSA-2023:1792", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1792" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1802", "reference_id": "RHSA-2023:1802", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1802" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1803", "reference_id": "RHSA-2023:1803", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1803" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1804", "reference_id": "RHSA-2023:1804", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1804" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1805", "reference_id": "RHSA-2023:1805", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1805" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1806", "reference_id": "RHSA-2023:1806", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1806" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1809", "reference_id": "RHSA-2023:1809", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1809" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1810", "reference_id": "RHSA-2023:1810", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1810" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1811", "reference_id": "RHSA-2023:1811", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1811" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1798219", "reference_id": "show_bug.cgi?id=1798219", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-09T15:57:06Z/" } ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1798219" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1814597", "reference_id": "show_bug.cgi?id=1814597", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-09T15:57:06Z/" } ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1814597" }, { "reference_url": "https://usn.ubuntu.com/6010-1/", "reference_id": "USN-6010-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6010-1/" }, { "reference_url": "https://usn.ubuntu.com/6015-1/", "reference_id": "USN-6015-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6015-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/4690?format=api", "purl": "pkg:ebuild/www-client/firefox@102.10.0", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox@102.10.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/4691?format=api", "purl": "pkg:ebuild/www-client/firefox@112.0", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox@112.0" } ], "aliases": [ "CVE-2023-29533" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-a3gp-6ktz-aqf2" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/129539?format=api", "vulnerability_id": "VCID-akxy-w512-qqe9", "summary": "The <code>Content-Security-Policy-Report-Only</code> header could allow an attacker to leak a child iframe's unredacted URI when interaction with that iframe triggers a redirect. This vulnerability affects Firefox < 110, Thunderbird < 102.8, and Firefox ESR < 102.8.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-25728.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-25728.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2023-25728", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00201", "scoring_system": "epss", "scoring_elements": "0.42146", "published_at": "2026-06-11T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2023-25728" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-46871", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-46871" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-46877", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-46877" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0430", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0430" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0616", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0616" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0767", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0767" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-23598", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-23598" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-23601", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-23601" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-23602", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-23602" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-23603", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-23603" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-23605", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-23605" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25728", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25728" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25729", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25729" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25730", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25730" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25732", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25732" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25735", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25735" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25737", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25737" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25739", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25739" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25742", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25742" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25744", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25744" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25746", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25746" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2170374", "reference_id": "2170374", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2170374" }, { "reference_url": "https://security.gentoo.org/glsa/202305-35", "reference_id": "GLSA-202305-35", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202305-35" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-05", "reference_id": "mfsa2023-05", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-05" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2023-05/", "reference_id": "mfsa2023-05", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-10T17:40:01Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2023-05/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-06", "reference_id": "mfsa2023-06", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-06" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2023-06/", "reference_id": "mfsa2023-06", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-10T17:40:01Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2023-06/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-07", "reference_id": "mfsa2023-07", "reference_type": "", "scores": [ { "value": "low", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-07" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2023-07/", "reference_id": "mfsa2023-07", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-10T17:40:01Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2023-07/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:0805", "reference_id": "RHSA-2023:0805", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:0805" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:0806", "reference_id": "RHSA-2023:0806", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:0806" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:0807", "reference_id": "RHSA-2023:0807", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:0807" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:0808", "reference_id": "RHSA-2023:0808", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:0808" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:0809", "reference_id": "RHSA-2023:0809", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:0809" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:0810", "reference_id": "RHSA-2023:0810", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:0810" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:0811", "reference_id": "RHSA-2023:0811", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:0811" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:0812", "reference_id": "RHSA-2023:0812", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:0812" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:0817", "reference_id": "RHSA-2023:0817", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:0817" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:0818", "reference_id": "RHSA-2023:0818", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:0818" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:0819", "reference_id": "RHSA-2023:0819", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:0819" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:0820", "reference_id": "RHSA-2023:0820", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:0820" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:0821", "reference_id": "RHSA-2023:0821", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:0821" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:0822", "reference_id": "RHSA-2023:0822", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:0822" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:0823", "reference_id": "RHSA-2023:0823", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:0823" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:0824", "reference_id": "RHSA-2023:0824", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:0824" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1790345", "reference_id": "show_bug.cgi?id=1790345", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-10T17:40:01Z/" } ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1790345" }, { "reference_url": "https://usn.ubuntu.com/5880-1/", "reference_id": "USN-5880-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5880-1/" }, { "reference_url": "https://usn.ubuntu.com/5943-1/", "reference_id": "USN-5943-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5943-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/4690?format=api", "purl": "pkg:ebuild/www-client/firefox@102.10.0", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox@102.10.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/4691?format=api", "purl": "pkg:ebuild/www-client/firefox@112.0", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox@112.0" } ], "aliases": [ "CVE-2023-25728" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-akxy-w512-qqe9" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/129264?format=api", "vulnerability_id": "VCID-cjyk-amwj-7kf7", "summary": "An invalid downcast from <code>nsTextNode</code> to <code>SVGElement</code> could have lead to undefined behavior. This vulnerability affects Firefox < 110, Thunderbird < 102.8, and Firefox ESR < 102.8.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-25737.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-25737.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2023-25737", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00172", "scoring_system": "epss", "scoring_elements": "0.3826", "published_at": "2026-06-11T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2023-25737" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-46871", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-46871" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-46877", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-46877" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0430", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0430" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0616", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0616" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0767", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0767" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-23598", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-23598" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-23601", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-23601" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-23602", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-23602" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-23603", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-23603" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-23605", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-23605" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25728", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25728" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25729", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25729" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25730", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25730" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25732", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25732" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25735", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25735" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25737", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25737" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25739", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25739" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25742", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25742" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25744", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25744" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25746", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25746" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2170379", "reference_id": "2170379", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2170379" }, { "reference_url": "https://security.gentoo.org/glsa/202305-35", "reference_id": "GLSA-202305-35", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202305-35" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-05", "reference_id": "mfsa2023-05", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-05" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2023-05/", "reference_id": "mfsa2023-05", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2025-01-09T20:10:49Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2023-05/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-06", "reference_id": "mfsa2023-06", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-06" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2023-06/", "reference_id": "mfsa2023-06", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2025-01-09T20:10:49Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2023-06/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-07", "reference_id": "mfsa2023-07", "reference_type": "", "scores": [ { "value": "low", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-07" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2023-07/", "reference_id": "mfsa2023-07", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2025-01-09T20:10:49Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2023-07/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:0805", "reference_id": "RHSA-2023:0805", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:0805" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:0806", "reference_id": "RHSA-2023:0806", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:0806" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:0807", "reference_id": "RHSA-2023:0807", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:0807" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:0808", "reference_id": "RHSA-2023:0808", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:0808" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:0809", "reference_id": "RHSA-2023:0809", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:0809" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:0810", "reference_id": "RHSA-2023:0810", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:0810" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:0811", "reference_id": "RHSA-2023:0811", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:0811" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:0812", "reference_id": "RHSA-2023:0812", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:0812" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:0817", "reference_id": "RHSA-2023:0817", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:0817" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:0818", "reference_id": "RHSA-2023:0818", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:0818" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:0819", "reference_id": "RHSA-2023:0819", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:0819" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:0820", "reference_id": "RHSA-2023:0820", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:0820" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:0821", "reference_id": "RHSA-2023:0821", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:0821" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:0822", "reference_id": "RHSA-2023:0822", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:0822" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:0823", "reference_id": "RHSA-2023:0823", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:0823" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:0824", "reference_id": "RHSA-2023:0824", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:0824" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1811464", "reference_id": "show_bug.cgi?id=1811464", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2025-01-09T20:10:49Z/" } ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1811464" }, { "reference_url": "https://usn.ubuntu.com/5880-1/", "reference_id": "USN-5880-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5880-1/" }, { "reference_url": "https://usn.ubuntu.com/5943-1/", "reference_id": "USN-5943-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5943-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/4690?format=api", "purl": "pkg:ebuild/www-client/firefox@102.10.0", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox@102.10.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/4691?format=api", "purl": "pkg:ebuild/www-client/firefox@112.0", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox@112.0" } ], "aliases": [ "CVE-2023-25737" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-cjyk-amwj-7kf7" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/140833?format=api", "vulnerability_id": "VCID-csev-gzre-t3gh", "summary": "Memory safety bugs present in Firefox 111 and Firefox ESR 102.9. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 112, Focus for Android < 112, Firefox ESR < 102.10, Firefox for Android < 112, and Thunderbird < 102.10.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-29550.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-29550.