Package Instance
Lookup for vulnerable packages by Package URL.
GET /api/packages/582812?format=api
{ "url": "http://public2.vulnerablecode.io/api/packages/582812?format=api", "purl": "pkg:deb/debian/firefox@145.0-1?distro=sid", "type": "deb", "namespace": "debian", "name": "firefox", "version": "145.0-1", "qualifiers": { "distro": "sid" }, "subpath": "", "is_vulnerable": false, "next_non_vulnerable_version": "146.0-1", "latest_non_vulnerable_version": "150.0.2-1", "affected_by_vulnerabilities": [], "fixing_vulnerabilities": [ { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/63070?format=api", "vulnerability_id": "VCID-2myh-pg75-1kgb", "summary": "Incorrect boundary conditions in the Graphics: WebGPU component. This vulnerability affects Firefox < 145 and Thunderbird < 145.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-13025.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-13025.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-13025", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00032", "scoring_system": "epss", "scoring_elements": "0.0918", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00032", "scoring_system": "epss", "scoring_elements": "0.09008", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00032", "scoring_system": "epss", "scoring_elements": "0.09029", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00032", "scoring_system": "epss", "scoring_elements": "0.09148", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00032", "scoring_system": "epss", "scoring_elements": "0.09134", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00033", "scoring_system": "epss", "scoring_elements": "0.0962", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00038", "scoring_system": "epss", "scoring_elements": "0.11064", "published_at": "2026-05-05T12:55:00Z" }, { "value": "0.00038", "scoring_system": "epss", "scoring_elements": "0.11258", "published_at": "2026-05-09T12:55:00Z" }, { "value": "0.00038", "scoring_system": "epss", "scoring_elements": "0.11132", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.00038", "scoring_system": "epss", "scoring_elements": "0.11197", "published_at": "2026-05-07T12:55:00Z" }, { "value": "0.00038", "scoring_system": "epss", "scoring_elements": "0.1124", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00038", "scoring_system": "epss", "scoring_elements": "0.11302", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00051", "scoring_system": "epss", "scoring_elements": "0.15865", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00051", "scoring_system": "epss", "scoring_elements": "0.15918", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00051", "scoring_system": "epss", "scoring_elements": "0.1598", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00051", "scoring_system": "epss", "scoring_elements": "0.15779", "published_at": "2026-04-07T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-13025" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2414088", "reference_id": "2414088", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2414088" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-87", "reference_id": "mfsa2025-87", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-87" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2025-87/", "reference_id": "mfsa2025-87", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-11-12T15:20:52Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2025-87/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-90", "reference_id": "mfsa2025-90", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-90" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2025-90/", "reference_id": "mfsa2025-90", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-11-12T15:20:52Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2025-90/" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1994022", "reference_id": "show_bug.cgi?id=1994022", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-11-12T15:20:52Z/" } ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1994022" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/582812?format=api", "purl": "pkg:deb/debian/firefox@145.0-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@145.0-1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/582059?format=api", "purl": "pkg:deb/debian/firefox@149.0-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0-1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/1059611?format=api", "purl": "pkg:deb/debian/firefox@149.0.2-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0.2-1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/1076056?format=api", "purl": "pkg:deb/debian/firefox@150.0-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@150.0-1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/1088670?format=api", "purl": "pkg:deb/debian/firefox@150.0.1-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@150.0.1-1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/1105248?format=api", "purl": "pkg:deb/debian/firefox@150.0.2-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@150.0.2-1%3Fdistro=sid" } ], "aliases": [ "CVE-2025-13025" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-2myh-pg75-1kgb" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/63013?format=api", "vulnerability_id": "VCID-4bw1-v6ze-kbds", "summary": "Mitigation bypass in the DOM: Security component. This vulnerability affects Firefox < 145, Firefox ESR < 140.5, Thunderbird < 145, and Thunderbird < 140.5.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-13018.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-13018.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-13018", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00025", "scoring_system": "epss", "scoring_elements": "0.06945", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00025", "scoring_system": "epss", "scoring_elements": "0.06929", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00025", "scoring_system": "epss", "scoring_elements": "0.07023", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00025", "scoring_system": "epss", "scoring_elements": "0.07013", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00025", "scoring_system": "epss", "scoring_elements": "0.07006", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00026", "scoring_system": "epss", "scoring_elements": "0.0734", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00034", "scoring_system": "epss", "scoring_elements": "0.10189", "published_at": "2026-05-09T12:55:00Z" }, { "value": "0.00034", "scoring_system": "epss", "scoring_elements": "0.10121", "published_at": "2026-05-07T12:55:00Z" }, { "value": "0.00034", "scoring_system": "epss", "scoring_elements": "0.09971", "published_at": "2026-05-05T12:55:00Z" }, { "value": "0.00034", "scoring_system": "epss", "scoring_elements": "0.10034", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.00034", "scoring_system": "epss", "scoring_elements": "0.10136", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00034", "scoring_system": "epss", "scoring_elements": "0.10112", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00034", "scoring_system": "epss", "scoring_elements": "0.10092", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.00059", "scoring_system": "epss", "scoring_elements": "0.18708", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00059", "scoring_system": "epss", "scoring_elements": "0.18762", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00059", "scoring_system": "epss", "scoring_elements": "0.18478", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00059", "scoring_system": "epss", "scoring_elements": "0.18559", "published_at": "2026-04-08T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-13018" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-13018", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-13018" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2414079", "reference_id": "2414079", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2414079" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-87", "reference_id": "mfsa2025-87", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-87" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2025-87/", "reference_id": "mfsa2025-87", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-11-12T15:10:48Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2025-87/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-88", "reference_id": "mfsa2025-88", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-88" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2025-88/", "reference_id": "mfsa2025-88", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-11-12T15:10:48Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2025-88/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-90", "reference_id": "mfsa2025-90", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-90" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2025-90/", "reference_id": "mfsa2025-90", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-11-12T15:10:48Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2025-90/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-91", "reference_id": "mfsa2025-91", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-91" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2025-91/", "reference_id": "mfsa2025-91", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-11-12T15:10:48Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2025-91/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:21120", "reference_id": "RHSA-2025:21120", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:21120" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:21121", "reference_id": "RHSA-2025:21121", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:21121" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:21280", "reference_id": "RHSA-2025:21280", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:21280" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:21281", "reference_id": "RHSA-2025:21281", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:21281" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:21841", "reference_id": "RHSA-2025:21841", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:21841" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:21842", "reference_id": "RHSA-2025:21842", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:21842" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:21843", "reference_id": "RHSA-2025:21843", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:21843" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:21844", "reference_id": "RHSA-2025:21844", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:21844" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:21881", "reference_id": "RHSA-2025:21881", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:21881" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:22363", "reference_id": "RHSA-2025:22363", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:22363" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:22367", "reference_id": "RHSA-2025:22367", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:22367" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:22368", "reference_id": "RHSA-2025:22368", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:22368" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:22369", "reference_id": "RHSA-2025:22369", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:22369" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