Django REST framework

Lookup for vulnerable packages by Package URL.

Purl pkg:deb/debian/firefox@138.0-1?distro=sid

Type deb

Namespace debian

Name firefox

Version 138.0-1

Qualifiers

distro	sid

Subpath

Is_vulnerable false

Next_non_vulnerable_version 138.0.4-1

Latest_non_vulnerable_version 150.0.1-1

Affected_by_vulnerabilities

Fixing_vulnerabilities

url VCID-as4y-nhw6-akfx

vulnerability_id VCID-as4y-nhw6-akfx

summary A vulnerability was identified in Thunderbird where XPath parsing could trigger undefined behavior due to missing null checks during attribute access. This could lead to out-of-bounds read access and potentially, memory corruption.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-4087.json

reference_id

reference_type

scores

value	7.6
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-4087.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2025-4087

reference_id

reference_type

scores

value	0.00436
scoring_system	epss
scoring_elements	0.63084
published_at	2026-05-07T12:55:00Z

value	0.00436
scoring_system	epss
scoring_elements	0.63043
published_at	2026-04-09T12:55:00Z

value	0.00436
scoring_system	epss
scoring_elements	0.63046
published_at	2026-04-21T12:55:00Z

value	0.00436
scoring_system	epss
scoring_elements	0.63011
published_at	2026-04-04T12:55:00Z

value	0.00436
scoring_system	epss
scoring_elements	0.62976
published_at	2026-04-07T12:55:00Z

value	0.00436
scoring_system	epss
scoring_elements	0.63027
published_at	2026-04-08T12:55:00Z

value	0.00436
scoring_system	epss
scoring_elements	0.6306
published_at	2026-04-11T12:55:00Z

value	0.00436
scoring_system	epss
scoring_elements	0.62982
published_at	2026-04-02T12:55:00Z

value	0.00436
scoring_system	epss
scoring_elements	0.63037
published_at	2026-05-05T12:55:00Z

value	0.00436
scoring_system	epss
scoring_elements	0.6308
published_at	2026-04-29T12:55:00Z

value	0.00436
scoring_system	epss
scoring_elements	0.63081
published_at	2026-04-26T12:55:00Z

value	0.00436
scoring_system	epss
scoring_elements	0.63067
published_at	2026-04-24T12:55:00Z

value	0.00436
scoring_system	epss
scoring_elements	0.63068
published_at	2026-04-18T12:55:00Z

value	0.00436
scoring_system	epss
scoring_elements	0.63061
published_at	2026-04-16T12:55:00Z

value	0.00436
scoring_system	epss
scoring_elements	0.63024
published_at	2026-04-13T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2025-4087

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-4087
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-4087

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:L

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2362904
reference_id	2362904
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2362904

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2025-28

reference_id

mfsa2025-28

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2025-28

reference_url

https://www.mozilla.org/security/advisories/mfsa2025-28/

reference_id

mfsa2025-28

reference_type

scores

value	4.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-29T15:51:33Z/

url

https://www.mozilla.org/security/advisories/mfsa2025-28/

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2025-29

reference_id

mfsa2025-29

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2025-29

reference_url

https://www.mozilla.org/security/advisories/mfsa2025-29/

reference_id

mfsa2025-29

reference_type

scores

value	4.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-29T15:51:33Z/

url

https://www.mozilla.org/security/advisories/mfsa2025-29/

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2025-31

reference_id

mfsa2025-31

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2025-31

reference_url

https://www.mozilla.org/security/advisories/mfsa2025-31/

reference_id

mfsa2025-31

reference_type

scores

value	4.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-29T15:51:33Z/

url

https://www.mozilla.org/security/advisories/mfsa2025-31/

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2025-32

reference_id

mfsa2025-32

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2025-32

reference_url

https://www.mozilla.org/security/advisories/mfsa2025-32/

reference_id

mfsa2025-32

reference_type

scores

value	4.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-29T15:51:33Z/

url

https://www.mozilla.org/security/advisories/mfsa2025-32/

reference_url	https://access.redhat.com/errata/RHSA-2025:4443
reference_id	RHSA-2025:4443
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:4443

reference_url	https://access.redhat.com/errata/RHSA-2025:4458
reference_id	RHSA-2025:4458
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:4458

reference_url	https://access.redhat.com/errata/RHSA-2025:4460
reference_id	RHSA-2025:4460
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:4460

reference_url	https://access.redhat.com/errata/RHSA-2025:4751
reference_id	RHSA-2025:4751
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:4751

reference_url	https://access.redhat.com/errata/RHSA-2025:4752
reference_id	RHSA-2025:4752
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:4752

reference_url	https://access.redhat.com/errata/RHSA-2025:4753
reference_id	RHSA-2025:4753
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:4753

reference_url	https://access.redhat.com/errata/RHSA-2025:4756
reference_id	RHSA-2025:4756
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:4756

reference_url	https://access.redhat.com/errata/RHSA-2025:4797
reference_id	RHSA-2025:4797
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:4797

reference_url	https://access.redhat.com/errata/RHSA-2025:7428
reference_id	RHSA-2025:7428
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:7428

reference_url	https://access.redhat.com/errata/RHSA-2025:7506
reference_id	RHSA-2025:7506
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:7506

reference_url	https://access.redhat.com/errata/RHSA-2025:7507
reference_id	RHSA-2025:7507
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:7507

reference_url	https://access.redhat.com/errata/RHSA-2025:7543
reference_id	RHSA-2025:7543
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:7543