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2023-29550", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00198", "scoring_system": "epss", "scoring_elements": "0.4175", "published_at": "2026-06-11T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2023-29550" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0547", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0547" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1945", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1945" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1999", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1999" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-28427", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-28427" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29479", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29479" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29533", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29533" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29535", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29535" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29536", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29536" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29539", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29539" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29541", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29541" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29548", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29548" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29550", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29550" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2186111", "reference_id": "2186111", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2186111" }, { "reference_url": "https://bugzilla.mozilla.org/buglist.cgi?bug_id=1720594%2C1812498%2C1814217%2C1818357%2C1751945%2C1818762%2C1819493%2C1820389%2C1820602%2C1821448%2C1822413%2C1824828", "reference_id": "buglist.cgi?bug_id=1720594%2C1812498%2C1814217%2C1818357%2C1751945%2C1818762%2C1819493%2C1820389%2C1820602%2C1821448%2C1822413%2C1824828", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-01-10T19:20:01Z/" } ], "url": "https://bugzilla.mozilla.org/buglist.cgi?bug_id=1720594%2C1812498%2C1814217%2C1818357%2C1751945%2C1818762%2C1819493%2C1820389%2C1820602%2C1821448%2C1822413%2C1824828" }, { "reference_url": "https://security.gentoo.org/glsa/202305-35", "reference_id": "GLSA-202305-35", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202305-35" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-13", "reference_id": "mfsa2023-13", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-13" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2023-13/", "reference_id": "mfsa2023-13", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-01-10T19:20:01Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2023-13/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-14", "reference_id": "mfsa2023-14", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-14" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2023-14/", "reference_id": "mfsa2023-14", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-01-10T19:20:01Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2023-14/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-15", "reference_id": "mfsa2023-15", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-15" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2023-15/", "reference_id": "mfsa2023-15", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-01-10T19:20:01Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2023-15/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1785", "reference_id": "RHSA-2023:1785", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1785" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1786", "reference_id": "RHSA-2023:1786", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1786" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1787", "reference_id": "RHSA-2023:1787", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1787" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1788", "reference_id": "RHSA-2023:1788", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1788" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1789", "reference_id": "RHSA-2023:1789", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1789" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1790", "reference_id": "RHSA-2023:1790", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1790" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1791", "reference_id": "RHSA-2023:1791", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1791" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1792", "reference_id": "RHSA-2023:1792", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1792" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1802", "reference_id": "RHSA-2023:1802", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1802" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1803", "reference_id": "RHSA-2023:1803", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1803" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1804", "reference_id": "RHSA-2023:1804", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1804" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1805", "reference_id": "RHSA-2023:1805", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1805" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1806", "reference_id": "RHSA-2023:1806", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1806" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1809", "reference_id": "RHSA-2023:1809", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1809" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1810", "reference_id": "RHSA-2023:1810", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1810" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1811", "reference_id": "RHSA-2023:1811", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1811" }, { "reference_url": "https://usn.ubuntu.com/6010-1/", "reference_id": "USN-6010-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6010-1/" }, { "reference_url": "https://usn.ubuntu.com/6015-1/", "reference_id": "USN-6015-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6015-1/" }, { "reference_url": "https://usn.ubuntu.com/6120-1/", "reference_id": "USN-6120-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6120-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/4690?format=api", "purl": "pkg:ebuild/www-client/firefox@102.10.0", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox@102.10.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/4691?format=api", "purl": "pkg:ebuild/www-client/firefox@112.0", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox@112.0" } ], "aliases": [ "CVE-2023-29550" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-csev-gzre-t3gh" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/129559?format=api", "vulnerability_id": "VCID-dt91-rgbg-jqbz", "summary": "Due to URL previews in the network panel of developer tools improperly storing URLs, query parameters could potentially be used to overwrite global objects in privileged code. This vulnerability affects Firefox < 110.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-25731.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-25731.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2023-25731", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00277", "scoring_system": "epss", "scoring_elements": "0.51479", "published_at": "2026-06-11T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2023-25731" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2170386", "reference_id": "2170386", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2170386" }, { "reference_url": "https://security.gentoo.org/glsa/202305-35", "reference_id": "GLSA-202305-35", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202305-35" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-05", "reference_id": "mfsa2023-05", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-05" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2023-05/", "reference_id": "mfsa2023-05", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2025-01-10T17:28:34Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2023-05/" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1801542", "reference_id": "show_bug.cgi?id=1801542", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2025-01-10T17:28:34Z/" } ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1801542" }, { "reference_url": "https://usn.ubuntu.com/5880-1/", "reference_id": "USN-5880-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5880-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/4690?format=api", "purl": "pkg:ebuild/www-client/firefox@102.10.0", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox@102.10.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/4691?format=api", "purl": "pkg:ebuild/www-client/firefox@112.0", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox@112.0" } ], "aliases": [ "CVE-2023-25731" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-dt91-rgbg-jqbz" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/129135?format=api", "vulnerability_id": "VCID-e5mz-gthj-gudc", "summary": "When accessing throttled streams, the count of available bytes needed to be checked in the calling function to be within bounds. This may have lead future code to be incorrect and vulnerable. This vulnerability affects Firefox < 111, Firefox ESR < 102.9, and Thunderbird < 102.9.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-25752.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-25752.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2023-25752", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00104", "scoring_system": "epss", "scoring_elements": "0.27907", "published_at": "2026-06-11T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2023-25752" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25751", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25751" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25752", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25752" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-28162", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-28162" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-28164", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-28164" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-28176", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-28176" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2178460", "reference_id": "2178460", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2178460" }, { "reference_url": "https://security.gentoo.org/glsa/202305-35", "reference_id": "GLSA-202305-35", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202305-35" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-09", "reference_id": "mfsa2023-09", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-09" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2023-09/", "reference_id": "mfsa2023-09", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-09T16:07:23Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2023-09/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-10", "reference_id": "mfsa2023-10", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-10" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2023-10/", "reference_id": "mfsa2023-10", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-09T16:07:23Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2023-10/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-11", "reference_id": "mfsa2023-11", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-11" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2023-11/", "reference_id": "mfsa2023-11", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-09T16:07:23Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2023-11/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1333", "reference_id": "RHSA-2023:1333", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1333" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1336", "reference_id": "RHSA-2023:1336", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1336" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1337", "reference_id": "RHSA-2023:1337", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1337" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1364", "reference_id": "RHSA-2023:1364", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1364" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1367", "reference_id": "RHSA-2023:1367", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1367" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1401", "reference_id": "RHSA-2023:1401", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1401" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1402", "reference_id": "RHSA-2023:1402", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1402" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1403", "reference_id": "RHSA-2023:1403", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1403" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1404", "reference_id": "RHSA-2023:1404", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1404" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1407", "reference_id": "RHSA-2023:1407", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1407" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1442", "reference_id": "RHSA-2023:1442", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1442" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1443", "reference_id": "RHSA-2023:1443", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1443" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1444", "reference_id": "RHSA-2023:1444", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1444" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1445", "reference_id": "RHSA-2023:1445", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1445" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1472", "reference_id": "RHSA-2023:1472", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1472" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1479", "reference_id": "RHSA-2023:1479", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1479" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1811627", "reference_id": "show_bug.cgi?id=1811627", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-09T16:07:23Z/" } ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1811627" }, { "reference_url": "https://usn.ubuntu.com/5954-1/", "reference_id": "USN-5954-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5954-1/" }, { "reference_url": "https://usn.ubuntu.com/5972-1/", "reference_id": "USN-5972-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5972-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/4690?format=api", "purl": "pkg:ebuild/www-client/firefox@102.10.0", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox@102.10.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/4691?format=api", "purl": "pkg:ebuild/www-client/firefox@112.0", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox@112.0" } ], "aliases": [ "CVE-2023-25752" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-e5mz-gthj-gudc" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/140392?format=api", "vulnerability_id": "VCID-e627-z9cg-jqck", "summary": "Under specific circumstances a WebExtension may have received a <code>jar:file:///</code> URI instead of a <code>moz-extension:///</code> URI during a load request. This leaked directory paths on the user's machine. This vulnerability affects Firefox for Android < 112, Firefox < 112, and Focus for Android < 112.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2023-29538", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0034", "scoring_system": "epss", "scoring_elements": "0.57089", "published_at": "2026-06-11T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2023-29538" }, { "reference_url": "https://security.gentoo.org/glsa/202305-35", "reference_id": "GLSA-202305-35", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202305-35" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-13", "reference_id": "mfsa2023-13", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-13" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2023-13/", "reference_id": "mfsa2023-13", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-09T16:00:08Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2023-13/" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1685403", "reference_id": "show_bug.cgi?id=1685403", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-09T16:00:08Z/" } ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1685403" }, { "reference_url": "https://usn.ubuntu.com/6010-1/", "reference_id": "USN-6010-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6010-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/4690?format=api", "purl": "pkg:ebuild/www-client/firefox@102.10.0", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox@102.10.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/4691?format=api", "purl": "pkg:ebuild/www-client/firefox@112.0", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox@112.0" } ], "aliases": [ "CVE-2023-29538" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-e627-z9cg-jqck" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/134064?format=api", "vulnerability_id": "VCID-fzd8-szf7-8fge", "summary": "The fullscreen notification could have been hidden on Firefox for Android by using download popups, resulting in potential user confusion or spoofing attacks. <br>*This bug only affects Firefox for Android. Other operating systems are unaffected.*. This vulnerability affects Firefox < 111.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2023-28159", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0025", "scoring_system": "epss", "scoring_elements": "0.48515", "published_at": "2026-06-11T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2023-28159" }, { "reference_url": "https://security.gentoo.org/glsa/202305-35", "reference_id": "GLSA-202305-35", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202305-35" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-09", "reference_id": "mfsa2023-09", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-09" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2023-09/", "reference_id": "mfsa2023-09", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-09T16:42:14Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2023-09/" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1783561", "reference_id": "show_bug.cgi?id=1783561", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-09T16:42:14Z/" } ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1783561" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/4690?format=api", "purl": "pkg:ebuild/www-client/firefox@102.10.0", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox@102.10.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/4691?format=api", "purl": "pkg:ebuild/www-client/firefox@112.0", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox@112.0" } ], "aliases": [ "CVE-2023-28159" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-fzd8-szf7-8fge" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/15013?format=api", "vulnerability_id": "VCID-g9dk-kcp7-q7c1", "summary": "", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-1945.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-1945.