:22371", "reference_id": "RHSA-2025:22371", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:22371" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:22372", "reference_id": "RHSA-2025:22372", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:22372" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:22373", "reference_id": "RHSA-2025:22373", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:22373" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:22374", "reference_id": "RHSA-2025:22374", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:22374" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:22375", "reference_id": "RHSA-2025:22375", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:22375" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:22449", "reference_id": "RHSA-2025:22449", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:22449" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:22450", "reference_id": "RHSA-2025:22450", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:22450" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:22451", "reference_id": "RHSA-2025:22451", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:22451" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:22791", "reference_id": "RHSA-2025:22791", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:22791" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:22792", "reference_id": "RHSA-2025:22792", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:22792" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:22882", "reference_id": "RHSA-2025:22882", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:22882" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:22883", "reference_id": "RHSA-2025:22883", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:22883" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1984940", "reference_id": "show_bug.cgi?id=1984940", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-11-12T15:10:48Z/" } ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1984940" }, { "reference_url": "https://usn.ubuntu.com/7991-1/", "reference_id": "USN-7991-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7991-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/582812?format=api", "purl": "pkg:deb/debian/firefox@145.0-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@145.0-1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/582059?format=api", "purl": "pkg:deb/debian/firefox@149.0-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0-1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/1059611?format=api", "purl": "pkg:deb/debian/firefox@149.0.2-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0.2-1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/1076056?format=api", "purl": "pkg:deb/debian/firefox@150.0-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@150.0-1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/1088670?format=api", "purl": "pkg:deb/debian/firefox@150.0.1-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@150.0.1-1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/1105248?format=api", "purl": "pkg:deb/debian/firefox@150.0.2-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@150.0.2-1%3Fdistro=sid" } ], "aliases": [ "CVE-2025-13018" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-4bw1-v6ze-kbds" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/63014?format=api", "vulnerability_id": "VCID-4kd3-95cm-g3fc", "summary": "Same-origin policy bypass in the DOM: Workers component. This vulnerability affects Firefox < 145, Firefox ESR < 140.5, Thunderbird < 145, and Thunderbird < 140.5.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-13019.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-13019.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-13019", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00025", "scoring_system": "epss", "scoring_elements": "0.06945", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00025", "scoring_system": "epss", "scoring_elements": "0.06929", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00025", "scoring_system": "epss", "scoring_elements": "0.07023", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00025", "scoring_system": "epss", "scoring_elements": "0.07013", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00025", "scoring_system": "epss", "scoring_elements": "0.07006", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00026", "scoring_system": "epss", "scoring_elements": "0.0734", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00034", "scoring_system": "epss", "scoring_elements": "0.10136", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00034", "scoring_system": "epss", "scoring_elements": "0.10189", "published_at": "2026-05-09T12:55:00Z" }, { "value": "0.00034", "scoring_system": "epss", "scoring_elements": "0.10121", "published_at": "2026-05-07T12:55:00Z" }, { "value": "0.00034", "scoring_system": "epss", "scoring_elements": "0.09971", "published_at": "2026-05-05T12:55:00Z" }, { "value": "0.00034", "scoring_system": "epss", "scoring_elements": "0.10034", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.00034", "scoring_system": "epss", "scoring_elements": "0.10112", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00034", "scoring_system": "epss", "scoring_elements": "0.10092", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.00059", "scoring_system": "epss", "scoring_elements": "0.18708", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00059", "scoring_system": "epss", "scoring_elements": "0.18762", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00059", "scoring_system": "epss", "scoring_elements": "0.18478", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00059", "scoring_system": "epss", "scoring_elements": "0.18559", "published_at": "2026-04-08T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-13019" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-13019", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-13019" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2414084", "reference_id": "2414084", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2414084" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-87", "reference_id": "mfsa2025-87", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-87" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2025-87/", "reference_id": "mfsa2025-87", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-11-12T14:59:56Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2025-87/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-88", "reference_id": "mfsa2025-88", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-88" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2025-88/", "reference_id": "mfsa2025-88", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-11-12T14:59:56Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2025-88/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-90", "reference_id": "mfsa2025-90", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-90" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2025-90/", "reference_id": "mfsa2025-90", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-11-12T14:59:56Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2025-90/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-91", "reference_id": "mfsa2025-91", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-91" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2025-91/", "reference_id": "mfsa2025-91", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-11-12T14:59:56Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2025-91/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:21120", "reference_id": "RHSA-2025:21120", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:21120" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:21121", "reference_id": "RHSA-2025:21121", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:21121" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:21280", "reference_id": "RHSA-2025:21280", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:21280" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:21281", "reference_id": "RHSA-2025:21281", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:21281" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:21841", "reference_id": "RHSA-2025:21841", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:21841" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:21842", "reference_id": "RHSA-2025:21842", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:21842" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:21843", "reference_id": "RHSA-2025:21843", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:21843" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:21844", "reference_id": "RHSA-2025:21844", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:21844" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:21881", "reference_id": "RHSA-2025:21881", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:21881" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:22363", "reference_id": "RHSA-2025:22363", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:22363" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:22367", "reference_id": "RHSA-2025:22367", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:22367" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:22368", "reference_id": "RHSA-2025:22368", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:22368" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:22369", "reference_id": "RHSA-2025:22369", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:22369" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:22371", "reference_id": "RHSA-2025:22371", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:22371" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:22372", "reference_id": "RHSA-2025:22372", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:22372" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:22373", "reference_id": "RHSA-2025:22373", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:22373" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:22374", "reference_id": "RHSA-2025:22374", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:22374" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:22375", "reference_id": "RHSA-2025:22375", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:22375" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:22449", "reference_id": "RHSA-2025:22449", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:22449" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:22450", "reference_id": "RHSA-2025:22450", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:22450" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:22451", "reference_id": "RHSA-2025:22451", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:22451" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:22791", "reference_id": "RHSA-2025:22791", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:22791" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:22792", "reference_id": "RHSA-2025:22792", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:22792" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:22882", "reference_id": "RHSA-2025:22882", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:22882" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:22883", "reference_id": "RHSA-2025:22883", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:22883" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1988412", "reference_id": "show_bug.cgi?id=1988412", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-11-12T14:59:56Z/" } ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1988412" }, { "reference_url": "https://usn.ubuntu.com/7991-1/", "reference_id": "USN-7991-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7991-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/582812?format=api", "purl": "pkg:deb/debian/firefox@145.0-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@145.0-1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/582059?format=api", "purl": "pkg:deb/debian/firefox@149.0-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0-1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/1059611?format=api", "purl": "pkg:deb/debian/firefox@149.0.2-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0.2-1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/1076056?format=api", "purl": "pkg:deb/debian/firefox@150.0-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@150.0-1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/1088670?format=api", "purl": "pkg:deb/debian/firefox@150.0.1-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@150.0.1-1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/1105248?format=api", "purl": "pkg:deb/debian/firefox@150.0.2-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@150.0.2-1%3Fdistro=sid" } ], "aliases": [ "CVE-2025-13019" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-4kd3-95cm-g3fc" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/63068?format=api", "vulnerability_id": "VCID-66t7-51hw-4yap", "summary": "Sandbox escape due to incorrect boundary conditions in the Graphics: WebGPU component. This vulnerability affects Firefox < 145 and Thunderbird < 145.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-13023.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-13023.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-13023", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00051", "scoring_system": "epss", "scoring_elements": "0.16015", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00051", "scoring_system": "epss", "scoring_elements": "0.16173", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00051", "scoring_system": "epss", "scoring_elements": "0.16134", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00051", "scoring_system": "epss", "scoring_elements": "0.16066", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00051", "scoring_system": "epss", "scoring_elements": "0.16001", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00053", "scoring_system": "epss", "scoring_elements": "0.16866", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00061", "scoring_system": "epss", "scoring_elements": "0.18885", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.00061", "scoring_system": "epss", "scoring_elements": "0.18901", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00061", "scoring_system": "epss", "scoring_elements": "0.19009", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00061", "scoring_system": "epss", "scoring_elements": "0.18843", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.00061", "scoring_system": "epss", "scoring_elements": "0.1872", "published_at": "2026-05-05T12:55:00Z" }, { "value": "0.00061", "scoring_system": "epss", "scoring_elements": "0.18804", "published_at": "2026-05-07T12:55:00Z" }, { "value": "0.00061", "scoring_system": "epss", "scoring_elements": "0.18908", "published_at": "2026-05-09T12:55:00Z" }, { "value": "0.00082", "scoring_system": "epss", "scoring_elements": "0.24182", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00082", "scoring_system": "epss", "scoring_elements": "0.24294", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00082", "scoring_system": "epss", "scoring_elements": "0.24328", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00082", "scoring_system": "epss", "scoring_elements": "0.24116", "published_at": "2026-04-07T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-13023" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2414087", "reference_id": "2414087", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2414087" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-87", "reference_id": "mfsa2025-87", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-87" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2025-87/", "reference_id": "mfsa2025-87", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-11-13T15:18:41Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2025-87/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-90", "reference_id": "mfsa2025-90", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-90" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2025-90/", "reference_id": "mfsa2025-90", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-11-13T15:18:41Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2025-90/" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1992032", "reference_id": "show_bug.cgi?id=1992032", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-11-13T15:18:41Z/" } ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1992032" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/582812?format=api", "purl": "pkg:deb/debian/firefox@145.0-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@145.0-1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/582059?format=api", "purl": "pkg:deb/debian/firefox@149.0-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0-1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/1059611?format=api", "purl": "pkg:deb/debian/firefox@149.0.2-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0.2-1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/1076056?format=api", "purl": "pkg:deb/debian/firefox@150.0-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@150.0-1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/1088670?format=api", "purl": "pkg:deb/debian/firefox@150.0.1-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@150.0.1-1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/1105248?format=api", "purl": "pkg:deb/debian/firefox@150.0.2-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@150.0.2-1%3Fdistro=sid" } ], "aliases": [ "CVE-2025-13023" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-66t7-51hw-4yap" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/63069?format=api", "vulnerability_id": "VCID-8v2e-2y19-d3fc", "summary": "JIT miscompilation in the JavaScript Engine: JIT component. This vulnerability affects Firefox < 145 and Thunderbird < 145.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-13024.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-13024.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-13024", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00051", "scoring_system": "epss", "scoring_elements": "0.16015", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00051", "scoring_system": "epss", "scoring_elements": "0.16173", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00051", "scoring_system": "epss", "scoring_elements": "0.16134", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00051", "scoring_system": "epss", "scoring_elements": "0.16066", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00051", "scoring_system": "epss", "scoring_elements": "0.16001", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00053", "scoring_system": "epss", "scoring_elements": "0.16866", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00061", "scoring_system": "epss", "scoring_elements": "0.18885", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.00061", "scoring_system": "epss", "scoring_elements": "0.18901", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00061", "scoring_system": "epss", "scoring_elements": "0.19009", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00061", "scoring_system": "epss", "scoring_elements": "0.18843", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.00061", "scoring_system": "epss", "scoring_elements": "0.1872", "published_at": "2026-05-05T12:55:00Z" }, { "value": "0.00061", "scoring_system": "epss", "scoring_elements": "0.18804", "published_at": "2026-05-07T12:55:00Z" }, { "value": "0.00061", "scoring_system": "epss", "scoring_elements": "0.18908", "published_at": "2026-05-09T12:55:00Z" }, { "value": "0.00082", "scoring_system": "epss", "scoring_elements": "0.24182", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00082", "scoring_system": "epss", "scoring_elements": "0.24294", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00082", "scoring_system": "epss", "scoring_elements": "0.24328", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00082", "scoring_system": "epss", "scoring_elements": "0.24116", "published_at": "2026-04-07T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-13024" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2414081", "reference_id": "2414081", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2414081" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-87", "reference_id": "mfsa2025-87", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-87" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2025-87/", "reference_id": "mfsa2025-87", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-11-13T15:09:23Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2025-87/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-90", "reference_id": "mfsa2025-90", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-90" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2025-90/", "reference_id": "mfsa2025-90", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-11-13T15:09:23Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2025-90/" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1992902", "reference_id": "show_bug.cgi?id=1992902", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-11-13T15:09:23Z/" } ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1992902" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/582812?format=api", "purl": "pkg:deb/debian/firefox@145.0-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@145.0-1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/582059?format=api", "purl": "pkg:deb/debian/firefox@149.0-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0-1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/1059611?format=api", "purl": "pkg:deb/debian/firefox@149.0.2-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0.2-1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/1076056?format=api", "purl": "pkg:deb/debian/firefox@150.0-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@150.0-1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/1088670?format=api", "purl": "pkg:deb/debian/firefox@150.0.1-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@150.0.1-1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/1105248?format=api", "purl": "pkg:deb/debian/firefox@150.0.2-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@150.0.2-1%3Fdistro=sid" } ], "aliases": [ "CVE-2025-13024" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-8v2e-2y19-d3fc" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/63011?format=api", "vulnerability_id": "VCID-962a-dwqf-3ycg", "summary": "Incorrect boundary conditions in the JavaScript: WebAssembly component. This vulnerability affects Firefox < 145, Firefox ESR < 140.5, Thunderbird < 145, and Thunderbird < 140.5.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-13016.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-13016.