reference_url	https://access.redhat.com/errata/RHSA-2025:7544
reference_id	RHSA-2025:7544
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:7544

reference_url	https://access.redhat.com/errata/RHSA-2025:7545
reference_id	RHSA-2025:7545
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:7545

reference_url	https://access.redhat.com/errata/RHSA-2025:7547
reference_id	RHSA-2025:7547
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:7547

reference_url	https://access.redhat.com/errata/RHSA-2025:7689
reference_id	RHSA-2025:7689
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:7689

reference_url	https://access.redhat.com/errata/RHSA-2025:7690
reference_id	RHSA-2025:7690
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:7690

reference_url	https://access.redhat.com/errata/RHSA-2025:7691
reference_id	RHSA-2025:7691
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:7691

reference_url	https://access.redhat.com/errata/RHSA-2025:7692
reference_id	RHSA-2025:7692
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:7692

reference_url	https://access.redhat.com/errata/RHSA-2025:7693
reference_id	RHSA-2025:7693
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:7693

reference_url	https://access.redhat.com/errata/RHSA-2025:7694
reference_id	RHSA-2025:7694
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:7694

reference_url	https://access.redhat.com/errata/RHSA-2025:7695
reference_id	RHSA-2025:7695
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:7695

reference_url

https://bugzilla.mozilla.org/show_bug.cgi?id=1952465

reference_id

show_bug.cgi?id=1952465

reference_type

scores

value	4.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-29T15:51:33Z/

url

https://bugzilla.mozilla.org/show_bug.cgi?id=1952465

reference_url	https://usn.ubuntu.com/7663-1/
reference_id	USN-7663-1
reference_type
scores
url	https://usn.ubuntu.com/7663-1/

fixed_packages

url	pkg:deb/debian/firefox@150.0.2-1?distro=sid
purl	pkg:deb/debian/firefox@150.0.2-1?distro=sid
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@150.0.2-1%3Fdistro=sid

url	pkg:deb/debian/firefox@138.0-1?distro=sid
purl	pkg:deb/debian/firefox@138.0-1?distro=sid
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@138.0-1%3Fdistro=sid

url	pkg:deb/debian/firefox@149.0-1?distro=sid
purl	pkg:deb/debian/firefox@149.0-1?distro=sid
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0-1%3Fdistro=sid

url	pkg:deb/debian/firefox@149.0.2-1?distro=sid
purl	pkg:deb/debian/firefox@149.0.2-1?distro=sid
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0.2-1%3Fdistro=sid

url	pkg:deb/debian/firefox@150.0-1?distro=sid
purl	pkg:deb/debian/firefox@150.0-1?distro=sid
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@150.0-1%3Fdistro=sid

url	pkg:deb/debian/firefox@150.0.1-1?distro=sid
purl	pkg:deb/debian/firefox@150.0.1-1?distro=sid
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@150.0.1-1%3Fdistro=sid

aliases CVE-2025-4087

risk_score 4.0

exploitability 0.5

weighted_severity 8.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-as4y-nhw6-akfx

url VCID-b3rg-quvp-2uha

vulnerability_id VCID-b3rg-quvp-2uha

summary A process isolation vulnerability in Firefox stemmed from improper handling of javascript: URIs, which could allow content to execute in the top-level document's process instead of the intended frame, potentially enabling a sandbox escape.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-4083.json

reference_id

reference_type

scores

value	8.3
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:L

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-4083.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2025-4083

reference_id

reference_type

scores

value	0.00406
scoring_system	epss
scoring_elements	0.61092
published_at	2026-05-07T12:55:00Z

value	0.00406
scoring_system	epss
scoring_elements	0.61043
published_at	2026-05-05T12:55:00Z

value	0.00406
scoring_system	epss
scoring_elements	0.61017
published_at	2026-04-07T12:55:00Z

value	0.00406
scoring_system	epss
scoring_elements	0.61089
published_at	2026-04-24T12:55:00Z

value	0.00406
scoring_system	epss
scoring_elements	0.61102
published_at	2026-04-26T12:55:00Z

value	0.00406
scoring_system	epss
scoring_elements	0.61081
published_at	2026-04-09T12:55:00Z

value	0.00406
scoring_system	epss
scoring_elements	0.61065
published_at	2026-04-08T12:55:00Z

value	0.00406
scoring_system	epss
scoring_elements	0.61052
published_at	2026-04-04T12:55:00Z

value	0.00406
scoring_system	epss
scoring_elements	0.61023
published_at	2026-04-02T12:55:00Z

value	0.00406
scoring_system	epss
scoring_elements	0.61095
published_at	2026-04-29T12:55:00Z

value	0.00406
scoring_system	epss
scoring_elements	0.61101
published_at	2026-04-21T12:55:00Z

value	0.00406
scoring_system	epss
scoring_elements	0.61118
published_at	2026-04-18T12:55:00Z

value	0.00406
scoring_system	epss
scoring_elements	0.61111
published_at	2026-04-16T12:55:00Z

value	0.00406
scoring_system	epss
scoring_elements	0.61069
published_at	2026-04-13T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2025-4083

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-4083
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-4083

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2362907
reference_id	2362907
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2362907