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2023-1945", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00106", "scoring_system": "epss", "scoring_elements": "0.28252", "published_at": "2026-06-11T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2023-1945" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0547", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0547" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1945", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1945" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1999", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1999" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-28427", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-28427" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29479", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29479" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29533", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29533" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29535", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29535" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29536", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29536" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29539", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29539" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29541", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29541" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29548", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29548" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29550", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29550" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2186109", "reference_id": "2186109", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2186109" }, { "reference_url": "https://security.gentoo.org/glsa/202305-35", "reference_id": "GLSA-202305-35", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202305-35" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-14", "reference_id": "mfsa2023-14", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-14" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2023-14/", "reference_id": "mfsa2023-14", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-09T16:55:03Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2023-14/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-15", "reference_id": "mfsa2023-15", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-15" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2023-15/", "reference_id": "mfsa2023-15", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-09T16:55:03Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2023-15/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1785", "reference_id": "RHSA-2023:1785", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1785" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1786", "reference_id": "RHSA-2023:1786", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1786" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1787", "reference_id": "RHSA-2023:1787", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1787" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1788", "reference_id": "RHSA-2023:1788", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1788" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1789", "reference_id": "RHSA-2023:1789", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1789" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1790", "reference_id": "RHSA-2023:1790", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1790" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1791", "reference_id": "RHSA-2023:1791", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1791" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1792", "reference_id": "RHSA-2023:1792", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1792" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1802", "reference_id": "RHSA-2023:1802", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1802" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1803", "reference_id": "RHSA-2023:1803", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1803" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1804", "reference_id": "RHSA-2023:1804", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1804" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1805", "reference_id": "RHSA-2023:1805", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1805" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1806", "reference_id": "RHSA-2023:1806", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1806" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1809", "reference_id": "RHSA-2023:1809", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1809" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1810", "reference_id": "RHSA-2023:1810", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1810" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1811", "reference_id": "RHSA-2023:1811", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1811" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1777588", "reference_id": "show_bug.cgi?id=1777588", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-09T16:55:03Z/" } ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1777588" }, { "reference_url": "https://usn.ubuntu.com/6015-1/", "reference_id": "USN-6015-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6015-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/4690?format=api", "purl": "pkg:ebuild/www-client/firefox@102.10.0", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox@102.10.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/4691?format=api", "purl": "pkg:ebuild/www-client/firefox@112.0", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox@112.0" } ], "aliases": [ "CVE-2023-1945" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-g9dk-kcp7-q7c1" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/129415?format=api", "vulnerability_id": "VCID-hf1g-dar6-jya3", "summary": "Members of the <code>DEVMODEW</code> struct set by the printer device driver weren't being validated and could have resulted in invalid values which in turn would cause the browser to attempt out of bounds access to related variables.<br>*This bug only affects Firefox on Windows. Other operating systems are unaffected.*. This vulnerability affects Firefox < 110, Thunderbird < 102.8, and Firefox ESR < 102.8.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-25738.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-25738.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2023-25738", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00389", "scoring_system": "epss", "scoring_elements": "0.60421", "published_at": "2026-06-11T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2023-25738" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2170380", "reference_id": "2170380", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2170380" }, { "reference_url": "https://security.gentoo.org/glsa/202305-35", "reference_id": "GLSA-202305-35", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202305-35" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-05", "reference_id": "mfsa2023-05", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-05" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2023-05/", "reference_id": "mfsa2023-05", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-09T20:08:20Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2023-05/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-06", "reference_id": "mfsa2023-06", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-06" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2023-06/", "reference_id": "mfsa2023-06", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-09T20:08:20Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2023-06/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-07", "reference_id": "mfsa2023-07", "reference_type": "", "scores": [ { "value": "low", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-07" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2023-07/", "reference_id": "mfsa2023-07", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-09T20:08:20Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2023-07/" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1811852", "reference_id": "show_bug.cgi?id=1811852", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-09T20:08:20Z/" } ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1811852" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/4690?format=api", "purl": "pkg:ebuild/www-client/firefox@102.10.0", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox@102.10.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/4691?format=api", "purl": "pkg:ebuild/www-client/firefox@112.0", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox@112.0" } ], "aliases": [ "CVE-2023-25738" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-hf1g-dar6-jya3" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/140486?format=api", "vulnerability_id": "VCID-jtnv-8pdn-m7bh", "summary": "A wrong lowering instruction in the ARM64 Ion compiler resulted in a wrong optimization result. This vulnerability affects Firefox < 112, Focus for Android < 112, Firefox ESR < 102.10, Firefox for Android < 112, and Thunderbird < 102.10.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-29548.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.4", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:N/I:L/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-29548.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2023-29548", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00106", "scoring_system": "epss", "scoring_elements": "0.28182", "published_at": "2026-06-11T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2023-29548" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0547", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0547" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1945", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1945" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1999", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1999" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-28427", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-28427" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29479", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29479" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29533", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29533" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29535", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29535" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29536", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29536" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29539", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29539" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29541", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29541" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29548", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29548" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29550", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29550" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2186110", "reference_id": "2186110", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2186110" }, { "reference_url": "https://security.gentoo.org/glsa/202305-35", "reference_id": "GLSA-202305-35", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202305-35" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-13", "reference_id": "mfsa2023-13", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-13" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2023-13/", "reference_id": "mfsa2023-13", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-10T19:16:05Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2023-13/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-14", "reference_id": "mfsa2023-14", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-14" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2023-14/", "reference_id": "mfsa2023-14", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-10T19:16:05Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2023-14/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-15", "reference_id": "mfsa2023-15", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-15" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2023-15/", "reference_id": "mfsa2023-15", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-10T19:16:05Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2023-15/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1785", "reference_id": "RHSA-2023:1785", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1785" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1786", "reference_id": "RHSA-2023:1786", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1786" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1787", "reference_id": "RHSA-2023:1787", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1787" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1788", "reference_id": "RHSA-2023:1788", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1788" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1789", "reference_id": "RHSA-2023:1789", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1789" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1790", "reference_id": "RHSA-2023:1790", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1790" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1791", "reference_id": "RHSA-2023:1791", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1791" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1792", "reference_id": "RHSA-2023:1792", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1792" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1802", "reference_id": "RHSA-2023:1802", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1802" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1803", "reference_id": "RHSA-2023:1803", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1803" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1804", "reference_id": "RHSA-2023:1804", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1804" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1805", "reference_id": "RHSA-2023:1805", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1805" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1806", "reference_id": "RHSA-2023:1806", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1806" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1809", "reference_id": "RHSA-2023:1809", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1809" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1810", "reference_id": "RHSA-2023:1810", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1810" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1811", "reference_id": "RHSA-2023:1811", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1811" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1822754", "reference_id": "show_bug.cgi?id=1822754", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-10T19:16:05Z/" } ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1822754" }, { "reference_url": "https://usn.ubuntu.com/6010-1/", "reference_id": "USN-6010-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6010-1/" }, { "reference_url": "https://usn.ubuntu.com/6015-1/", "reference_id": "USN-6015-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6015-1/" }, { "reference_url": "https://usn.ubuntu.com/6120-1/", "reference_id": "USN-6120-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6120-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/4690?format=api", "purl": "pkg:ebuild/www-client/firefox@102.10.0", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox@102.10.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/4691?format=api", "purl": "pkg:ebuild/www-client/firefox@112.0", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox@112.0" } ], "aliases": [ "CVE-2023-29548" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-jtnv-8pdn-m7bh" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/140804?format=api", "vulnerability_id": "VCID-m1t1-9g5s-xbhp", "summary": "Using a redirect embedded into <code>sourceMappingUrls</code> could allow for navigation to external protocol links in sandboxed iframes without <code>allow-top-navigation-to-custom-protocols</code>. This vulnerability affects Firefox for Android < 112, Firefox < 112, and Focus for Android < 112.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2023-29540", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0024", "scoring_system": "epss", "scoring_elements": "0.47287", "published_at": "2026-06-11T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2023-29540" }, { "reference_url": "https://security.gentoo.org/glsa/202305-35", "reference_id": "GLSA-202305-35", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202305-35" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-13", "reference_id": "mfsa2023-13", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-13" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2023-13/", "reference_id": "mfsa2023-13", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-09T15:42:04Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2023-13/" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1790542", "reference_id": "show_bug.cgi?id=1790542", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-09T15:42:04Z/" } ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1790542" }, { "reference_url": "https://usn.ubuntu.com/6010-1/", "reference_id": "USN-6010-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6010-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/4690?format=api", "purl": "pkg:ebuild/www-client/firefox@102.10.0", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox@102.10.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/4691?format=api", "purl": "pkg:ebuild/www-client/firefox@112.0", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox@112.0" } ], "aliases": [ "CVE-2023-29540" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-m1t1-9g5s-xbhp" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/129043?format=api", "vulnerability_id": "VCID-mqd7-aqzz-9kbt", "summary": "Cross-compartment wrappers wrapping a scripted proxy could have caused objects from other compartments to be stored in the main compartment resulting in a use-after-free after unwrapping the proxy. This vulnerability affects Firefox < 110, Thunderbird < 102.8, and Firefox ESR < 102.8.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-25735.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-25735.