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-13016", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00034", "scoring_system": "epss", "scoring_elements": "0.09765", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00034", "scoring_system": "epss", "scoring_elements": "0.09811", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00034", "scoring_system": "epss", "scoring_elements": "0.09778", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.00034", "scoring_system": "epss", "scoring_elements": "0.09736", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.00034", "scoring_system": "epss", "scoring_elements": "0.09649", "published_at": "2026-05-05T12:55:00Z" }, { "value": "0.00034", "scoring_system": "epss", "scoring_elements": "0.09817", "published_at": "2026-05-07T12:55:00Z" }, { "value": "0.00034", "scoring_system": "epss", "scoring_elements": "0.09885", "published_at": "2026-05-09T12:55:00Z" }, { "value": "0.00047", "scoring_system": "epss", "scoring_elements": "0.14508", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00047", "scoring_system": "epss", "scoring_elements": "0.14515", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00047", "scoring_system": "epss", "scoring_elements": "0.14709", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00047", "scoring_system": "epss", "scoring_elements": "0.14672", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00047", "scoring_system": "epss", "scoring_elements": "0.14617", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00049", "scoring_system": "epss", "scoring_elements": "0.1536", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.0008", "scoring_system": "epss", "scoring_elements": "0.23596", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.0008", "scoring_system": "epss", "scoring_elements": "0.23702", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.0008", "scoring_system": "epss", "scoring_elements": "0.23745", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.0008", "scoring_system": "epss", "scoring_elements": "0.23525", "published_at": "2026-04-07T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-13016" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-13016", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-13016" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2414083", "reference_id": "2414083", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2414083" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-87", "reference_id": "mfsa2025-87", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-87" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2025-87/", "reference_id": "mfsa2025-87", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-11-13T15:12:45Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2025-87/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-88", "reference_id": "mfsa2025-88", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-88" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2025-88/", "reference_id": "mfsa2025-88", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-11-13T15:12:45Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2025-88/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-90", "reference_id": "mfsa2025-90", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-90" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2025-90/", "reference_id": "mfsa2025-90", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-11-13T15:12:45Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2025-90/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-91", "reference_id": "mfsa2025-91", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-91" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2025-91/", "reference_id": "mfsa2025-91", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-11-13T15:12:45Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2025-91/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:21120", "reference_id": "RHSA-2025:21120", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:21120" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:21121", "reference_id": "RHSA-2025:21121", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:21121" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:21280", "reference_id": "RHSA-2025:21280", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:21280" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:21281", "reference_id": "RHSA-2025:21281", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:21281" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:21841", "reference_id": "RHSA-2025:21841", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:21841" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:21842", "reference_id": "RHSA-2025:21842", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:21842" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:21843", "reference_id": "RHSA-2025:21843", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:21843" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:21844", "reference_id": "RHSA-2025:21844", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:21844" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:21881", "reference_id": "RHSA-2025:21881", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:21881" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:22363", "reference_id": "RHSA-2025:22363", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:22363" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:22367", "reference_id": "RHSA-2025:22367", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:22367" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:22368", "reference_id": "RHSA-2025:22368", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:22368" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:22369", "reference_id": "RHSA-2025:22369", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:22369" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:22371", "reference_id": "RHSA-2025:22371", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:22371" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:22372", "reference_id": "RHSA-2025:22372", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:22372" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:22373", "reference_id": "RHSA-2025:22373", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:22373" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:22374", "reference_id": "RHSA-2025:22374", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:22374" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:22375", "reference_id": "RHSA-2025:22375", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:22375" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:22449", "reference_id": "RHSA-2025:22449", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:22449" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:22450", "reference_id": "RHSA-2025:22450", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:22450" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:22451", "reference_id": "RHSA-2025:22451", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:22451" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:22791", "reference_id": "RHSA-2025:22791", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:22791" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:22792", "reference_id": "RHSA-2025:22792", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:22792" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:22882", "reference_id": "RHSA-2025:22882", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:22882" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:22883", "reference_id": "RHSA-2025:22883", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:22883" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1992130", "reference_id": "show_bug.cgi?id=1992130", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-11-13T15:12:45Z/" } ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1992130" }, { "reference_url": "https://usn.ubuntu.com/7991-1/", "reference_id": "USN-7991-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7991-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/582812?format=api", "purl": "pkg:deb/debian/firefox@145.0-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@145.0-1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/582059?format=api", "purl": "pkg:deb/debian/firefox@149.0-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0-1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/1059611?format=api", "purl": "pkg:deb/debian/firefox@149.0.2-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0.2-1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/1076056?format=api", "purl": "pkg:deb/debian/firefox@150.0-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@150.0-1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/1088670?format=api", "purl": "pkg:deb/debian/firefox@150.0.1-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@150.0.1-1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/1105248?format=api", "purl": "pkg:deb/debian/firefox@150.0.2-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@150.0.2-1%3Fdistro=sid" } ], "aliases": [ "CVE-2025-13016" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-962a-dwqf-3ycg" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/63072?format=api", "vulnerability_id": "VCID-ccz8-tmpe-wker", "summary": "Memory safety bugs present in Firefox 144 and Thunderbird 144. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-13027.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-13027.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-13027", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00044", "scoring_system": "epss", "scoring_elements": "0.13421", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00044", "scoring_system": "epss", "scoring_elements": "0.13599", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00044", "scoring_system": "epss", "scoring_elements": "0.13562", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00044", "scoring_system": "epss", "scoring_elements": "0.13514", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00044", "scoring_system": "epss", "scoring_elements": "0.13426", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00046", "scoring_system": "epss", "scoring_elements": "0.1425", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00052", "scoring_system": "epss", "scoring_elements": "0.16284", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.00052", "scoring_system": "epss", "scoring_elements": "0.16288", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00052", "scoring_system": "epss", "scoring_elements": "0.16394", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00052", "scoring_system": "epss", "scoring_elements": "0.16243", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.00052", "scoring_system": "epss", "scoring_elements": "0.1611", "published_at": "2026-05-05T12:55:00Z" }, { "value": "0.00052", "scoring_system": "epss", "scoring_elements": "0.16226", "published_at": "2026-05-07T12:55:00Z" }, { "value": "0.00052", "scoring_system": "epss", "scoring_elements": "0.16332", "published_at": "2026-05-09T12:55:00Z" }, { "value": "0.00082", "scoring_system": "epss", "scoring_elements": "0.24182", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00082", "scoring_system": "epss", "scoring_elements": "0.24294", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00082", "scoring_system": "epss", "scoring_elements": "0.24328", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00082", "scoring_system": "epss", "scoring_elements": "0.24116", "published_at": "2026-04-07T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-13027" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2414095", "reference_id": "2414095", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2414095" }, { "reference_url": "https://bugzilla.mozilla.org/buglist.cgi?bug_id=1987237%2C1990079%2C1991715%2C1994994", "reference_id": "buglist.cgi?bug_id=1987237%2C1990079%2C1991715%2C1994994", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-11-13T04:55:42Z/" } ], "url": "https://bugzilla.mozilla.org/buglist.cgi?bug_id=1987237%2C1990079%2C1991715%2C1994994" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-87", "reference_id": "mfsa2025-87", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-87" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2025-87/", "reference_id": "mfsa2025-87", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-11-13T04:55:42Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2025-87/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-90", "reference_id": "mfsa2025-90", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-90" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2025-90/", "reference_id": "mfsa2025-90", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-11-13T04:55:42Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2025-90/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/582812?format=api", "purl": "pkg:deb/debian/firefox@145.0-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@145.0-1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/582059?format=api", "purl": "pkg:deb/debian/firefox@149.0-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0-1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/1059611?format=api", "purl": "pkg:deb/debian/firefox@149.0.2-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0.2-1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/1076056?format=api", "purl": "pkg:deb/debian/firefox@150.0-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@150.0-1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/1088670?format=api", "purl": "pkg:deb/debian/firefox@150.0.1-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@150.0.1-1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/1105248?format=api", "purl": "pkg:deb/debian/firefox@150.0.2-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@150.0.2-1%3Fdistro=sid" } ], "aliases": [ "CVE-2025-13027" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-ccz8-tmpe-wker" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/63010?format=api", "vulnerability_id": "VCID-dgwm-n1zx-qkbq", "summary": "Race condition in the Graphics component. This vulnerability affects Firefox < 145, Firefox ESR < 140.5, Firefox ESR < 115.30, Thunderbird < 145, and Thunderbird < 140.5.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-13012.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-13012.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-13012", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00033", "scoring_system": "epss", "scoring_elements": "0.09762", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00033", "scoring_system": "epss", "scoring_elements": "0.09604", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00033", "scoring_system": "epss", "scoring_elements": "0.09632", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00033", "scoring_system": "epss", "scoring_elements": "0.09746", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00033", "scoring_system": "epss", "scoring_elements": "0.09794", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00035", "scoring_system": "epss", "scoring_elements": "0.10314", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00052", "scoring_system": "epss", "scoring_elements": "0.16056", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.00052", "scoring_system": "epss", "scoring_elements": "0.16154", "published_at": "2026-05-09T12:55:00Z" }, { "value": "0.00052", "scoring_system": "epss", "scoring_elements": "0.16051", "published_at": "2026-05-07T12:55:00Z" }, { "value": "0.00052", "scoring_system": "epss", "scoring_elements": "0.15937", "published_at": "2026-05-05T12:55:00Z" }, { "value": "0.00052", "scoring_system": "epss", "scoring_elements": "0.16094", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.00052", "scoring_system": "epss", "scoring_elements": "0.16097", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00052", "scoring_system": "epss", "scoring_elements": "0.16207", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00073", "scoring_system": "epss", "scoring_elements": "0.22148", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00073", "scoring_system": "epss", "scoring_elements": "0.2223", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00073", "scoring_system": "epss", "scoring_elements": "0.22319", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00073", "scoring_system": "epss", "scoring_elements": "0.22362", "published_at": "2026-04-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-13012" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-13012", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-13012" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2414086", "reference_id": "2414086", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2414086" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-87", "reference_id": "mfsa2025-87", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-87" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2025-87/", "reference_id": "mfsa2025-87", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-11-13T15:37:17Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2025-87/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-88", "reference_id": "mfsa2025-88", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-88" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2025-88/", "reference_id": "mfsa2025-88", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-11-13T15:37:17Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2025-88/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-89", "reference_id": "mfsa2025-89", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-89" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2025-89/", "reference_id": "mfsa2025-89", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-11-13T15:37:17Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2025-89/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-90", "reference_id": "mfsa2025-90", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-90" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2025-90/", "reference_id": "mfsa2025-90", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-11-13T15:37:17Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2025-90/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-91", "reference_id": "mfsa2025-91", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-91" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2025-91/", "reference_id": "mfsa2025-91", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-11-13T15:37:17Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2025-91/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:21120", "reference_id": "RHSA-2025:21120", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:21120" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:21121", "reference_id": "RHSA-2025:21121", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:21121" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:21280", "reference_id": "RHSA-2025:21280", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:21280" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:21281", "reference_id": "RHSA-2025:21281", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:21281" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:21841", "reference_id": "RHSA-2025:21841", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:21841" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:21842", "reference_id": "RHSA-2025:21842", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:21842" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:21843", "reference_id": "RHSA-2025:21843", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:21843" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:21844", "reference_id": "RHSA-2025:21844", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:21844" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:21881", "reference_id": "RHSA-2025:21881", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:21881" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:22363", "reference_id": "RHSA-2025:22363", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:22363" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:22367", "reference_id": "RHSA-2025:22367", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:22367" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:22368", "reference_id": "RHSA-2025:22368", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:22368" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:22369", "reference_id": "RHSA-2025:22369", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:22369" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:22371", "reference_id": "RHSA-2025:22371", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:22371" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:22372", "reference_id": "RHSA-2025:22372", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:22372" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:22373", "reference_id": "RHSA-2025:22373", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:22373" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:22374", "reference_id": "RHSA-2025:22374", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:22374" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:22375", "reference_id": "RHSA-2025:22375", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:22375" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:22449", "reference_id": "RHSA-2025:22449", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:22449" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:22450", "reference_id": "RHSA-2025:22450", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:22450" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:22451", "reference_id": "RHSA-2025:22451", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:22451" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:22791", "reference_id": "RHSA-2025:22791", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:22791" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:22792", "reference_id": "RHSA-2025:22792", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:22792" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:22882", "reference_id": "RHSA-2025:22882", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:22882" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:22883", "reference_id": "RHSA-2025:22883", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:22883" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1991458", "reference_id": "show_bug.cgi?id=1991458", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-11-13T15:37:17Z/" } ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1991458" }, { "reference_url": "https://usn.ubuntu.com/7991-1/", "reference_id": "USN-7991-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7991-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/582812?format=api", "purl": "pkg:deb/debian/firefox@145.0-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@145.0-1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/582059?format=api", "purl": "pkg:deb/debian/firefox@149.0-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0-1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/1059611?format=api", "purl": "pkg:deb/debian/firefox@149.0.2-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0.2-1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/1076056?format=api", "purl": "pkg:deb/debian/firefox@150.0-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@150.0-1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/1088670?format=api", "purl": "pkg:deb/debian/firefox@150.0.1-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@150.0.1-1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/1105248?format=api", "purl": "pkg:deb/debian/firefox@150.0.2-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@150.0.2-1%3Fdistro=sid" } ], "aliases": [ "CVE-2025-13012" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-dgwm-n1zx-qkbq" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/63016?format=api", "vulnerability_id": "VCID-e7jk-vs8y-fyhr", "summary": "Use-after-free in the WebRTC: Audio/Video component. This vulnerability affects Firefox < 145, Firefox ESR < 140.5, Thunderbird < 145, and Thunderbird < 140.5.