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2025-28

reference_id

mfsa2025-28

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2025-28

reference_url

https://www.mozilla.org/security/advisories/mfsa2025-28/

reference_id

mfsa2025-28

reference_type

scores

value	9.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-04-30T13:43:47Z/

url

https://www.mozilla.org/security/advisories/mfsa2025-28/

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2025-29

reference_id

mfsa2025-29

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2025-29

reference_url

https://www.mozilla.org/security/advisories/mfsa2025-29/

reference_id

mfsa2025-29

reference_type

scores

value	9.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-04-30T13:43:47Z/

url

https://www.mozilla.org/security/advisories/mfsa2025-29/

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2025-30

reference_id

mfsa2025-30

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2025-30

reference_url

https://www.mozilla.org/security/advisories/mfsa2025-30/

reference_id

mfsa2025-30

reference_type

scores

value	9.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-04-30T13:43:47Z/

url

https://www.mozilla.org/security/advisories/mfsa2025-30/

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2025-31

reference_id

mfsa2025-31

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2025-31

reference_url

https://www.mozilla.org/security/advisories/mfsa2025-31/

reference_id

mfsa2025-31

reference_type

scores

value	9.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-04-30T13:43:47Z/

url

https://www.mozilla.org/security/advisories/mfsa2025-31/

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2025-32

reference_id

mfsa2025-32

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2025-32

reference_url

https://www.mozilla.org/security/advisories/mfsa2025-32/

reference_id

mfsa2025-32

reference_type

scores

value	9.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-04-30T13:43:47Z/

url

https://www.mozilla.org/security/advisories/mfsa2025-32/

reference_url	https://access.redhat.com/errata/RHSA-2025:4443
reference_id	RHSA-2025:4443
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:4443

reference_url	https://access.redhat.com/errata/RHSA-2025:4458
reference_id	RHSA-2025:4458
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:4458

reference_url	https://access.redhat.com/errata/RHSA-2025:4460
reference_id	RHSA-2025:4460
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:4460

reference_url	https://access.redhat.com/errata/RHSA-2025:4751
reference_id	RHSA-2025:4751
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:4751

reference_url	https://access.redhat.com/errata/RHSA-2025:4752
reference_id	RHSA-2025:4752
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:4752

reference_url	https://access.redhat.com/errata/RHSA-2025:4753
reference_id	RHSA-2025:4753
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:4753

reference_url	https://access.redhat.com/errata/RHSA-2025:4756
reference_id	RHSA-2025:4756
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:4756

reference_url	https://access.redhat.com/errata/RHSA-2025:4797
reference_id	RHSA-2025:4797
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:4797

reference_url	https://access.redhat.com/errata/RHSA-2025:7428
reference_id	RHSA-2025:7428
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:7428

reference_url	https://access.redhat.com/errata/RHSA-2025:7506
reference_id	RHSA-2025:7506
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:7506

reference_url	https://access.redhat.com/errata/RHSA-2025:7507
reference_id	RHSA-2025:7507
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:7507

reference_url	https://access.redhat.com/errata/RHSA-2025:7543
reference_id	RHSA-2025:7543
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:7543

reference_url	https://access.redhat.com/errata/RHSA-2025:7544
reference_id	RHSA-2025:7544
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:7544

reference_url	https://access.redhat.com/errata/RHSA-2025:7545
reference_id	RHSA-2025:7545
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:7545

reference_url	https://access.redhat.com/errata/RHSA-2025:7547
reference_id	RHSA-2025:7547
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:7547

reference_url	https://access.redhat.com/errata/RHSA-2025:7689
reference_id	RHSA-2025:7689
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:7689

reference_url	https://access.redhat.com/errata/RHSA-2025:7690
reference_id	RHSA-2025:7690
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:7690

reference_url	https://access.redhat.com/errata/RHSA-2025:7691
reference_id	RHSA-2025:7691
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:7691

reference_url	https://access.redhat.com/errata/RHSA-2025:7692
reference_id	RHSA-2025:7692
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:7692

reference_url	https://access.redhat.com/errata/RHSA-2025:7693
reference_id	RHSA-2025:7693
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:7693

reference_url	https://access.redhat.com/errata/RHSA-2025:7694
reference_id	RHSA-2025:7694
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:7694

reference_url	https://access.redhat.com/errata/RHSA-2025:7695
reference_id	RHSA-2025:7695
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:7695

reference_url

https://bugzilla.mozilla.org/show_bug.cgi?id=1958350

reference_id

show_bug.cgi?id=1958350

reference_type

scores

value	9.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-04-30T13:43:47Z/

url

https://bugzilla.mozilla.org/show_bug.cgi?id=1958350

reference_url	https://usn.ubuntu.com/7663-1/
reference_id	USN-7663-1
reference_type
scores
url	https://usn.ubuntu.com/7663-1/

fixed_packages

url	pkg:deb/debian/firefox@150.0.2-1?distro=sid
purl	pkg:deb/debian/firefox@150.0.2-1?distro=sid
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@150.0.2-1%3Fdistro=sid

url	pkg:deb/debian/firefox@138.0-1?distro=sid
purl	pkg:deb/debian/firefox@138.0-1?distro=sid
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@138.0-1%3Fdistro=sid

url	pkg:deb/debian/firefox@149.0-1?distro=sid
purl	pkg:deb/debian/firefox@149.0-1?distro=sid
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0-1%3Fdistro=sid

url	pkg:deb/debian/firefox@149.0.2-1?distro=sid
purl	pkg:deb/debian/firefox@149.0.2-1?distro=sid
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0.2-1%3Fdistro=sid

url	pkg:deb/debian/firefox@150.0-1?distro=sid
purl	pkg:deb/debian/firefox@150.0-1?distro=sid
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@150.0-1%3Fdistro=sid