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2023-25735", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00166", "scoring_system": "epss", "scoring_elements": "0.37466", "published_at": "2026-06-11T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2023-25735" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-46871", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-46871" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-46877", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-46877" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0430", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0430" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0616", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0616" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0767", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0767" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-23598", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-23598" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-23601", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-23601" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-23602", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-23602" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-23603", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-23603" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-23605", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-23605" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25728", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25728" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25729", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25729" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25730", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25730" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25732", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25732" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25735", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25735" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25737", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25737" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25739", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25739" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25742", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25742" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25744", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25744" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25746", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25746" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2170378", "reference_id": "2170378", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2170378" }, { "reference_url": "https://security.gentoo.org/glsa/202305-35", "reference_id": "GLSA-202305-35", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202305-35" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-05", "reference_id": "mfsa2023-05", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-05" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2023-05/", "reference_id": "mfsa2023-05", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2025-01-09T20:59:20Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2023-05/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-06", "reference_id": "mfsa2023-06", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-06" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2023-06/", "reference_id": "mfsa2023-06", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2025-01-09T20:59:20Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2023-06/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-07", "reference_id": "mfsa2023-07", "reference_type": "", "scores": [ { "value": "low", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-07" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2023-07/", "reference_id": "mfsa2023-07", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2025-01-09T20:59:20Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2023-07/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:0805", "reference_id": "RHSA-2023:0805", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:0805" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:0806", "reference_id": "RHSA-2023:0806", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:0806" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:0807", "reference_id": "RHSA-2023:0807", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:0807" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:0808", "reference_id": "RHSA-2023:0808", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:0808" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:0809", "reference_id": "RHSA-2023:0809", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:0809" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:0810", "reference_id": "RHSA-2023:0810", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:0810" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:0811", "reference_id": "RHSA-2023:0811", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:0811" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:0812", "reference_id": "RHSA-2023:0812", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:0812" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:0817", "reference_id": "RHSA-2023:0817", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:0817" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:0818", "reference_id": "RHSA-2023:0818", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:0818" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:0819", "reference_id": "RHSA-2023:0819", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:0819" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:0820", "reference_id": "RHSA-2023:0820", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:0820" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:0821", "reference_id": "RHSA-2023:0821", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:0821" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:0822", "reference_id": "RHSA-2023:0822", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:0822" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:0823", "reference_id": "RHSA-2023:0823", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:0823" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:0824", "reference_id": "RHSA-2023:0824", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:0824" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1810711", "reference_id": "show_bug.cgi?id=1810711", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2025-01-09T20:59:20Z/" } ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1810711" }, { "reference_url": "https://usn.ubuntu.com/5880-1/", "reference_id": "USN-5880-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5880-1/" }, { "reference_url": "https://usn.ubuntu.com/5943-1/", "reference_id": "USN-5943-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5943-1/" }, { "reference_url": "https://usn.ubuntu.com/6120-1/", "reference_id": "USN-6120-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6120-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/4690?format=api", "purl": "pkg:ebuild/www-client/firefox@102.10.0", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox@102.10.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/4691?format=api", "purl": "pkg:ebuild/www-client/firefox@112.0", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox@112.0" } ], "aliases": [ "CVE-2023-25735" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-mqd7-aqzz-9kbt" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/140511?format=api", "vulnerability_id": "VCID-pgfx-nj3x-b7bd", "summary": "Following a Garbage Collector compaction, weak maps may have been accessed before they were correctly traced. This resulted in memory corruption and a potentially exploitable crash. This vulnerability affects Firefox < 112, Focus for Android < 112, Firefox ESR < 102.10, Firefox for Android < 112, and Thunderbird < 102.10.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-29535.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-29535.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2023-29535", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00338", "scoring_system": "epss", "scoring_elements": "0.56981", "published_at": "2026-06-11T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2023-29535" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0547", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0547" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1945", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1945" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1999", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1999" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-28427", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-28427" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29479", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29479" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29533", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29533" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29535", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29535" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29536", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29536" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29539", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29539" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29541", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29541" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29548", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29548" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29550", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29550" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2186103", "reference_id": "2186103", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2186103" }, { "reference_url": "https://security.gentoo.org/glsa/202305-35", "reference_id": "GLSA-202305-35", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202305-35" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-13", "reference_id": "mfsa2023-13", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-13" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2023-13/", "reference_id": "mfsa2023-13", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-09T15:51:21Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2023-13/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-14", "reference_id": "mfsa2023-14", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-14" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2023-14/", "reference_id": "mfsa2023-14", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-09T15:51:21Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2023-14/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-15", "reference_id": "mfsa2023-15", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-15" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2023-15/", "reference_id": "mfsa2023-15", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-09T15:51:21Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2023-15/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1785", "reference_id": "RHSA-2023:1785", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1785" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1786", "reference_id": "RHSA-2023:1786", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1786" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1787", "reference_id": "RHSA-2023:1787", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1787" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1788", "reference_id": "RHSA-2023:1788", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1788" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1789", "reference_id": "RHSA-2023:1789", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1789" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1790", "reference_id": "RHSA-2023:1790", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1790" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1791", "reference_id": "RHSA-2023:1791", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1791" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1792", "reference_id": "RHSA-2023:1792", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1792" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1802", "reference_id": "RHSA-2023:1802", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1802" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1803", "reference_id": "RHSA-2023:1803", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1803" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1804", "reference_id": "RHSA-2023:1804", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1804" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1805", "reference_id": "RHSA-2023:1805", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1805" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1806", "reference_id": "RHSA-2023:1806", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1806" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1809", "reference_id": "RHSA-2023:1809", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1809" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1810", "reference_id": "RHSA-2023:1810", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1810" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1811", "reference_id": "RHSA-2023:1811", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1811" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1820543", "reference_id": "show_bug.cgi?id=1820543", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-09T15:51:21Z/" } ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1820543" }, { "reference_url": "https://usn.ubuntu.com/6010-1/", "reference_id": "USN-6010-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6010-1/" }, { "reference_url": "https://usn.ubuntu.com/6015-1/", "reference_id": "USN-6015-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6015-1/" }, { "reference_url": "https://usn.ubuntu.com/6120-1/", "reference_id": "USN-6120-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6120-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/4690?format=api", "purl": "pkg:ebuild/www-client/firefox@102.10.0", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox@102.10.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/4691?format=api", "purl": "pkg:ebuild/www-client/firefox@112.0", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox@112.0" } ], "aliases": [ "CVE-2023-29535" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-pgfx-nj3x-b7bd" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/140873?format=api", "vulnerability_id": "VCID-q92s-9xja-43fx", "summary": "When handling the filename directive in the Content-Disposition header, the filename would be truncated if the filename contained a NULL character. This could have led to reflected file download attacks potentially tricking users to install malware. This vulnerability affects Firefox < 112, Focus for Android < 112, Firefox ESR < 102.10, Firefox for Android < 112, and Thunderbird < 102.10.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-29539.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-29539.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2023-29539", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00221", "scoring_system": "epss", "scoring_elements": "0.44866", "published_at": "2026-06-11T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2023-29539" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0547", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0547" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1945", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1945" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1999", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1999" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-28427", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-28427" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29479", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29479" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29533", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29533" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29535", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29535" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29536", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29536" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29539", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29539" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29541", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29541" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29548", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29548" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29550", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29550" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2186105", "reference_id": "2186105", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2186105" }, { "reference_url": "https://security.gentoo.org/glsa/202305-35", "reference_id": "GLSA-202305-35", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202305-35" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-13", "reference_id": "mfsa2023-13", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-13" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2023-13/", "reference_id": "mfsa2023-13", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-01-09T15:43:44Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2023-13/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-14", "reference_id": "mfsa2023-14", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-14" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2023-14/", "reference_id": "mfsa2023-14", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-01-09T15:43:44Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2023-14/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-15", "reference_id": "mfsa2023-15", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-15" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2023-15/", "reference_id": "mfsa2023-15", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-01-09T15:43:44Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2023-15/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1785", "reference_id": "RHSA-2023:1785", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1785" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1786", "reference_id": "RHSA-2023:1786", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1786" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1787", "reference_id": "RHSA-2023:1787", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1787" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1788", "reference_id": "RHSA-2023:1788", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1788" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1789", "reference_id": "RHSA-2023:1789", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1789" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1790", "reference_id": "RHSA-2023:1790", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1790" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1791", "reference_id": "RHSA-2023:1791", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1791" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1792", "reference_id": "RHSA-2023:1792", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1792" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1802", "reference_id": "RHSA-2023:1802", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1802" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1803", "reference_id": "RHSA-2023:1803", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1803" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1804", "reference_id": "RHSA-2023:1804", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1804" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1805", "reference_id": "RHSA-2023:1805", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1805" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1806", "reference_id": "RHSA-2023:1806", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1806" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1809", "reference_id": "RHSA-2023:1809", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1809" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1810", "reference_id": "RHSA-2023:1810", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1810" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1811", "reference_id": "RHSA-2023:1811", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1811" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1784348", "reference_id": "show_bug.cgi?id=1784348", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-01-09T15:43:44Z/" } ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1784348" }, { "reference_url": "https://usn.ubuntu.com/6010-1/", "reference_id": "USN-6010-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6010-1/" }, { "reference_url": "https://usn.ubuntu.com/6015-1/", "reference_id": "USN-6015-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6015-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/4690?format=api", "purl": "pkg:ebuild/www-client/firefox@102.10.0", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox@102.10.