{"url":"http://public2.vulnerablecode.io/api/packages/524180?format=json","purl":"pkg:apk/alpine/firefox-esr@115.2.1-r0?arch=x86&distroversion=v3.20&reponame=community","type":"apk","namespace":"alpine","name":"firefox-esr","version":"115.2.1-r0","qualifiers":{"arch":"x86","distroversion":"v3.20","reponame":"community"},"subpath":"","is_vulnerable":false,"next_non_vulnerable_version":"115.3.0-r0","latest_non_vulnerable_version":"115.17.0-r0","affected_by_vulnerabilities":[],"fixing_vulnerabilities":[{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/18987?format=json","vulnerability_id":"VCID-vdzj-kqfy-d3b7","summary":"libwebp: OOB write in BuildHuffmanTable\nHeap buffer overflow in libwebp allow a remote attacker to perform an out of bounds memory write via a crafted HTML page.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-4863.json","reference_id":"","reference_type":"","scores":[{"value":"9.6","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-4863.json"},{"reference_url":"https://adamcaudill.com/2023/09/14/whose-cve-is-it-anyway","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://adamcaudill.com/2023/09/14/whose-cve-is-it-anyway"},{"reference_url":"https://adamcaudill.com/2023/09/14/whose-cve-is-it-anyway/","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2023-11-28T05:00:18Z/"}],"url":"https://adamcaudill.com/2023/09/14/whose-cve-is-it-anyway/"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2023-4863","reference_id":"","reference_type":"","scores":[{"value":"0.93606","scoring_system":"epss","scoring_elements":"0.99836","published_at":"2026-04-13T12:55:00Z"},{"value":"0.93606","scoring_system":"epss","scoring_elements":"0.99837","published_at":"2026-04-18T12:55:00Z"},{"value":"0.93606","scoring_system":"epss","scoring_elements":"0.99835","published_at":"2026-04-07T12:55:00Z"},{"value":"0.94083","scoring_system":"epss","scoring_elements":"0.99907","published_at":"2026-04-29T12:55:00Z"},{"value":"0.94083","scoring_system":"epss","scoring_elements":"0.99905","published_at":"2026-04-12T12:55:00Z"},{"value":"0.94117","scoring_system":"epss","scoring_elements":"0.99909","published_at":"2026-04-04T12:55:00Z"},{"value":"0.94117","scoring_system":"epss","scoring_elements":"0.9991","published_at":"2026-04-02T12:55:00Z"},{"value":"0.94117","scoring_system":"epss","scoring_elements":"0.99911","published_at":"2026-04-21T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2023-4863"},{"reference_url":"https://blog.isosceles.com/the-webp-0day","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://blog.isosceles.com/the-webp-0day"},{"reference_url":"https://bugzilla.suse.com/show_bug.cgi?id=1215231","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2023-11-28T05:00:18Z/"}],"url":"https://bugzilla.suse.com/show_bug.cgi?id=1215231"},{"reference_url":"https://chromereleases.googleblog.com/2023/09/stable-channel-update-for-desktop_11.html","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2023-11-28T05:00:18Z/"}],"url":"https://chromereleases.googleblog.com/2023/09/stable-channel-update-for-desktop_11.html"},{"reference_url":"https://crbug.com/1479274","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2023-11-28T05:00:18Z/"}],"url":"https://crbug.com/1479274"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-4863","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-4863"},{"reference_url":"https://en.bandisoft.com/honeyview/history","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://en.bandisoft.com/honeyview/history"},{"reference_url":"https://en.bandisoft.com/honeyview/history/","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2023-11-28T05:00:18Z/"}],"url":"https://en.bandisoft.com/honeyview/history/"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://github.com/dlemstra/Magick.NET/releases/tag/13.3.0","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/dlemstra/Magick.NET/releases/tag/13.3.0"},{"reference_url":"https://github.com/electron/electron/pull/39823","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/electron/electron/pull/39823"},{"reference_url":"https://github.com/electron/electron/pull/39825","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/electron/electron/pull/39825"},{"reference_url":"https://github.com/electron/electron/pull/39826","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/electron/electron/pull/39826"},{"reference_url":"https://github.com/electron/electron/pull/39827","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/electron/electron/pull/39827"},{"reference_url":"https://github.com/electron/electron/pull/39828","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/electron/electron/pull/39828"},{"reference_url":"https://github.com/ImageMagick/ImageMagick/discussions/6664","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/ImageMagick/ImageMagick/discussions/6664"},{"reference_url":"https://github.com/jaredforth/webp/commit/9d4c56e63abecc777df71c702503c3eaabd7dcbc","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/jaredforth/webp/commit/9d4c56e63abecc777df71c702503c3eaabd7dcbc"},{"reference_url":"https://github.com/jaredforth/webp/pull/30","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/jaredforth/webp/pull/30"},{"reference_url":"https://github.com/python-pillow/Pillow/pull/7395","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/python-pillow/Pillow/pull/7395"},{"reference_url":"https://github.com/qnighy/libwebp-sys2-rs/commit/4560c473a76ec8bd8c650f19ddf9d7a44f719f8b","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/qnighy/libwebp-sys2-rs/commit/4560c473a76ec8bd8c650f19ddf9d7a44f719f8b"},{"reference_url":"https://github.com/qnighy/libwebp-sys2-rs/pull/21","