url	pkg:deb/debian/firefox@150.0.1-1?distro=sid
purl	pkg:deb/debian/firefox@150.0.1-1?distro=sid
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@150.0.1-1%3Fdistro=sid

aliases CVE-2025-4083

risk_score 4.1

exploitability 0.5

weighted_severity 8.2

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-b3rg-quvp-2uha

url VCID-f5dq-hbnp-c7b2

vulnerability_id VCID-f5dq-hbnp-c7b2

summary An attacker with control over a content process could potentially leverage the privileged UITour actor to leak sensitive information or escalate privileges.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-4085.json

reference_id

reference_type

scores

value	6.8
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:L/A:L

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-4085.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2025-4085

reference_id

reference_type

scores

value	0.00188
scoring_system	epss
scoring_elements	0.40322
published_at	2026-05-07T12:55:00Z

value	0.00188
scoring_system	epss
scoring_elements	0.40673
published_at	2026-04-12T12:55:00Z

value	0.00188
scoring_system	epss
scoring_elements	0.40655
published_at	2026-04-13T12:55:00Z

value	0.00188
scoring_system	epss
scoring_elements	0.40699
published_at	2026-04-16T12:55:00Z

value	0.00188
scoring_system	epss
scoring_elements	0.40669
published_at	2026-04-18T12:55:00Z

value	0.00188
scoring_system	epss
scoring_elements	0.40591
published_at	2026-04-21T12:55:00Z

value	0.00188
scoring_system	epss
scoring_elements	0.4049
published_at	2026-04-24T12:55:00Z

value	0.00188
scoring_system	epss
scoring_elements	0.40476
published_at	2026-04-26T12:55:00Z

value	0.00188
scoring_system	epss
scoring_elements	0.40393
published_at	2026-04-29T12:55:00Z

value	0.00188
scoring_system	epss
scoring_elements	0.40254
published_at	2026-05-05T12:55:00Z

value	0.00188
scoring_system	epss
scoring_elements	0.4068
published_at	2026-04-02T12:55:00Z

value	0.00188
scoring_system	epss
scoring_elements	0.40709
published_at	2026-04-04T12:55:00Z

value	0.00188
scoring_system	epss
scoring_elements	0.40631
published_at	2026-04-07T12:55:00Z

value	0.00188
scoring_system	epss
scoring_elements	0.40681
published_at	2026-04-08T12:55:00Z

value	0.00188
scoring_system	epss
scoring_elements	0.4069
published_at	2026-04-09T12:55:00Z

value	0.00188
scoring_system	epss
scoring_elements	0.40708
published_at	2026-04-11T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2025-4085

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	7.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2362905
reference_id	2362905
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2362905

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2025-28

reference_id

mfsa2025-28

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2025-28

reference_url

https://www.mozilla.org/security/advisories/mfsa2025-28/

reference_id

mfsa2025-28

reference_type

scores

value	7.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-04-30T03:56:31Z/

url

https://www.mozilla.org/security/advisories/mfsa2025-28/

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2025-31

reference_id

mfsa2025-31

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2025-31

reference_url

https://www.mozilla.org/security/advisories/mfsa2025-31/

reference_id

mfsa2025-31

reference_type

scores

value	7.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-04-30T03:56:31Z/

url

https://www.mozilla.org/security/advisories/mfsa2025-31/

reference_url

https://bugzilla.mozilla.org/show_bug.cgi?id=1915280

reference_id

show_bug.cgi?id=1915280

reference_type

scores

value	7.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-04-30T03:56:31Z/

url

https://bugzilla.mozilla.org/show_bug.cgi?id=1915280

reference_url	https://usn.ubuntu.com/7991-1/
reference_id	USN-7991-1
reference_type
scores
url	https://usn.ubuntu.com/7991-1/

fixed_packages

url	pkg:deb/debian/firefox@150.0.2-1?distro=sid
purl	pkg:deb/debian/firefox@150.0.2-1?distro=sid
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@150.0.2-1%3Fdistro=sid

url	pkg:deb/debian/firefox@138.0-1?distro=sid
purl	pkg:deb/debian/firefox@138.0-1?distro=sid
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@138.0-1%3Fdistro=sid

url	pkg:deb/debian/firefox@149.0-1?distro=sid
purl	pkg:deb/debian/firefox@149.0-1?distro=sid
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0-1%3Fdistro=sid

url	pkg:deb/debian/firefox@149.0.2-1?distro=sid
purl	pkg:deb/debian/firefox@149.0.2-1?distro=sid
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0.2-1%3Fdistro=sid

url	pkg:deb/debian/firefox@150.0-1?distro=sid
purl	pkg:deb/debian/firefox@150.0-1?distro=sid
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@150.0-1%3Fdistro=sid

url	pkg:deb/debian/firefox@150.0.1-1?distro=sid
purl	pkg:deb/debian/firefox@150.0.1-1?distro=sid
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@150.0.1-1%3Fdistro=sid

aliases CVE-2025-4085

risk_score null

exploitability null

weighted_severity null

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-f5dq-hbnp-c7b2

url VCID-gjz8-f5gu-17f6

vulnerability_id VCID-gjz8-f5gu-17f6

summary A security vulnerability in Thunderbird allowed malicious sites to use redirects to send credentialed requests to arbitrary endpoints on any site that had invoked the Storage Access API. This enabled potential Cross-Site Request Forgery attacks across origins.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-4088.json