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/4691?format=api", "purl": "pkg:ebuild/www-client/firefox@112.0", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox@112.0" } ], "aliases": [ "CVE-2023-29539" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-q92s-9xja-43fx" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/134670?format=api", "vulnerability_id": "VCID-qv1a-zv1u-7kcm", "summary": "Memory safety bugs present in Firefox 110. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 111.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2023-28177", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00229", "scoring_system": "epss", "scoring_elements": "0.45833", "published_at": "2026-06-11T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2023-28177" }, { "reference_url": "https://bugzilla.mozilla.org/buglist.cgi?bug_id=1803109%2C1808832%2C1809542%2C1817336", "reference_id": "buglist.cgi?bug_id=1803109%2C1808832%2C1809542%2C1817336", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-01-08T20:15:35Z/" } ], "url": "https://bugzilla.mozilla.org/buglist.cgi?bug_id=1803109%2C1808832%2C1809542%2C1817336" }, { "reference_url": "https://security.gentoo.org/glsa/202305-35", "reference_id": "GLSA-202305-35", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202305-35" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-09", "reference_id": "mfsa2023-09", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-09" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2023-09/", "reference_id": "mfsa2023-09", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-01-08T20:15:35Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2023-09/" }, { "reference_url": "https://usn.ubuntu.com/5954-1/", "reference_id": "USN-5954-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5954-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/4690?format=api", "purl": "pkg:ebuild/www-client/firefox@102.10.0", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox@102.10.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/4691?format=api", "purl": "pkg:ebuild/www-client/firefox@112.0", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox@112.0" } ], "aliases": [ "CVE-2023-28177" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-qv1a-zv1u-7kcm" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/140859?format=api", "vulnerability_id": "VCID-rb5n-pj4f-n7ce", "summary": "Multiple race conditions in the font initialization could have led to memory corruption and execution of attacker-controlled code. This vulnerability affects Firefox for Android < 112, Firefox < 112, and Focus for Android < 112.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2023-29537", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00202", "scoring_system": "epss", "scoring_elements": "0.42319", "published_at": "2026-06-11T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2023-29537" }, { "reference_url": "https://security.gentoo.org/glsa/202305-35", "reference_id": "GLSA-202305-35", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202305-35" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-13", "reference_id": "mfsa2023-13", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-13" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2023-13/", "reference_id": "mfsa2023-13", "reference_type": "", "scores": [ { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2025-01-09T16:01:13Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2023-13/" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1823365", "reference_id": "show_bug.cgi?id=1823365", "reference_type": "", "scores": [ { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2025-01-09T16:01:13Z/" } ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1823365" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1824200", "reference_id": "show_bug.cgi?id=1824200", "reference_type": "", "scores": [ { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2025-01-09T16:01:13Z/" } ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1824200" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1825569", "reference_id": "show_bug.cgi?id=1825569", "reference_type": "", "scores": [ { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2025-01-09T16:01:13Z/" } ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1825569" }, { "reference_url": "https://usn.ubuntu.com/6010-1/", "reference_id": "USN-6010-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6010-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/4690?format=api", "purl": "pkg:ebuild/www-client/firefox@102.10.0", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox@102.10.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/4691?format=api", "purl": "pkg:ebuild/www-client/firefox@112.0", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox@112.0" } ], "aliases": [ "CVE-2023-29537" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-rb5n-pj4f-n7ce" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/134103?format=api", "vulnerability_id": "VCID-rh36-y7ds-rfg9", "summary": "Memory safety bugs present in Firefox 110 and Firefox ESR 102.8. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 111, Firefox ESR < 102.9, and Thunderbird < 102.9.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-28176.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-28176.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2023-28176", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00156", "scoring_system": "epss", "scoring_elements": "0.36175", "published_at": "2026-06-11T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2023-28176" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25751", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25751" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25752", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25752" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-28162", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-28162" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-28164", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-28164" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-28176", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-28176" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2178472", "reference_id": "2178472", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2178472" }, { "reference_url": "https://bugzilla.mozilla.org/buglist.cgi?bug_id=1808352%2C1811637%2C1815904%2C1817442%2C1818674", "reference_id": "buglist.cgi?bug_id=1808352%2C1811637%2C1815904%2C1817442%2C1818674", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-01-08T20:25:03Z/" } ], "url": "https://bugzilla.mozilla.org/buglist.cgi?bug_id=1808352%2C1811637%2C1815904%2C1817442%2C1818674" }, { "reference_url": "https://security.gentoo.org/glsa/202305-35", "reference_id": "GLSA-202305-35", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202305-35" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-09", "reference_id": "mfsa2023-09", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-09" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2023-09/", "reference_id": "mfsa2023-09", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-01-08T20:25:03Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2023-09/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-10", "reference_id": "mfsa2023-10", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-10" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2023-10/", "reference_id": "mfsa2023-10", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-01-08T20:25:03Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2023-10/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-11", "reference_id": "mfsa2023-11", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-11" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2023-11/", "reference_id": "mfsa2023-11", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-01-08T20:25:03Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2023-11/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1333", "reference_id": "RHSA-2023:1333", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1333" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1336", "reference_id": "RHSA-2023:1336", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1336" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1337", "reference_id": "RHSA-2023:1337", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1337" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1364", "reference_id": "RHSA-2023:1364", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1364" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1367", "reference_id": "RHSA-2023:1367", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1367" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1401", "reference_id": "RHSA-2023:1401", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1401" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1402", "reference_id": "RHSA-2023:1402", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1402" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1403", "reference_id": "RHSA-2023:1403", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1403" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1404", "reference_id": "RHSA-2023:1404", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1404" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1407", "reference_id": "RHSA-2023:1407", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1407" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1442", "reference_id": "RHSA-2023:1442", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1442" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1443", "reference_id": "RHSA-2023:1443", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1443" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1444", "reference_id": "RHSA-2023:1444", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1444" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1445", "reference_id": "RHSA-2023:1445", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1445" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1472", "reference_id": "RHSA-2023:1472", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1472" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1479", "reference_id": "RHSA-2023:1479", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1479" }, { "reference_url": "https://usn.ubuntu.com/5954-1/", "reference_id": "USN-5954-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5954-1/" }, { "reference_url": "https://usn.ubuntu.com/5972-1/", "reference_id": "USN-5972-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5972-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/4690?format=api", "purl": "pkg:ebuild/www-client/firefox@102.10.0", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox@102.10.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/4691?format=api", "purl": "pkg:ebuild/www-client/firefox@112.0", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox@112.0" } ], "aliases": [ "CVE-2023-28176" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-rh36-y7ds-rfg9" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/128916?format=api", "vulnerability_id": "VCID-rur4-sy2e-kyee", "summary": "By displaying a prompt with a long description, the fullscreen notification could have been hidden, resulting in potential user confusion or spoofing attacks. <br>*This bug only affects Firefox for Android. Other operating systems are unaffected.*. This vulnerability affects Firefox < 111.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2023-25748", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0025", "scoring_system": "epss", "scoring_elements": "0.48515", "published_at": "2026-06-11T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2023-25748" }, { "reference_url": "https://security.gentoo.org/glsa/202305-35", "reference_id": "GLSA-202305-35", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202305-35" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-09", "reference_id": "mfsa2023-09", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-09" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2023-09/", "reference_id": "mfsa2023-09", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-09T18:58:12Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2023-09/" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1798798", "reference_id": "show_bug.cgi?id=1798798", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-09T18:58:12Z/" } ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1798798" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/4690?format=api", "purl": "pkg:ebuild/www-client/firefox@102.10.0", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox@102.10.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/4691?format=api", "purl": "pkg:ebuild/www-client/firefox@112.0", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox@112.0" } ], "aliases": [ "CVE-2023-25748" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-rur4-sy2e-kyee" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/129527?format=api", "vulnerability_id": "VCID-ruvd-z97u-xfbf", "summary": "Permission prompts for opening external schemes were only shown for <code>ContentPrincipals</code> resulting in extensions being able to open them without user interaction via <code>ExpandedPrincipals</code>. This could lead to further malicious actions such as downloading files or interacting with software already installed on the system. This vulnerability affects Firefox < 110, Thunderbird < 102.8, and Firefox ESR < 102.8.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-25729.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-25729.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2023-25729", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00124", "scoring_system": "epss", "scoring_elements": "0.31094", "published_at": "2026-06-11T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2023-25729" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-46871", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-46871" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-46877", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-46877" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0430", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0430" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0616", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0616" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0767", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0767" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-23598", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-23598" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-23601", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-23601" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-23602", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-23602" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-23603", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-23603" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-23605", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-23605" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25728", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25728" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25729", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25729" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25730", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25730" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25732", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25732" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25735", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25735" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25737", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25737" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25739", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25739" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25742", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25742" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25744", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25744" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25746", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25746" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2170382", "reference_id": "2170382", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2170382" }, { "reference_url": "https://security.gentoo.org/glsa/202305-35", "reference_id": "GLSA-202305-35", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202305-35" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-05", "reference_id": "mfsa2023-05", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-05" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2023-05/", "reference_id": "mfsa2023-05", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2025-01-10T17:35:34Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2023-05/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-06", "reference_id": "mfsa2023-06", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-06" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2023-06/", "reference_id": "mfsa2023-06", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2025-01-10T17:35:34Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2023-06/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-07", "reference_id": "mfsa2023-07", "reference_type": "", "scores": [ { "value": "low", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-07" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2023-07/", "reference_id": "mfsa2023-07", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2025-01-10T17:35:34Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2023-07/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:0805", "reference_id": "RHSA-2023:0805", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:0805" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:0806", "reference_id": "RHSA-2023:0806", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:0806" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:0807", "reference_id": "RHSA-2023:0807", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:0807" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:0808", "reference_id": "RHSA-2023:0808", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:0808" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:0809", "reference_id": "RHSA-2023:0809", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:0809" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:0810", "reference_id": "RHSA-2023:0810", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:0810" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:0811", "reference_id": "RHSA-2023:0811", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:0811" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:0812", "reference_id": "RHSA-2023:0812", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:0812" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:0817", "reference_id": "RHSA-2023:0817", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:0817" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:0818", "reference_id": "RHSA-2023:0818", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:0818" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:0819", "reference_id": "RHSA-2023:0819", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:0819" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:0820", "reference_id": "RHSA-2023:0820", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:0820" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:0821", "reference_id": "RHSA-2023:0821", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:0821" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:0822", "reference_id": "RHSA-2023:0822", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:0822" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:0823", "reference_id": "RHSA-2023:0823", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:0823" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:0824", "reference_id": "RHSA-2023:0824", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:0824" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1792138", "reference_id": "show_bug.cgi?id=1792138", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2025-01-10T17:35:34Z/" } ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1792138" }, { "reference_url": "https://usn.ubuntu.com/5880-1/", "reference_id": "USN-5880-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5880-1/" }, { "reference_url": "https://usn.ubuntu.com/5943-1/", "reference_id": "USN-5943-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5943-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/4690?format=api", "purl": "pkg:ebuild/www-client/firefox@102.10.0", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox@102.10.