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/qnighy/libwebp-sys2-rs/pull/21"},{"reference_url":"https://github.com/webmproject/libwebp","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/webmproject/libwebp"},{"reference_url":"https://github.com/webmproject/libwebp/commit/902bc9190331343b2017211debcec8d2ab87e17a","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2023-11-28T05:00:18Z/"}],"url":"https://github.com/webmproject/libwebp/commit/902bc9190331343b2017211debcec8d2ab87e17a"},{"reference_url":"https://github.com/webmproject/libwebp/releases/tag/v1.3.2","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2023-11-28T05:00:18Z/"}],"url":"https://github.com/webmproject/libwebp/releases/tag/v1.3.2"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2023/09/msg00015.html","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2023-11-28T05:00:18Z/"}],"url":"https://lists.debian.org/debian-lts-announce/2023/09/msg00015.html"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2023/09/msg00016.html","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2023-11-28T05:00:18Z/"}],"url":"https://lists.debian.org/debian-lts-announce/2023/09/msg00016.html"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2023/09/msg00017.html","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2023-11-28T05:00:18Z/"}],"url":"https://lists.debian.org/debian-lts-announce/2023/09/msg00017.html"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T655QF7CQ3DYAMPFV7IECQYGDEUIVVT","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T655QF7CQ3DYAMPFV7IECQYGDEUIVVT"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T655QF7CQ3DYAMPFV7IECQYGDEUIVVT/","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2023-11-28T05:00:18Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T655QF7CQ3DYAMPFV7IECQYGDEUIVVT/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FYYKLG6CRGEDTNRBSU26EEWAO6D6U645","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FYYKLG6CRGEDTNRBSU26EEWAO6D6U645"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FYYKLG6CRGEDTNRBSU26EEWAO6D6U645/","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2023-11-28T05:00:18Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FYYKLG6CRGEDTNRBSU26EEWAO6D6U645/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KUQ7CTX3W372X3UY56VVNAHCH6H2F4X3","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KUQ7CTX3W372X3UY56VVNAHCH6H2F4X3"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OZDGWWMJREPAGKWCJKSCM4WYLANSKIFX","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OZDGWWMJREPAGKWCJKSCM4WYLANSKIFX"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OZDGWWMJREPAGKWCJKSCM4WYLANSKIFX/","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2023-11-28T05:00:18Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OZDGWWMJREPAGKWCJKSCM4WYLANSKIFX/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PYZV7TMKF4QHZ54SFJX54BDN52VHGGCX","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PYZV7TMKF4QHZ54SFJX54BDN52VHGGCX"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PYZV7TMKF4QHZ54SFJX54BDN52VHGGCX/","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2023-11-28T05:00:18Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PYZV7TMKF4QHZ54SFJX54BDN52VHGGCX/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WHOLML7N2G5KCAZXFWC5IDFFHSQS5SDB","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WHOLML7N2G5KCAZXFWC5IDFFHSQS5SDB"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WHOLML7N2G5KCAZXFWC5IDFFHSQS5SDB/","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2023-11-28T05:00:18Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WHOLML7N2G5KCAZXFWC5IDFFHSQS5SDB/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WTRUIS3564P7ZLM2S2IH4Y4KZ327LI4I","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WTRUIS3564P7ZLM2S2IH4Y4KZ327LI4I"},{"reference_url":"https://news.ycombinator.com/item?id=37478403","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2023-11-28T05:00:18Z/"}],"url":"https://news.ycombinator.com/item?id=37478403"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2023-4863","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2023-4863"},{"reference_url":"https://pillow.readthedocs.io/en/stable/releasenotes/10.0.1.html#security","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://pillow.readthedocs.io/en/stable/releasenotes/10.0.1.html#security"},{"reference_url":"https://rustsec.org/advisories/RUSTSEC-2023-0060.html","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://rustsec.org/advisories/RUSTSEC-2023-0060.html"},{"reference_url":"https://rustsec.org/advisories/RUSTSEC-2023-0061.html","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://rustsec.org/advisories/RUSTSEC-2023-0061.html"},{"reference_url":"https://security.gentoo.org/glsa/202309-05","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2023-11-28T05:00:18Z/"}],"url":"https://security.gentoo.org/glsa/202309-05"},{"reference_url":"https://security.gentoo.org/glsa/202401-10","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2023-11-28T05:00:18Z/"}],"url":"https://security.gentoo.org/glsa/202401-10"},{"reference_url":"https://security.netapp.com/advisory/ntap-20230929-0011","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://security.netapp.com/advisory/ntap-20230929-0011"},{"reference_url":"https://sethmlarson.dev/security-developer-in-residence-weekly-report-16","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2023-11-28T05:00:18Z/"}],"url":"https://sethmlarson.dev/security-developer-in-residence-weekly-report-16"},{"reference_url":"https://stackdiary.com/critical-vulnerability-in-webp-codec-cve-2023-4863","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://stackdiary.com/critical-vulnerability-in-webp-codec-cve-2023-4863"},{"reference_url":"https://stackdiary.com/critical-vulnerability-in-webp-codec-cve-2023-4863/","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2023-11-28T05:00:18Z/"}],"url":"https://stackdiary.com/critical-vulnerability-in-webp-codec-cve-2023-4863/"},{"reference_url":"https://www.bentley.com/advisories/be-2023-0001","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.bentley.com/advisories/be-2023-0001"},{"reference_url":"https://www.bleepingcomputer.com/news/google/google-fixes-another-chrome-zero-day-bug-exploited-in-attacks","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.bleepingcomputer.com/news/google/google-fixes-another-chrome-zero-day-bug-exploited-in-attacks"},{"reference_url":"https://www.bleepingcomputer.com/news/google/google-fixes-another-chrome-zero-day-bug-exploited-in-attacks/","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2023-11-28T05:00:18Z/"}],"url":"https://www.bleepingcomputer.com/news/google/google-fixes-another-chrome-zero-day-bug-exploited-in-attacks/"},{"reference_url":"https://www.debian.org/security/2023/dsa-5496","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2023-11-28T05:00:18Z/"}],"url":"https://www.debian.org/security/2023/dsa-5496"},{"reference_url":"https://www.debian.org/security/2023/dsa-5497","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2023-11-28T05:00:18Z/"}],"url":"https://www.debian.org/security/2023/dsa-5497"},{"reference_url":"https://www.debian.org/security/2023/dsa-5498","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2023-11-28T05:00:18Z/"}],"url":"https://www.debian.org/security/2023/dsa-5498"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2023-40","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"critical","scoring_system":"generic_textual","scoring_elements":""},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2023-40"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2023-40/","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2023-11-28T05:00:18Z/"}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2023-40/"},{"reference_url":"https://www.vicarius.io/vsociety/posts/zero-day-webp-vulnerability-cve-2023-4863","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.vicarius.io/vsociety/posts/zero-day-webp-vulnerability-cve-2023-4863"},{"reference_url":"http://www.openwall.com/lists/oss-security/2023/09/21/4","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2023-11-28T05:00:18Z/"}],"url":"http://www.openwall.com/lists/oss-security/2023/09/21/4"},{"reference_url":"http://www.openwall.com/lists/oss-security/2023/09/22/1","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2023-11-28T05:00:18Z/"}],"url":"http://www.openwall.com/lists/oss-security/2023/09/22/1"},{"reference_url":"http://www.openwall.com/lists/oss-security/2023/09/22/3","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2023-11-28T05:00:18Z/"}],"url":"http://www.openwall.com/lists/oss-security/2023/09/22/3"},{"reference_url":"http://www.openwall.com/lists/oss-security/2023/09/22/4","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2023-11-28T05:00:18Z/"}],"url":"http://www.openwall.com/lists/oss-security/2023/09/22/4"},{"reference_url":"http://www.openwall.com/lists/oss-security/2023/09/22/5","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2023-11-28T05:00:18Z/"}],"url":"http://www.openwall.com/lists/oss-security/2023/09/22/5"},{"reference_url":"http://www.openwall.com/lists/oss-security/2023/09/22/6","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2023-11-28T05:00:18Z/"}],"url":"http://www.openwall.com/lists/oss-security/2023/09/22/6"},{"reference_url":"http://www.openwall.com/lists/oss-security/2023/09/22/7","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2023-11-28T05:00:18Z/"}],"url":"http://www.openwall.com/lists/oss-security/2023/09/22/7"},{"reference_url":"http://www.openwall.com/lists/oss-security/2023/09/22/8","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2023-11-28T05:00:18Z/"}],"url":"http://www.openwall.com/lists/oss-security/2023/09/22/8"},{"reference_url":"http://www.openwall.com/lists/oss-security/2023/09/26/1","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2023-11-28T05:00:18Z/"}],"url":"http://www.openwall.com/lists/oss-security/2023/09/26/1"},{"reference_url":"http://www.openwall.com/lists/oss-security/2023/09/26/7","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2023-11-28T05:00:18Z/"}],"url":"http://www.openwall.com/lists/oss-security/2023/09/26/7"},{"reference_url":"http://www.openwall.com/lists/oss-security/2023/09/28/1","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2023-11-28T05:00:18Z/"}],"url":"http://www.openwall.com/lists/oss-security/2023/09/28/1"},{"reference_url":"http://www.openwall.com/lists/oss-security/2023/09/28/2","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2023-11-28T05:00:18Z/"}],"url":"http://www.openwall.com/lists/oss-security/2023/09/28/2"},{"reference_url":"http://www.openwall.com/lists/oss-security/2023/09/28/4","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2023-11-28T05:00:18Z/"}],"url":"http://www.openwall.com/lists/oss-security/2023/09/28/4"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1051787","reference_id":"1051787","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1051787"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2238431","reference_id":"2238431","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2238431"},{"reference_url":"https://www.bentley.com/advisories/be-2023-0001/","reference_id":"be-2023-0001","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2023-11-28T05:00:18Z/"}],"url":"https://www.bentley.com/advisories