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-13020.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-13020.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-13020", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00036", "scoring_system": "epss", "scoring_elements": "0.10739", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00036", "scoring_system": "epss", "scoring_elements": "0.10752", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00036", "scoring_system": "epss", "scoring_elements": "0.10935", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00036", "scoring_system": "epss", "scoring_elements": "0.10903", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00036", "scoring_system": "epss", "scoring_elements": "0.1088", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00038", "scoring_system": "epss", "scoring_elements": "0.11442", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00056", "scoring_system": "epss", "scoring_elements": "0.17663", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00056", "scoring_system": "epss", "scoring_elements": "0.17548", "published_at": "2026-05-09T12:55:00Z" }, { "value": "0.00056", "scoring_system": "epss", "scoring_elements": "0.17452", "published_at": "2026-05-07T12:55:00Z" }, { "value": "0.00056", "scoring_system": "epss", "scoring_elements": "0.17359", "published_at": "2026-05-05T12:55:00Z" }, { "value": "0.00056", "scoring_system": "epss", "scoring_elements": "0.17494", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.00056", "scoring_system": "epss", "scoring_elements": "0.17573", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00056", "scoring_system": "epss", "scoring_elements": "0.17549", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.0008", "scoring_system": "epss", "scoring_elements": "0.23702", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.0008", "scoring_system": "epss", "scoring_elements": "0.23745", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.0008", "scoring_system": "epss", "scoring_elements": "0.23525", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.0008", "scoring_system": "epss", "scoring_elements": "0.23596", "published_at": "2026-04-08T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-13020" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-13020", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-13020" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2414085", "reference_id": "2414085", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2414085" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-87", "reference_id": "mfsa2025-87", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-87" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2025-87/", "reference_id": "mfsa2025-87", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-11-12T14:56:55Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2025-87/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-88", "reference_id": "mfsa2025-88", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-88" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2025-88/", "reference_id": "mfsa2025-88", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-11-12T14:56:55Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2025-88/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-90", "reference_id": "mfsa2025-90", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-90" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2025-90/", "reference_id": "mfsa2025-90", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-11-12T14:56:55Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2025-90/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-91", "reference_id": "mfsa2025-91", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-91" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2025-91/", "reference_id": "mfsa2025-91", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-11-12T14:56:55Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2025-91/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:21120", "reference_id": "RHSA-2025:21120", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:21120" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:21121", "reference_id": "RHSA-2025:21121", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:21121" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:21280", "reference_id": "RHSA-2025:21280", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:21280" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:21281", "reference_id": "RHSA-2025:21281", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:21281" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:21841", "reference_id": "RHSA-2025:21841", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:21841" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:21842", "reference_id": "RHSA-2025:21842", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:21842" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:21843", "reference_id": "RHSA-2025:21843", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:21843" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:21844", "reference_id": "RHSA-2025:21844", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:21844" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:21881", "reference_id": "RHSA-2025:21881", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:21881" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:22363", "reference_id": "RHSA-2025:22363", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:22363" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:22367", "reference_id": "RHSA-2025:22367", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:22367" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:22368", "reference_id": "RHSA-2025:22368", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:22368" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:22369", "reference_id": "RHSA-2025:22369", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:22369" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:22371", "reference_id": "RHSA-2025:22371", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:22371" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:22372", "reference_id": "RHSA-2025:22372", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:22372" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:22373", "reference_id": "RHSA-2025:22373", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:22373" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:22374", "reference_id": "RHSA-2025:22374", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:22374" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:22375", "reference_id": "RHSA-2025:22375", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:22375" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:22449", "reference_id": "RHSA-2025:22449", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:22449" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:22450", "reference_id": "RHSA-2025:22450", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:22450" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:22451", "reference_id": "RHSA-2025:22451", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:22451" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:22791", "reference_id": "RHSA-2025:22791", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:22791" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:22792", "reference_id": "RHSA-2025:22792", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:22792" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:22882", "reference_id": "RHSA-2025:22882", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:22882" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:22883", "reference_id": "RHSA-2025:22883", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:22883" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1995686", "reference_id": "show_bug.cgi?id=1995686", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-11-12T14:56:55Z/" } ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1995686" }, { "reference_url": "https://usn.ubuntu.com/7991-1/", "reference_id": "USN-7991-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7991-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/582812?format=api", "purl": "pkg:deb/debian/firefox@145.0-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@145.0-1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/582059?format=api", "purl": "pkg:deb/debian/firefox@149.0-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0-1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/1059611?format=api", "purl": "pkg:deb/debian/firefox@149.0.2-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0.2-1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/1076056?format=api", "purl": "pkg:deb/debian/firefox@150.0-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@150.0-1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/1088670?format=api", "purl": "pkg:deb/debian/firefox@150.0.1-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@150.0.1-1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/1105248?format=api", "purl": "pkg:deb/debian/firefox@150.0.2-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@150.0.2-1%3Fdistro=sid" } ], "aliases": [ "CVE-2025-13020" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-e7jk-vs8y-fyhr" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/63067?format=api", "vulnerability_id": "VCID-hd86-cja2-cud5", "summary": "Incorrect boundary conditions in the Graphics: WebGPU component. This vulnerability affects Firefox < 145 and Thunderbird < 145.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-13022.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-13022.