reference_id

reference_type

scores

value	5.4
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-4088.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2025-4088

reference_id

reference_type

scores

value	0.00116
scoring_system	epss
scoring_elements	0.29882
published_at	2026-05-07T12:55:00Z

value	0.00116
scoring_system	epss
scoring_elements	0.30297
published_at	2026-04-12T12:55:00Z

value	0.00116
scoring_system	epss
scoring_elements	0.30249
published_at	2026-04-13T12:55:00Z

value	0.00116
scoring_system	epss
scoring_elements	0.30264
published_at	2026-04-16T12:55:00Z

value	0.00116
scoring_system	epss
scoring_elements	0.30246
published_at	2026-04-18T12:55:00Z

value	0.00116
scoring_system	epss
scoring_elements	0.30201
published_at	2026-04-21T12:55:00Z

value	0.00116
scoring_system	epss
scoring_elements	0.30137
published_at	2026-04-24T12:55:00Z

value	0.00116
scoring_system	epss
scoring_elements	0.30022
published_at	2026-04-26T12:55:00Z

value	0.00116
scoring_system	epss
scoring_elements	0.29946
published_at	2026-04-29T12:55:00Z

value	0.00116
scoring_system	epss
scoring_elements	0.29812
published_at	2026-05-05T12:55:00Z

value	0.00116
scoring_system	epss
scoring_elements	0.30384
published_at	2026-04-02T12:55:00Z

value	0.00116
scoring_system	epss
scoring_elements	0.3043
published_at	2026-04-04T12:55:00Z

value	0.00116
scoring_system	epss
scoring_elements	0.30242
published_at	2026-04-07T12:55:00Z

value	0.00116
scoring_system	epss
scoring_elements	0.30302
published_at	2026-04-08T12:55:00Z

value	0.00116
scoring_system	epss
scoring_elements	0.30337
published_at	2026-04-09T12:55:00Z

value	0.00116
scoring_system	epss
scoring_elements	0.30341
published_at	2026-04-11T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2025-4088

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	6.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2362908
reference_id	2362908
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2362908

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2025-28

reference_id

mfsa2025-28

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2025-28

reference_url

https://www.mozilla.org/security/advisories/mfsa2025-28/

reference_id

mfsa2025-28

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-29T15:47:16Z/

url

https://www.mozilla.org/security/advisories/mfsa2025-28/

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2025-31

reference_id

mfsa2025-31

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2025-31

reference_url

https://www.mozilla.org/security/advisories/mfsa2025-31/

reference_id

mfsa2025-31

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-29T15:47:16Z/

url

https://www.mozilla.org/security/advisories/mfsa2025-31/

reference_url

https://bugzilla.mozilla.org/show_bug.cgi?id=1953521

reference_id

show_bug.cgi?id=1953521

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-29T15:47:16Z/

url

https://bugzilla.mozilla.org/show_bug.cgi?id=1953521

reference_url	https://usn.ubuntu.com/7991-1/
reference_id	USN-7991-1
reference_type
scores
url	https://usn.ubuntu.com/7991-1/

fixed_packages

url	pkg:deb/debian/firefox@150.0.2-1?distro=sid
purl	pkg:deb/debian/firefox@150.0.2-1?distro=sid
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@150.0.2-1%3Fdistro=sid

url	pkg:deb/debian/firefox@138.0-1?distro=sid
purl	pkg:deb/debian/firefox@138.0-1?distro=sid
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@138.0-1%3Fdistro=sid

url	pkg:deb/debian/firefox@149.0-1?distro=sid
purl	pkg:deb/debian/firefox@149.0-1?distro=sid
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0-1%3Fdistro=sid

url	pkg:deb/debian/firefox@149.0.2-1?distro=sid
purl	pkg:deb/debian/firefox@149.0.2-1?distro=sid
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0.2-1%3Fdistro=sid

url	pkg:deb/debian/firefox@150.0-1?distro=sid
purl	pkg:deb/debian/firefox@150.0-1?distro=sid
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@150.0-1%3Fdistro=sid

url	pkg:deb/debian/firefox@150.0.1-1?distro=sid
purl	pkg:deb/debian/firefox@150.0.1-1?distro=sid
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@150.0.1-1%3Fdistro=sid

aliases CVE-2025-4088

risk_score null

exploitability null

weighted_severity null

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-gjz8-f5gu-17f6

url VCID-gph4-xa9p-73fr

vulnerability_id VCID-gph4-xa9p-73fr

summary Memory safety bugs present in Firefox 137, Thunderbird 137, Firefox ESR 128.9, and Thunderbird 128.9. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-4091.json

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-4091.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2025-4091

reference_id

reference_type

scores

value	0.00436
scoring_system	epss
scoring_elements	0.63054
published_at	2026-05-07T12:55:00Z

value	0.00436
scoring_system	epss
scoring_elements	0.63032
published_at	2026-04-11T12:55:00Z

value	0.00436
scoring_system	epss
scoring_elements	0.62983
published_at	2026-04-04T12:55:00Z

value	0.00436
scoring_system	epss
scoring_elements	0.62947
published_at	2026-04-07T12:55:00Z

value	0.00436
scoring_system	epss
scoring_elements	0.62998
published_at	2026-04-08T12:55:00Z

value	0.00436
scoring_system	epss
scoring_elements	0.63015
published_at	2026-04-09T12:55:00Z

value	0.00436
scoring_system	epss
scoring_elements	0.63018
published_at	2026-04-12T12:55:00Z