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/4691?format=api", "purl": "pkg:ebuild/www-client/firefox@112.0", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox@112.0" } ], "aliases": [ "CVE-2023-25729" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-ruvd-z97u-xfbf" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/134232?format=api", "vulnerability_id": "VCID-s2w9-mgwb-duez", "summary": "When following a redirect to a publicly accessible web extension file, the URL may have been translated to the actual local path, leaking potentially sensitive information. This vulnerability affects Firefox < 111.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2023-28160", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00278", "scoring_system": "epss", "scoring_elements": "0.51584", "published_at": "2026-06-11T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2023-28160" }, { "reference_url": "https://security.gentoo.org/glsa/202305-35", "reference_id": "GLSA-202305-35", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202305-35" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-09", "reference_id": "mfsa2023-09", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-09" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2023-09/", "reference_id": "mfsa2023-09", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-09T15:37:40Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2023-09/" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1802385", "reference_id": "show_bug.cgi?id=1802385", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-09T15:37:40Z/" } ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1802385" }, { "reference_url": "https://usn.ubuntu.com/5954-1/", "reference_id": "USN-5954-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5954-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/4690?format=api", "purl": "pkg:ebuild/www-client/firefox@102.10.0", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox@102.10.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/4691?format=api", "purl": "pkg:ebuild/www-client/firefox@112.0", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox@112.0" } ], "aliases": [ "CVE-2023-28160" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-s2w9-mgwb-duez" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/134629?format=api", "vulnerability_id": "VCID-s8tk-87r4-jbdn", "summary": "If temporary \"one-time\" permissions, such as the ability to use the Camera, were granted to a document loaded using a file: URL, that permission persisted in that tab for all other documents loaded from a file: URL. This is potentially dangerous if the local files came from different sources, such as in a download directory. This vulnerability affects Firefox < 111.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2023-28161", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00155", "scoring_system": "epss", "scoring_elements": "0.36058", "published_at": "2026-06-11T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2023-28161" }, { "reference_url": "https://security.gentoo.org/glsa/202305-35", "reference_id": "GLSA-202305-35", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202305-35" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-09", "reference_id": "mfsa2023-09", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-09" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2023-09/", "reference_id": "mfsa2023-09", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2025-01-09T15:29:14Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2023-09/" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1811181", "reference_id": "show_bug.cgi?id=1811181", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2025-01-09T15:29:14Z/" } ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1811181" }, { "reference_url": "https://usn.ubuntu.com/5954-1/", "reference_id": "USN-5954-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5954-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/4690?format=api", "purl": "pkg:ebuild/www-client/firefox@102.10.0", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox@102.10.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/4691?format=api", "purl": "pkg:ebuild/www-client/firefox@112.0", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox@112.0" } ], "aliases": [ "CVE-2023-28161" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-s8tk-87r4-jbdn" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/129421?format=api", "vulnerability_id": "VCID-t4a9-4um6-m3az", "summary": "When encoding data from an <code>inputStream</code> in <code>xpcom</code> the size of the input being encoded was not correctly calculated potentially leading to an out of bounds memory write. This vulnerability affects Firefox < 110, Thunderbird < 102.8, and Firefox ESR < 102.8.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-25732.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-25732.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2023-25732", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00153", "scoring_system": "epss", "scoring_elements": "0.3573", "published_at": "2026-06-11T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2023-25732" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-46871", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-46871" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-46877", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-46877" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0430", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0430" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0616", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0616" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0767", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0767" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-23598", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-23598" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-23601", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-23601" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-23602", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-23602" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-23603", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-23603" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-23605", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-23605" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25728", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25728" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25729", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25729" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25730", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25730" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25732", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25732" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25735", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25735" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25737", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25737" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25739", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25739" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25742", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25742" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25744", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25744" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25746", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25746" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2170383", "reference_id": "2170383", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2170383" }, { "reference_url": "https://security.gentoo.org/glsa/202305-35", "reference_id": "GLSA-202305-35", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202305-35" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-05", "reference_id": "mfsa2023-05", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-05" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2023-05/", "reference_id": "mfsa2023-05", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2025-01-09T21:12:13Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2023-05/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-06", "reference_id": "mfsa2023-06", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-06" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2023-06/", "reference_id": "mfsa2023-06", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2025-01-09T21:12:13Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2023-06/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-07", "reference_id": "mfsa2023-07", "reference_type": "", "scores": [ { "value": "low", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-07" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2023-07/", "reference_id": "mfsa2023-07", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2025-01-09T21:12:13Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2023-07/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:0805", "reference_id": "RHSA-2023:0805", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:0805" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:0806", "reference_id": "RHSA-2023:0806", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:0806" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:0807", "reference_id": "RHSA-2023:0807", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:0807" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:0808", "reference_id": "RHSA-2023:0808", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:0808" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:0809", "reference_id": "RHSA-2023:0809", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:0809" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:0810", "reference_id": "RHSA-2023:0810", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:0810" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:0811", "reference_id": "RHSA-2023:0811", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:0811" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:0812", "reference_id": "RHSA-2023:0812", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:0812" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:0817", "reference_id": "RHSA-2023:0817", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:0817" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:0818", "reference_id": "RHSA-2023:0818", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:0818" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:0819", "reference_id": "RHSA-2023:0819", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:0819" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:0820", "reference_id": "RHSA-2023:0820", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:0820" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:0821", "reference_id": "RHSA-2023:0821", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:0821" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:0822", "reference_id": "RHSA-2023:0822", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:0822" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:0823", "reference_id": "RHSA-2023:0823", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:0823" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:0824", "reference_id": "RHSA-2023:0824", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:0824" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1804564", "reference_id": "show_bug.cgi?id=1804564", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2025-01-09T21:12:13Z/" } ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1804564" }, { "reference_url": "https://usn.ubuntu.com/5880-1/", "reference_id": "USN-5880-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5880-1/" }, { "reference_url": "https://usn.ubuntu.com/5943-1/", "reference_id": "USN-5943-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5943-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/4690?format=api", "purl": "pkg:ebuild/www-client/firefox@102.10.0", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox@102.10.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/4691?format=api", "purl": "pkg:ebuild/www-client/firefox@112.0", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox@112.0" } ], "aliases": [ "CVE-2023-25732" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-t4a9-4um6-m3az" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/140593?format=api", "vulnerability_id": "VCID-t7zm-9zeh-g3gq", "summary": "Firefox did not properly handle downloads of files ending in <code>.desktop</code>, which can be interpreted to run attacker-controlled commands. <br>*This bug only affects Firefox for Linux on certain Distributions. Other operating systems are unaffected, and Mozilla is unable to enumerate all affected Linux Distributions.*. This vulnerability affects Firefox < 112, Focus for Android < 112, Firefox ESR < 102.10, Firefox for Android < 112, and Thunderbird < 102.10.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-29541.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-29541.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2023-29541", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00208", "scoring_system": "epss", "scoring_elements": "0.43245", "published_at": "2026-06-11T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2023-29541" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0547", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0547" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1945", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1945" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1999", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1999" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-28427", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-28427" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29479", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29479" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29533", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29533" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29535", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29535" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29536", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29536" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29539", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29539" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29541", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29541" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29548", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29548" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29550", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29550" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2186106", "reference_id": "2186106", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2186106" }, { "reference_url": "https://security.gentoo.org/glsa/202305-35", "reference_id": "GLSA-202305-35", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202305-35" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-13", "reference_id": "mfsa2023-13", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-13" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2023-13/", "reference_id": "mfsa2023-13", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-10T19:08:52Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2023-13/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-14", "reference_id": "mfsa2023-14", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-14" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2023-14/", "reference_id": "mfsa2023-14", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-10T19:08:52Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2023-14/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-15", "reference_id": "mfsa2023-15", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-15" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2023-15/", "reference_id": "mfsa2023-15", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-10T19:08:52Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2023-15/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1785", "reference_id": "RHSA-2023:1785", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1785" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1786", "reference_id": "RHSA-2023:1786", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1786" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1787", "reference_id": "RHSA-2023:1787", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1787" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1788", "reference_id": "RHSA-2023:1788", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1788" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1789", "reference_id": "RHSA-2023:1789", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1789" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1790", "reference_id": "RHSA-2023:1790", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1790" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1791", "reference_id": "RHSA-2023:1791", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1791" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1792", "reference_id": "RHSA-2023:1792", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1792" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1802", "reference_id": "RHSA-2023:1802", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1802" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1803", "reference_id": "RHSA-2023:1803", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1803" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1804", "reference_id": "RHSA-2023:1804", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1804" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1805", "reference_id": "RHSA-2023:1805", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1805" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1806", "reference_id": "RHSA-2023:1806", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1806" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1809", "reference_id": "RHSA-2023:1809", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1809" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1810", "reference_id": "RHSA-2023:1810", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1810" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1811", "reference_id": "RHSA-2023:1811", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1811" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1810191", "reference_id": "show_bug.cgi?id=1810191", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-10T19:08:52Z/" } ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1810191" }, { "reference_url": "https://usn.ubuntu.com/6010-1/", "reference_id": "USN-6010-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6010-1/" }, { "reference_url": "https://usn.ubuntu.com/6015-1/", "reference_id": "USN-6015-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6015-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/4690?format=api", "purl": "pkg:ebuild/www-client/firefox@102.10.0", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox@102.10.