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-13022", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00051", "scoring_system": "epss", "scoring_elements": "0.16015", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00051", "scoring_system": "epss", "scoring_elements": "0.16173", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00051", "scoring_system": "epss", "scoring_elements": "0.16134", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00051", "scoring_system": "epss", "scoring_elements": "0.16066", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00051", "scoring_system": "epss", "scoring_elements": "0.16001", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00053", "scoring_system": "epss", "scoring_elements": "0.16866", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00061", "scoring_system": "epss", "scoring_elements": "0.18885", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.00061", "scoring_system": "epss", "scoring_elements": "0.18901", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00061", "scoring_system": "epss", "scoring_elements": "0.19009", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00061", "scoring_system": "epss", "scoring_elements": "0.18843", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.00061", "scoring_system": "epss", "scoring_elements": "0.1872", "published_at": "2026-05-05T12:55:00Z" }, { "value": "0.00061", "scoring_system": "epss", "scoring_elements": "0.18804", "published_at": "2026-05-07T12:55:00Z" }, { "value": "0.00061", "scoring_system": "epss", "scoring_elements": "0.18908", "published_at": "2026-05-09T12:55:00Z" }, { "value": "0.00082", "scoring_system": "epss", "scoring_elements": "0.24182", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00082", "scoring_system": "epss", "scoring_elements": "0.24294", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00082", "scoring_system": "epss", "scoring_elements": "0.24328", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00082", "scoring_system": "epss", "scoring_elements": "0.24116", "published_at": "2026-04-07T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-13022" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2414077", "reference_id": "2414077", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2414077" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-87", "reference_id": "mfsa2025-87", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-87" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2025-87/", "reference_id": "mfsa2025-87", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-11-13T15:22:10Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2025-87/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-90", "reference_id": "mfsa2025-90", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-90" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2025-90/", "reference_id": "mfsa2025-90", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-11-13T15:22:10Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2025-90/" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1988488", "reference_id": "show_bug.cgi?id=1988488", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-11-13T15:22:10Z/" } ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1988488" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/582812?format=api", "purl": "pkg:deb/debian/firefox@145.0-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@145.0-1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/582059?format=api", "purl": "pkg:deb/debian/firefox@149.0-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0-1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/1059611?format=api", "purl": "pkg:deb/debian/firefox@149.0.2-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0.2-1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/1076056?format=api", "purl": "pkg:deb/debian/firefox@150.0-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@150.0-1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/1088670?format=api", "purl": "pkg:deb/debian/firefox@150.0.1-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@150.0.1-1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/1105248?format=api", "purl": "pkg:deb/debian/firefox@150.0.2-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@150.0.2-1%3Fdistro=sid" } ], "aliases": [ "CVE-2025-13022" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-hd86-cja2-cud5" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/63019?format=api", "vulnerability_id": "VCID-kdwy-7p45-hbcs", "summary": "Spoofing issue in Firefox. This vulnerability affects Firefox < 145, Firefox ESR < 140.5, Firefox ESR < 115.30, Thunderbird < 145, and Thunderbird < 140.5.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-13015.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.4", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-13015.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-13015", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00029", "scoring_system": "epss", "scoring_elements": "0.08124", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00029", "scoring_system": "epss", "scoring_elements": "0.08138", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00038", "scoring_system": "epss", "scoring_elements": "0.11268", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00038", "scoring_system": "epss", "scoring_elements": "0.11227", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.00038", "scoring_system": "epss", "scoring_elements": "0.1122", "published_at": "2026-05-07T12:55:00Z" }, { "value": "0.00038", "scoring_system": "epss", "scoring_elements": "0.11159", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.00038", "scoring_system": "epss", "scoring_elements": "0.11089", "published_at": "2026-05-05T12:55:00Z" }, { "value": "0.00038", "scoring_system": "epss", "scoring_elements": "0.1128", "published_at": "2026-05-09T12:55:00Z" }, { "value": "0.00038", "scoring_system": "epss", "scoring_elements": "0.11327", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00043", "scoring_system": "epss", "scoring_elements": "0.1334", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00043", "scoring_system": "epss", "scoring_elements": "0.13252", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00043", "scoring_system": "epss", "scoring_elements": "0.13302", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00045", "scoring_system": "epss", "scoring_elements": "0.13908", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00102", "scoring_system": "epss", "scoring_elements": "0.28116", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00102", "scoring_system": "epss", "scoring_elements": "0.28023", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00102", "scoring_system": "epss", "scoring_elements": "0.28159", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00102", "scoring_system": "epss", "scoring_elements": "0.27955", "published_at": "2026-04-07T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-13015" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-13015", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-13015" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2414090", "reference_id": "2414090", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2414090" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-87", "reference_id": "mfsa2025-87", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-87" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2025-87/", "reference_id": "mfsa2025-87", "reference_type": "", "scores": [ { "value": "3.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-11-13T15:30:38Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2025-87/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-88", "reference_id": "mfsa2025-88", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-88" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2025-88/", "reference_id": "mfsa2025-88", "reference_type": "", "scores": [ { "value": "3.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-11-13T15:30:38Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2025-88/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-89", "reference_id": "mfsa2025-89", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-89" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2025-89/", "reference_id": "mfsa2025-89", "reference_type": "", "scores": [ { "value": "3.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-11-13T15:30:38Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2025-89/" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2025-90/", "reference_id": "mfsa2025-90", "reference_type": "", "scores": [ { "value": "3.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-11-13T15:30:38Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2025-90/" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2025-91/", "reference_id": "mfsa2025-91", "reference_type": "", "scores": [ { "value": "3.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-11-13T15:30:38Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2025-91/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:21120", "reference_id": "RHSA-2025:21120", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:21120" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:21121", "reference_id": "RHSA-2025:21121", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:21121" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:21280", "reference_id": "RHSA-2025:21280", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:21280" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:21281", "reference_id": "RHSA-2025:21281", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:21281" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:21841", "reference_id": "RHSA-2025:21841", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:21841" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:21842", "reference_id": "RHSA-2025:21842", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:21842" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:21843", "reference_id": "RHSA-2025:21843", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:21843" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:21844", "reference_id": "RHSA-2025:21844", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:21844" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:21881", "reference_id": "RHSA-2025:21881", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:21881" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:22363", "reference_id": "RHSA-2025:22363", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:22363" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:22367", "reference_id": "RHSA-2025:22367", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:22367" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:22368", "reference_id": "RHSA-2025:22368", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:22368" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:22369", "reference_id": "RHSA-2025:22369", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:22369" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:22371", "reference_id": "RHSA-2025:22371", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:22371" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:22372", "reference_id": "RHSA-2025:22372", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:22372" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:22373", "reference_id": "RHSA-2025:22373", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:22373" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:22374", "reference_id": "RHSA-2025:22374", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:22374" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:22375", "reference_id": "RHSA-2025:22375", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:22375" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:22449", "reference_id": "RHSA-2025:22449", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:22449" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:22450", "reference_id": "RHSA-2025:22450", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:22450" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:22451", "reference_id": "RHSA-2025:22451", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:22451" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:22791", "reference_id": "RHSA-2025:22791", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:22791" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:22792", "reference_id": "RHSA-2025:22792", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:22792" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:22882", "reference_id": "RHSA-2025:22882", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:22882" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:22883", "reference_id": "RHSA-2025:22883", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:22883" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1994164", "reference_id": "show_bug.cgi?id=1994164", "reference_type": "", "scores": [ { "value": "3.