value	0.00436
scoring_system	epss
scoring_elements	0.62954
published_at	2026-04-02T12:55:00Z

value	0.00436
scoring_system	epss
scoring_elements	0.63008
published_at	2026-05-05T12:55:00Z

value	0.00436
scoring_system	epss
scoring_elements	0.63052
published_at	2026-04-29T12:55:00Z

value	0.00436
scoring_system	epss
scoring_elements	0.63053
published_at	2026-04-26T12:55:00Z

value	0.00436
scoring_system	epss
scoring_elements	0.63038
published_at	2026-04-24T12:55:00Z

value	0.00436
scoring_system	epss
scoring_elements	0.63019
published_at	2026-04-21T12:55:00Z

value	0.00436
scoring_system	epss
scoring_elements	0.6304
published_at	2026-04-18T12:55:00Z

value	0.00436
scoring_system	epss
scoring_elements	0.63033
published_at	2026-04-16T12:55:00Z

value	0.00436
scoring_system	epss
scoring_elements	0.62996
published_at	2026-04-13T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2025-4091

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-4091
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-4091

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2362912
reference_id	2362912
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2362912

reference_url

https://bugzilla.mozilla.org/buglist.cgi?bug_id=1951161%2C1952105

reference_id

buglist.cgi?bug_id=1951161%2C1952105

reference_type

scores

value	8.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-29T15:36:41Z/

url

https://bugzilla.mozilla.org/buglist.cgi?bug_id=1951161%2C1952105

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2025-28

reference_id

mfsa2025-28

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2025-28

reference_url

https://www.mozilla.org/security/advisories/mfsa2025-28/

reference_id

mfsa2025-28

reference_type

scores

value	8.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-29T15:36:41Z/

url

https://www.mozilla.org/security/advisories/mfsa2025-28/

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2025-29

reference_id

mfsa2025-29

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2025-29

reference_url

https://www.mozilla.org/security/advisories/mfsa2025-29/

reference_id

mfsa2025-29

reference_type

scores

value	8.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-29T15:36:41Z/

url

https://www.mozilla.org/security/advisories/mfsa2025-29/

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2025-31

reference_id

mfsa2025-31

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2025-31

reference_url

https://www.mozilla.org/security/advisories/mfsa2025-31/

reference_id

mfsa2025-31

reference_type

scores

value	8.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-29T15:36:41Z/

url

https://www.mozilla.org/security/advisories/mfsa2025-31/

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2025-32

reference_id

mfsa2025-32

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2025-32

reference_url

https://www.mozilla.org/security/advisories/mfsa2025-32/

reference_id

mfsa2025-32

reference_type

scores

value	8.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-29T15:36:41Z/

url

https://www.mozilla.org/security/advisories/mfsa2025-32/

reference_url	https://access.redhat.com/errata/RHSA-2025:4443
reference_id	RHSA-2025:4443
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:4443

reference_url	https://access.redhat.com/errata/RHSA-2025:4458
reference_id	RHSA-2025:4458
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:4458

reference_url	https://access.redhat.com/errata/RHSA-2025:4460
reference_id	RHSA-2025:4460
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:4460

reference_url	https://access.redhat.com/errata/RHSA-2025:4751
reference_id	RHSA-2025:4751
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:4751

reference_url	https://access.redhat.com/errata/RHSA-2025:4752
reference_id	RHSA-2025:4752
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:4752

reference_url	https://access.redhat.com/errata/RHSA-2025:4753
reference_id	RHSA-2025:4753
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:4753

reference_url	https://access.redhat.com/errata/RHSA-2025:4756
reference_id	RHSA-2025:4756
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:4756

reference_url	https://access.redhat.com/errata/RHSA-2025:4797
reference_id	RHSA-2025:4797
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:4797

reference_url	https://access.redhat.com/errata/RHSA-2025:7428
reference_id	RHSA-2025:7428
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:7428

reference_url	https://access.redhat.com/errata/RHSA-2025:7506
reference_id	RHSA-2025:7506
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:7506

reference_url	https://access.redhat.com/errata/RHSA-2025:7507
reference_id	RHSA-2025:7507
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:7507

reference_url	https://access.redhat.com/errata/RHSA-2025:7543
reference_id	RHSA-2025:7543
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:7543

reference_url	https://access.redhat.com/errata/RHSA-2025:7544
reference_id	RHSA-2025:7544
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:7544

reference_url	https://access.redhat.com/errata/RHSA-2025:7545
reference_id	RHSA-2025:7545
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:7545

reference_url	https://access.redhat.com/errata/RHSA-2025:7547
reference_id	RHSA-2025:7547
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:7547

reference_url	https://access.redhat.com/errata/RHSA-2025:7689
reference_id	RHSA-2025:7689
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:7689

reference_url	https://access.redhat.com/errata/RHSA-2025:7690
reference_id	RHSA-2025:7690
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:7690

reference_url	https://access.redhat.com/errata/RHSA-2025:7691
reference_id	RHSA-2025:7691
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:7691

reference_url	https://access.redhat.com/errata/RHSA-2025:7692
reference_id	RHSA-2025:7692
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:7692

reference_url	https://access.redhat.com/errata/RHSA-2025:7693
reference_id	RHSA-2025:7693
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:7693

reference_url	https://access.redhat.com/errata/RHSA-2025:7694
reference_id	RHSA-2025:7694
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:7694

reference_url	https://access.redhat.com/errata/RHSA-2025:7695
reference_id	RHSA-2025:7695
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:7695