/be-2023-0001/"},{"reference_url":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-4863","reference_id":"CVE-2023-4863","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2023-11-28T05:00:18Z/"}],"url":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-4863"},{"reference_url":"https://security-tracker.debian.org/tracker/CVE-2023-4863","reference_id":"CVE-2023-4863","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2023-11-28T05:00:18Z/"}],"url":"https://security-tracker.debian.org/tracker/CVE-2023-4863"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KUQ7CTX3W372X3UY56VVNAHCH6H2F4X3/","reference_id":"KUQ7CTX3W372X3UY56VVNAHCH6H2F4X3","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2023-11-28T05:00:18Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KUQ7CTX3W372X3UY56VVNAHCH6H2F4X3/"},{"reference_url":"https://security.netapp.com/advisory/ntap-20230929-0011/","reference_id":"ntap-20230929-0011","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2023-11-28T05:00:18Z/"}],"url":"https://security.netapp.com/advisory/ntap-20230929-0011/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:5183","reference_id":"RHSA-2023:5183","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:5183"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:5184","reference_id":"RHSA-2023:5184","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:5184"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:5185","reference_id":"RHSA-2023:5185","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:5185"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:5186","reference_id":"RHSA-2023:5186","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:5186"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:5187","reference_id":"RHSA-2023:5187","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:5187"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:5188","reference_id":"RHSA-2023:5188","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:5188"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:5189","reference_id":"RHSA-2023:5189","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:5189"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:5190","reference_id":"RHSA-2023:5190","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:5190"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:5191","reference_id":"RHSA-2023:5191","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:5191"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:5192","reference_id":"RHSA-2023:5192","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:5192"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:5197","reference_id":"RHSA-2023:5197","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:5197"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:5198","reference_id":"RHSA-2023:5198","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:5198"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:5200","reference_id":"RHSA-2023:5200","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:5200"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:5201","reference_id":"RHSA-2023:5201","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:5201"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:5202","reference_id":"RHSA-2023:5202","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:5202"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:5204","reference_id":"RHSA-2023:5204","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:5204"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:5205","reference_id":"RHSA-2023:5205","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:5205"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:5214","reference_id":"RHSA-2023:5214","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:5214"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:5222","reference_id":"RHSA-2023:5222","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:5222"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:5223","reference_id":"RHSA-2023:5223","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:5223"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:5224","reference_id":"RHSA-2023:5224","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:5224"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:5236","reference_id":"RHSA-2023:5236","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:5236"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:5309","reference_id":"RHSA-2023:5309","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:5309"},{"reference_url":"https://usn.ubuntu.com/6367-1/","reference_id":"USN-6367-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6367-1/"},{"reference_url":"https://usn.ubuntu.com/6368-1/","reference_id":"USN-6368-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6368-1/"},{"reference_url":"https://usn.ubuntu.com/6369-1/","reference_id":"USN-6369-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6369-1/"},{"reference_url":"https://usn.ubuntu.com/6369-2/","reference_id":"USN-6369-2","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6369-2/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/524180?format=json","purl":"pkg:apk/alpine/firefox-esr@115.2.1-r0?arch=x86&distroversion=v3.20&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/firefox-esr@115.2.1-r0%3Farch=x86&distroversion=v3.20&reponame=community"}],"aliases":["CVE-2023-4863","GHSA-j7hp-h8jx-5ppr"],"risk_score":10.0,"exploitability":"2.0","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-vdzj-kqfy-d3b7"}],"risk_score":null,"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/firefox-esr@115.2.1-r0%3Farch=x86&distroversion=v3.20&reponame=community"}