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/4691?format=api", "purl": "pkg:ebuild/www-client/firefox@112.0", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox@112.0" } ], "aliases": [ "CVE-2023-29541" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-t7zm-9zeh-g3gq" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/140848?format=api", "vulnerability_id": "VCID-u7xy-htj7-cfcz", "summary": "An attacker could cause the memory manager to incorrectly free a pointer that addresses attacker-controlled memory, resulting in an assertion, memory corruption, or a potentially exploitable crash. This vulnerability affects Firefox < 112, Focus for Android < 112, Firefox ESR < 102.10, Firefox for Android < 112, and Thunderbird < 102.10.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-29536.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-29536.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2023-29536", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00198", "scoring_system": "epss", "scoring_elements": "0.4175", "published_at": "2026-06-11T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2023-29536" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0547", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0547" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1945", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1945" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1999", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1999" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-28427", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-28427" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29479", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29479" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29533", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29533" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29535", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29535" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29536", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29536" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29539", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29539" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29541", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29541" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29548", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29548" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29550", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29550" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2186104", "reference_id": "2186104", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2186104" }, { "reference_url": "https://security.gentoo.org/glsa/202305-35", "reference_id": "GLSA-202305-35", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202305-35" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-13", "reference_id": "mfsa2023-13", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-13" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2023-13/", "reference_id": "mfsa2023-13", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-01-09T15:50:03Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2023-13/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-14", "reference_id": "mfsa2023-14", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-14" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2023-14/", "reference_id": "mfsa2023-14", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-01-09T15:50:03Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2023-14/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-15", "reference_id": "mfsa2023-15", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-15" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2023-15/", "reference_id": "mfsa2023-15", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-01-09T15:50:03Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2023-15/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1785", "reference_id": "RHSA-2023:1785", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1785" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1786", "reference_id": "RHSA-2023:1786", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1786" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1787", "reference_id": "RHSA-2023:1787", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1787" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1788", "reference_id": "RHSA-2023:1788", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1788" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1789", "reference_id": "RHSA-2023:1789", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1789" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1790", "reference_id": "RHSA-2023:1790", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1790" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1791", "reference_id": "RHSA-2023:1791", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1791" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1792", "reference_id": "RHSA-2023:1792", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1792" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1802", "reference_id": "RHSA-2023:1802", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1802" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1803", "reference_id": "RHSA-2023:1803", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1803" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1804", "reference_id": "RHSA-2023:1804", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1804" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1805", "reference_id": "RHSA-2023:1805", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1805" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1806", "reference_id": "RHSA-2023:1806", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1806" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1809", "reference_id": "RHSA-2023:1809", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1809" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1810", "reference_id": "RHSA-2023:1810", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1810" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1811", "reference_id": "RHSA-2023:1811", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1811" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1821959", "reference_id": "show_bug.cgi?id=1821959", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-01-09T15:50:03Z/" } ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1821959" }, { "reference_url": "https://usn.ubuntu.com/6010-1/", "reference_id": "USN-6010-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6010-1/" }, { "reference_url": "https://usn.ubuntu.com/6015-1/", "reference_id": "USN-6015-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6015-1/" }, { "reference_url": "https://usn.ubuntu.com/6120-1/", "reference_id": "USN-6120-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6120-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/4690?format=api", "purl": "pkg:ebuild/www-client/firefox@102.10.0", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox@102.10.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/4691?format=api", "purl": "pkg:ebuild/www-client/firefox@112.0", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox@112.0" } ], "aliases": [ "CVE-2023-29536" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-u7xy-htj7-cfcz" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/134698?format=api", "vulnerability_id": "VCID-unhm-9kau-juf9", "summary": "While implementing AudioWorklets, some code may have casted one type to another, invalid, dynamic type. This could have led to a potentially exploitable crash. This vulnerability affects Firefox < 111, Firefox ESR < 102.9, and Thunderbird < 102.9.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-28162.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-28162.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2023-28162", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00131", "scoring_system": "epss", "scoring_elements": "0.32227", "published_at": "2026-06-11T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2023-28162" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25751", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25751" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25752", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25752" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-28162", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-28162" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-28164", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-28164" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-28176", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-28176" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2178466", "reference_id": "2178466", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2178466" }, { "reference_url": "https://security.gentoo.org/glsa/202305-35", "reference_id": "GLSA-202305-35", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202305-35" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-09", "reference_id": "mfsa2023-09", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-09" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2023-09/", "reference_id": "mfsa2023-09", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2025-01-09T15:25:38Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2023-09/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-10", "reference_id": "mfsa2023-10", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-10" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2023-10/", "reference_id": "mfsa2023-10", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2025-01-09T15:25:38Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2023-10/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-11", "reference_id": "mfsa2023-11", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-11" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2023-11/", "reference_id": "mfsa2023-11", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2025-01-09T15:25:38Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2023-11/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1333", "reference_id": "RHSA-2023:1333", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1333" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1336", "reference_id": "RHSA-2023:1336", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1336" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1337", "reference_id": "RHSA-2023:1337", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1337" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1364", "reference_id": "RHSA-2023:1364", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1364" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1367", "reference_id": "RHSA-2023:1367", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1367" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1401", "reference_id": "RHSA-2023:1401", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1401" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1402", "reference_id": "RHSA-2023:1402", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1402" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1403", "reference_id": "RHSA-2023:1403", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1403" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1404", "reference_id": "RHSA-2023:1404", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1404" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1407", "reference_id": "RHSA-2023:1407", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1407" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1442", "reference_id": "RHSA-2023:1442", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1442" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1443", "reference_id": "RHSA-2023:1443", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1443" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1444", "reference_id": "RHSA-2023:1444", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1444" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1445", "reference_id": "RHSA-2023:1445", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1445" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1472", "reference_id": "RHSA-2023:1472", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1472" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1479", "reference_id": "RHSA-2023:1479", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1479" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1811327", "reference_id": "show_bug.cgi?id=1811327", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2025-01-09T15:25:38Z/" } ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1811327" }, { "reference_url": "https://usn.ubuntu.com/5954-1/", "reference_id": "USN-5954-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5954-1/" }, { "reference_url": "https://usn.ubuntu.com/5972-1/", "reference_id": "USN-5972-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5972-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/4690?format=api", "purl": "pkg:ebuild/www-client/firefox@102.10.0", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox@102.10.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/4691?format=api", "purl": "pkg:ebuild/www-client/firefox@112.0", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox@112.0" } ], "aliases": [ "CVE-2023-28162" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-unhm-9kau-juf9" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/140676?format=api", "vulnerability_id": "VCID-vw9e-8jp4-c7fp", "summary": "An attacker could have caused memory corruption and a potentially exploitable use-after-free of a pointer in a global object's debugger vector. This vulnerability affects Firefox for Android < 112, Firefox < 112, and Focus for Android < 112.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2023-29543", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00309", "scoring_system": "epss", "scoring_elements": "0.54486", "published_at": "2026-06-11T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2023-29543" }, { "reference_url": "https://security.gentoo.org/glsa/202305-35", "reference_id": "GLSA-202305-35", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202305-35" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-13", "reference_id": "mfsa2023-13", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-13" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2023-13/", "reference_id": "mfsa2023-13", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-10T19:10:59Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2023-13/" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1816158", "reference_id": "show_bug.cgi?id=1816158", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-10T19:10:59Z/" } ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1816158" }, { "reference_url": "https://usn.ubuntu.com/6010-1/", "reference_id": "USN-6010-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6010-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/4690?format=api", "purl": "pkg:ebuild/www-client/firefox@102.10.0", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox@102.10.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/4691?format=api", "purl": "pkg:ebuild/www-client/firefox@112.0", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox@112.0" } ], "aliases": [ "CVE-2023-29543" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-vw9e-8jp4-c7fp" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/129058?format=api", "vulnerability_id": "VCID-xwzt-tr6t-zba9", "summary": "A background script invoking <code>requestFullscreen</code> and then blocking the main thread could force the browser into fullscreen mode indefinitely, resulting in potential user confusion or spoofing attacks. This vulnerability affects Firefox < 110, Thunderbird < 102.8, and Firefox ESR < 102.8.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-25730.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-25730.