reference_url	https://usn.ubuntu.com/7663-1/
reference_id	USN-7663-1
reference_type
scores
url	https://usn.ubuntu.com/7663-1/

fixed_packages

url	pkg:deb/debian/firefox@150.0.2-1?distro=sid
purl	pkg:deb/debian/firefox@150.0.2-1?distro=sid
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@150.0.2-1%3Fdistro=sid

url	pkg:deb/debian/firefox@138.0-1?distro=sid
purl	pkg:deb/debian/firefox@138.0-1?distro=sid
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@138.0-1%3Fdistro=sid

url	pkg:deb/debian/firefox@149.0-1?distro=sid
purl	pkg:deb/debian/firefox@149.0-1?distro=sid
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0-1%3Fdistro=sid

url	pkg:deb/debian/firefox@149.0.2-1?distro=sid
purl	pkg:deb/debian/firefox@149.0.2-1?distro=sid
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0.2-1%3Fdistro=sid

url	pkg:deb/debian/firefox@150.0-1?distro=sid
purl	pkg:deb/debian/firefox@150.0-1?distro=sid
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@150.0-1%3Fdistro=sid

url	pkg:deb/debian/firefox@150.0.1-1?distro=sid
purl	pkg:deb/debian/firefox@150.0.1-1?distro=sid
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@150.0.1-1%3Fdistro=sid

aliases CVE-2025-4091

risk_score 4.0

exploitability 0.5

weighted_severity 8.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-gph4-xa9p-73fr

url VCID-w4tg-7jjp-sker

vulnerability_id VCID-w4tg-7jjp-sker

summary Memory safety bugs present in Firefox 137 and Thunderbird 137. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-4092.json

reference_id

reference_type

scores

value	8.8
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-4092.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2025-4092

reference_id

reference_type

scores

value	0.00282
scoring_system	epss
scoring_elements	0.51508
published_at	2026-05-07T12:55:00Z

value	0.00282
scoring_system	epss
scoring_elements	0.51599
published_at	2026-04-11T12:55:00Z

value	0.00282
scoring_system	epss
scoring_elements	0.51578
published_at	2026-04-12T12:55:00Z

value	0.00282
scoring_system	epss
scoring_elements	0.51567
published_at	2026-04-13T12:55:00Z

value	0.00282
scoring_system	epss
scoring_elements	0.51608
published_at	2026-04-16T12:55:00Z

value	0.00282
scoring_system	epss
scoring_elements	0.51616
published_at	2026-04-18T12:55:00Z

value	0.00282
scoring_system	epss
scoring_elements	0.51595
published_at	2026-04-21T12:55:00Z

value	0.00282
scoring_system	epss
scoring_elements	0.51549
published_at	2026-04-24T12:55:00Z

value	0.00282
scoring_system	epss
scoring_elements	0.51515
published_at	2026-04-29T12:55:00Z

value	0.00282
scoring_system	epss
scoring_elements	0.51459
published_at	2026-05-05T12:55:00Z

value	0.00282
scoring_system	epss
scoring_elements	0.51517
published_at	2026-04-02T12:55:00Z

value	0.00282
scoring_system	epss
scoring_elements	0.51544
published_at	2026-04-04T12:55:00Z

value	0.00282
scoring_system	epss
scoring_elements	0.51504
published_at	2026-04-07T12:55:00Z

value	0.00282
scoring_system	epss
scoring_elements	0.51558
published_at	2026-04-08T12:55:00Z

value	0.00282
scoring_system	epss
scoring_elements	0.51555
published_at	2026-04-26T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2025-4092

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2362909
reference_id	2362909
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2362909

reference_url

https://bugzilla.mozilla.org/buglist.cgi?bug_id=1924108%2C1950780%2C1959367

reference_id

buglist.cgi?bug_id=1924108%2C1950780%2C1959367

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-29T15:33:34Z/

url

https://bugzilla.mozilla.org/buglist.cgi?bug_id=1924108%2C1950780%2C1959367

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2025-28

reference_id

mfsa2025-28

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2025-28

reference_url

https://www.mozilla.org/security/advisories/mfsa2025-28/

reference_id

mfsa2025-28

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-29T15:33:34Z/

url

https://www.mozilla.org/security/advisories/mfsa2025-28/

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2025-31

reference_id

mfsa2025-31

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2025-31

reference_url

https://www.mozilla.org/security/advisories/mfsa2025-31/

reference_id

mfsa2025-31

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-29T15:33:34Z/

url

https://www.mozilla.org/security/advisories/mfsa2025-31/

reference_url	https://usn.ubuntu.com/7991-1/
reference_id	USN-7991-1
reference_type
scores
url	https://usn.ubuntu.com/7991-1/

fixed_packages

url	pkg:deb/debian/firefox@150.0.2-1?distro=sid
purl	pkg:deb/debian/firefox@150.0.2-1?distro=sid
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@150.0.2-1%3Fdistro=sid

url	pkg:deb/debian/firefox@138.0-1?distro=sid
purl	pkg:deb/debian/firefox@138.0-1?distro=sid
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@138.0-1%3Fdistro=sid

url	pkg:deb/debian/firefox@149.0-1?distro=sid
purl	pkg:deb/debian/firefox@149.0-1?distro=sid
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0-1%3Fdistro=sid

url	pkg:deb/debian/firefox@149.0.2-1?distro=sid
purl	pkg:deb/debian/firefox@149.0.2-1?distro=sid
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0.2-1%3Fdistro=sid