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2023-25730", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00106", "scoring_system": "epss", "scoring_elements": "0.28345", "published_at": "2026-06-11T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2023-25730" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-46871", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-46871" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-46877", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-46877" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0430", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0430" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0616", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0616" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0767", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0767" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-23598", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-23598" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-23601", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-23601" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-23602", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-23602" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-23603", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-23603" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-23605", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-23605" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25728", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25728" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25729", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25729" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25730", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25730" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25732", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25732" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25735", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25735" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25737", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25737" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25739", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25739" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25742", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25742" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25744", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25744" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25746", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25746" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2170375", "reference_id": "2170375", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2170375" }, { "reference_url": "https://security.gentoo.org/glsa/202305-35", "reference_id": "GLSA-202305-35", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202305-35" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-05", "reference_id": "mfsa2023-05", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-05" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2023-05/", "reference_id": "mfsa2023-05", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-10T17:32:33Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2023-05/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-06", "reference_id": "mfsa2023-06", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-06" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2023-06/", "reference_id": "mfsa2023-06", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-10T17:32:33Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2023-06/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-07", "reference_id": "mfsa2023-07", "reference_type": "", "scores": [ { "value": "low", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-07" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2023-07/", "reference_id": "mfsa2023-07", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-10T17:32:33Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2023-07/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:0805", "reference_id": "RHSA-2023:0805", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:0805" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:0806", "reference_id": "RHSA-2023:0806", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:0806" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:0807", "reference_id": "RHSA-2023:0807", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:0807" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:0808", "reference_id": "RHSA-2023:0808", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:0808" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:0809", "reference_id": "RHSA-2023:0809", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:0809" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:0810", "reference_id": "RHSA-2023:0810", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:0810" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:0811", "reference_id": "RHSA-2023:0811", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:0811" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:0812", "reference_id": "RHSA-2023:0812", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:0812" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:0817", "reference_id": "RHSA-2023:0817", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:0817" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:0818", "reference_id": "RHSA-2023:0818", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:0818" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:0819", "reference_id": "RHSA-2023:0819", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:0819" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:0820", "reference_id": "RHSA-2023:0820", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:0820" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:0821", "reference_id": "RHSA-2023:0821", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:0821" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:0822", "reference_id": "RHSA-2023:0822", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:0822" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:0823", "reference_id": "RHSA-2023:0823", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:0823" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:0824", "reference_id": "RHSA-2023:0824", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:0824" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1794622", "reference_id": "show_bug.cgi?id=1794622", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-10T17:32:33Z/" } ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1794622" }, { "reference_url": "https://usn.ubuntu.com/5880-1/", "reference_id": "USN-5880-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5880-1/" }, { "reference_url": "https://usn.ubuntu.com/5943-1/", "reference_id": "USN-5943-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5943-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/4690?format=api", "purl": "pkg:ebuild/www-client/firefox@102.10.0", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox@102.10.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/4691?format=api", "purl": "pkg:ebuild/www-client/firefox@112.0", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox@112.0" } ], "aliases": [ "CVE-2023-25730" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-xwzt-tr6t-zba9" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/128932?format=api", "vulnerability_id": "VCID-y581-pn7t-g7cj", "summary": "Sometimes, when invalidating JIT code while following an iterator, the newly generated code could be overwritten incorrectly. This could lead to a potentially exploitable crash. This vulnerability affects Firefox < 111, Firefox ESR < 102.9, and Thunderbird < 102.9.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-25751.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-25751.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2023-25751", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00115", "scoring_system": "epss", "scoring_elements": "0.29797", "published_at": "2026-06-11T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2023-25751" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25751", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25751" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25752", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25752" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-28162", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-28162" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-28164", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-28164" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-28176", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-28176" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2178458", "reference_id": "2178458", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2178458" }, { "reference_url": "https://security.gentoo.org/glsa/202305-35", "reference_id": "GLSA-202305-35", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202305-35" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-09", "reference_id": "mfsa2023-09", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-09" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2023-09/", "reference_id": "mfsa2023-09", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-09T16:09:17Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2023-09/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-10", "reference_id": "mfsa2023-10", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-10" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2023-10/", "reference_id": "mfsa2023-10", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-09T16:09:17Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2023-10/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-11", "reference_id": "mfsa2023-11", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-11" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2023-11/", "reference_id": "mfsa2023-11", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-09T16:09:17Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2023-11/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1333", "reference_id": "RHSA-2023:1333", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1333" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1336", "reference_id": "RHSA-2023:1336", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1336" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1337", "reference_id": "RHSA-2023:1337", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1337" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1364", "reference_id": "RHSA-2023:1364", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1364" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1367", "reference_id": "RHSA-2023:1367", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1367" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1401", "reference_id": "RHSA-2023:1401", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1401" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1402", "reference_id": "RHSA-2023:1402", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1402" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1403", "reference_id": "RHSA-2023:1403", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1403" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1404", "reference_id": "RHSA-2023:1404", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1404" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1407", "reference_id": "RHSA-2023:1407", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1407" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1442", "reference_id": "RHSA-2023:1442", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1442" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1443", "reference_id": "RHSA-2023:1443", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1443" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1444", "reference_id": "RHSA-2023:1444", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1444" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1445", "reference_id": "RHSA-2023:1445", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1445" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1472", "reference_id": "RHSA-2023:1472", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1472" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1479", "reference_id": "RHSA-2023:1479", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1479" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1814899", "reference_id": "show_bug.cgi?id=1814899", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-09T16:09:17Z/" } ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1814899" }, { "reference_url": "https://usn.ubuntu.com/5954-1/", "reference_id": "USN-5954-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5954-1/" }, { "reference_url": "https://usn.ubuntu.com/5972-1/", "reference_id": "USN-5972-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5972-1/" }, { "reference_url": "https://usn.ubuntu.com/6120-1/", "reference_id": "USN-6120-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6120-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/4690?format=api", "purl": "pkg:ebuild/www-client/firefox@102.10.0", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox@102.10.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/4691?format=api", "purl": "pkg:ebuild/www-client/firefox@112.0", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox@112.0" } ], "aliases": [ "CVE-2023-25751" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-y581-pn7t-g7cj" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/129317?format=api", "vulnerability_id": "VCID-yaww-5w4k-xbby", "summary": "Android applications with unpatched vulnerabilities can be launched from a browser using Intents, exposing users to these vulnerabilities. Firefox will now confirm with users that they want to launch an external application before doing so. <br>*This bug only affects Firefox for Android. Other versions of Firefox are unaffected.*. This vulnerability affects Firefox < 111.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2023-25749", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0025", "scoring_system": "epss", "scoring_elements": "0.48515", "published_at": "2026-06-11T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2023-25749" }, { "reference_url": "https://security.gentoo.org/glsa/202305-35", "reference_id": "GLSA-202305-35", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202305-35" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-09", "reference_id": "mfsa2023-09", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-09" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2023-09/", "reference_id": "mfsa2023-09", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-09T18:54:51Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2023-09/" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1810705", "reference_id": "show_bug.cgi?id=1810705", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-09T18:54:51Z/" } ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1810705" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/4690?format=api", "purl": "pkg:ebuild/www-client/firefox@102.10.0", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox@102.10.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/4691?format=api", "purl": "pkg:ebuild/www-client/firefox@112.0", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox@112.0" } ], "aliases": [ "CVE-2023-25749" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-yaww-5w4k-xbby" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/140458?format=api", "vulnerability_id": "VCID-yg43-1zhw-hbhh", "summary": "Under certain circumstances, a call to the <code>bind</code> function may have resulted in the incorrect realm. This may have created a vulnerability relating to JavaScript-implemented sandboxes such as SES. This vulnerability affects Firefox for Android < 112, Firefox < 112, and Focus for Android < 112.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2023-29549", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00187", "scoring_system": "epss", "scoring_elements": "0.40394", "published_at": "2026-06-11T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2023-29549" }, { "reference_url": "https://security.gentoo.org/glsa/202305-35", "reference_id": "GLSA-202305-35", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202305-35" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-13", "reference_id": "mfsa2023-13", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-13" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2023-13/", "reference_id": "mfsa2023-13", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-10T19:17:27Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2023-13/" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1823042", "reference_id": "show_bug.cgi?id=1823042", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-10T19:17:27Z/" } ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1823042" }, { "reference_url": "https://usn.ubuntu.com/6010-1/", "reference_id": "USN-6010-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6010-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/4690?format=api", "purl": "pkg:ebuild/www-client/firefox@102.10.0", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox@102.10.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/4691?format=api", "purl": "pkg:ebuild/www-client/firefox@112.0", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox@112.0" } ], "aliases": [ "CVE-2023-29549" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-yg43-1zhw-hbhh" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/134633?format=api", "vulnerability_id": "VCID-ztv2-2eb6-1ubm", "summary": "When downloading files through the Save As dialog on Windows with suggested filenames containing environment variable names, Windows would have resolved those in the context of the current user. <br>*This bug only affects Firefox on Windows. Other versions of Firefox are unaffected.*. This vulnerability affects Firefox < 111, Firefox ESR < 102.9, and Thunderbird < 102.9.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-28163.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-28163.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2023-28163", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00139", "scoring_system": "epss", "scoring_elements": "0.33714", "published_at": "2026-06-11T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2023-28163" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2178468", "reference_id": "2178468", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2178468" }, { "reference_url": "https://security.gentoo.org/glsa/202305-35", "reference_id": "GLSA-202305-35", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202305-35" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-09", "reference_id": "mfsa2023-09", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-09" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2023-09/", "reference_id": "mfsa2023-09", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-09T15:17:13Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2023-09/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-10", "reference_id": "mfsa2023-10", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-10" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2023-10/", "reference_id": "mfsa2023-10", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-09T15:17:13Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2023-10/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-11", "reference_id": "mfsa2023-11", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-11" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2023-11/", "reference_id": "mfsa2023-11", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-09T15:17:13Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2023-11/" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1817768", "reference_id": "show_bug.cgi?id=1817768", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-09T15:17:13Z/" } ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1817768" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/4690?format=api", "purl": "pkg:ebuild/www-client/firefox@102.10.0", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox@102.10.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/4691?format=api", "purl": "pkg:ebuild/www-client/firefox@112.0", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox@112.0" } ], "aliases": [ "CVE-2023-28163" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-ztv2-2eb6-1ubm" } ], "risk_score": null, "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox@102.10.0" }