url	pkg:deb/debian/firefox@150.0-1?distro=sid
purl	pkg:deb/debian/firefox@150.0-1?distro=sid
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@150.0-1%3Fdistro=sid

url	pkg:deb/debian/firefox@150.0.1-1?distro=sid
purl	pkg:deb/debian/firefox@150.0.1-1?distro=sid
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@150.0.1-1%3Fdistro=sid

aliases CVE-2025-4092

risk_score null

exploitability null

weighted_severity null

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-w4tg-7jjp-sker

url VCID-wsjn-nkrs-vkgw

vulnerability_id VCID-wsjn-nkrs-vkgw

summary Due to insufficient escaping of special characters in the "copy as cURL" feature, an attacker could trick a user into using this command, potentially leading to local code execution on the user's system.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-4089.json

reference_id

reference_type

scores

value	6.3
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-4089.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2025-4089

reference_id

reference_type

scores

value	0.00068
scoring_system	epss
scoring_elements	0.20609
published_at	2026-05-07T12:55:00Z

value	0.00068
scoring_system	epss
scoring_elements	0.20882
published_at	2026-04-12T12:55:00Z

value	0.00068
scoring_system	epss
scoring_elements	0.20831
published_at	2026-04-13T12:55:00Z

value	0.00068
scoring_system	epss
scoring_elements	0.20822
published_at	2026-04-16T12:55:00Z

value	0.00068
scoring_system	epss
scoring_elements	0.20814
published_at	2026-04-18T12:55:00Z

value	0.00068
scoring_system	epss
scoring_elements	0.20797
published_at	2026-04-21T12:55:00Z

value	0.00068
scoring_system	epss
scoring_elements	0.20678
published_at	2026-04-24T12:55:00Z

value	0.00068
scoring_system	epss
scoring_elements	0.20674
published_at	2026-04-26T12:55:00Z

value	0.00068
scoring_system	epss
scoring_elements	0.20641
published_at	2026-04-29T12:55:00Z

value	0.00068
scoring_system	epss
scoring_elements	0.20538
published_at	2026-05-05T12:55:00Z

value	0.00068
scoring_system	epss
scoring_elements	0.20999
published_at	2026-04-02T12:55:00Z

value	0.00068
scoring_system	epss
scoring_elements	0.21056
published_at	2026-04-04T12:55:00Z

value	0.00068
scoring_system	epss
scoring_elements	0.2077
published_at	2026-04-07T12:55:00Z

value	0.00068
scoring_system	epss
scoring_elements	0.20849
published_at	2026-04-08T12:55:00Z

value	0.00068
scoring_system	epss
scoring_elements	0.20911
published_at	2026-04-09T12:55:00Z

value	0.00068
scoring_system	epss
scoring_elements	0.20926
published_at	2026-04-11T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2025-4089

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	7.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2362910
reference_id	2362910
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2362910

reference_url

https://bugzilla.mozilla.org/buglist.cgi?bug_id=1949994%2C1956698%2C1960198

reference_id

buglist.cgi?bug_id=1949994%2C1956698%2C1960198

reference_type

scores

value	5.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-30T03:56:33Z/

url

https://bugzilla.mozilla.org/buglist.cgi?bug_id=1949994%2C1956698%2C1960198

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2025-28

reference_id

mfsa2025-28

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2025-28

reference_url

https://www.mozilla.org/security/advisories/mfsa2025-28/

reference_id

mfsa2025-28

reference_type

scores

value	5.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-30T03:56:33Z/

url

https://www.mozilla.org/security/advisories/mfsa2025-28/

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2025-31

reference_id

mfsa2025-31

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2025-31

reference_url

https://www.mozilla.org/security/advisories/mfsa2025-31/

reference_id

mfsa2025-31

reference_type

scores

value	5.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-30T03:56:33Z/

url

https://www.mozilla.org/security/advisories/mfsa2025-31/

reference_url	https://usn.ubuntu.com/7991-1/
reference_id	USN-7991-1
reference_type
scores
url	https://usn.ubuntu.com/7991-1/

fixed_packages

url	pkg:deb/debian/firefox@150.0.2-1?distro=sid
purl	pkg:deb/debian/firefox@150.0.2-1?distro=sid
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@150.0.2-1%3Fdistro=sid

url	pkg:deb/debian/firefox@138.0-1?distro=sid
purl	pkg:deb/debian/firefox@138.0-1?distro=sid
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@138.0-1%3Fdistro=sid

url	pkg:deb/debian/firefox@149.0-1?distro=sid
purl	pkg:deb/debian/firefox@149.0-1?distro=sid
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0-1%3Fdistro=sid

url	pkg:deb/debian/firefox@149.0.2-1?distro=sid
purl	pkg:deb/debian/firefox@149.0.2-1?distro=sid
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0.2-1%3Fdistro=sid

url	pkg:deb/debian/firefox@150.0-1?distro=sid
purl	pkg:deb/debian/firefox@150.0-1?distro=sid
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@150.0-1%3Fdistro=sid

url	pkg:deb/debian/firefox@150.0.1-1?distro=sid
purl	pkg:deb/debian/firefox@150.0.1-1?distro=sid
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@150.0.1-1%3Fdistro=sid

aliases CVE-2025-4089

risk_score null

exploitability null

weighted_severity null

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-wsjn-nkrs-vkgw

Risk_score null

Resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@138.0-1%3Fdistro=sid

Package Instance