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-11-13T15:30:38Z/" } ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1994164" }, { "reference_url": "https://usn.ubuntu.com/7991-1/", "reference_id": "USN-7991-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7991-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/582812?format=api", "purl": "pkg:deb/debian/firefox@145.0-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@145.0-1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/582059?format=api", "purl": "pkg:deb/debian/firefox@149.0-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0-1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/1059611?format=api", "purl": "pkg:deb/debian/firefox@149.0.2-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0.2-1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/1076056?format=api", "purl": "pkg:deb/debian/firefox@150.0-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@150.0-1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/1088670?format=api", "purl": "pkg:deb/debian/firefox@150.0.1-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@150.0.1-1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/1105248?format=api", "purl": "pkg:deb/debian/firefox@150.0.2-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@150.0.2-1%3Fdistro=sid" } ], "aliases": [ "CVE-2025-13015" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-kdwy-7p45-hbcs" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/63017?format=api", "vulnerability_id": "VCID-qgvy-hzsx-hkge", "summary": "Use-after-free in the Audio/Video component. This vulnerability affects Firefox < 145, Firefox ESR < 140.5, Firefox ESR < 115.30, Thunderbird < 145, and Thunderbird < 140.5.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-13014.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-13014.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-13014", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00043", "scoring_system": "epss", "scoring_elements": "0.13292", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00043", "scoring_system": "epss", "scoring_elements": "0.13254", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00043", "scoring_system": "epss", "scoring_elements": "0.13205", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00043", "scoring_system": "epss", "scoring_elements": "0.13112", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00045", "scoring_system": "epss", "scoring_elements": "0.13848", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00067", "scoring_system": "epss", "scoring_elements": "0.20527", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00067", "scoring_system": "epss", "scoring_elements": "0.20524", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.00067", "scoring_system": "epss", "scoring_elements": "0.20543", "published_at": "2026-05-09T12:55:00Z" }, { "value": "0.00067", "scoring_system": "epss", "scoring_elements": "0.20457", "published_at": "2026-05-07T12:55:00Z" }, { "value": "0.00067", "scoring_system": "epss", "scoring_elements": "0.20386", "published_at": "2026-05-05T12:55:00Z" }, { "value": "0.00067", "scoring_system": "epss", "scoring_elements": "0.20492", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.00067", "scoring_system": "epss", "scoring_elements": "0.2064", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00095", "scoring_system": "epss", "scoring_elements": "0.265", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00095", "scoring_system": "epss", "scoring_elements": "0.26456", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00095", "scoring_system": "epss", "scoring_elements": "0.26344", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00095", "scoring_system": "epss", "scoring_elements": "0.26276", "published_at": "2026-04-07T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-13014" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-13014", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-13014" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2414080", "reference_id": "2414080", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2414080" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-87", "reference_id": "mfsa2025-87", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-87" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2025-87/", "reference_id": "mfsa2025-87", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-11-12T15:33:45Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2025-87/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-88", "reference_id": "mfsa2025-88", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-88" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2025-88/", "reference_id": "mfsa2025-88", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-11-12T15:33:45Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2025-88/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-89", "reference_id": "mfsa2025-89", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-89" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2025-89/", "reference_id": "mfsa2025-89", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-11-12T15:33:45Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2025-89/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-90", "reference_id": "mfsa2025-90", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-90" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2025-90/", "reference_id": "mfsa2025-90", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-11-12T15:33:45Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2025-90/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-91", "reference_id": "mfsa2025-91", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-91" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2025-91/", "reference_id": "mfsa2025-91", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-11-12T15:33:45Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2025-91/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:21120", "reference_id": "RHSA-2025:21120", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:21120" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:21121", "reference_id": "RHSA-2025:21121", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:21121" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:21280", "reference_id": "RHSA-2025:21280", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:21280" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:21281", "reference_id": "RHSA-2025:21281", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:21281" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:21841", "reference_id": "RHSA-2025:21841", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:21841" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:21842", "reference_id": "RHSA-2025:21842", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:21842" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:21843", "reference_id": "RHSA-2025:21843", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:21843" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:21844", "reference_id": "RHSA-2025:21844", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:21844" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:21881", "reference_id": "RHSA-2025:21881", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:21881" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:22363", "reference_id": "RHSA-2025:22363", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:22363" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:22367", "reference_id": "RHSA-2025:22367", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:22367" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:22368", "reference_id": "RHSA-2025:22368", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:22368" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:22369", "reference_id": "RHSA-2025:22369", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:22369" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:22371", "reference_id": "RHSA-2025:22371", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:22371" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:22372", "reference_id": "RHSA-2025:22372", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:22372" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:22373", "reference_id": "RHSA-2025:22373", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:22373" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:22374", "reference_id": "RHSA-2025:22374", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:22374" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:22375", "reference_id": "RHSA-2025:22375", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:22375" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:22449", "reference_id": "RHSA-2025:22449", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:22449" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:22450", "reference_id": "RHSA-2025:22450", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:22450" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:22451", "reference_id": "RHSA-2025:22451", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:22451" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:22791", "reference_id": "RHSA-2025:22791", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:22791" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:22792", "reference_id": "RHSA-2025:22792", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:22792" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:22882", "reference_id": "RHSA-2025:22882", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:22882" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:22883", "reference_id": "RHSA-2025:22883", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:22883" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1994241", "reference_id": "show_bug.cgi?id=1994241", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-11-12T15:33:45Z/" } ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1994241" }, { "reference_url": "https://usn.ubuntu.com/7991-1/", "reference_id": "USN-7991-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7991-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/582812?format=api", "purl": "pkg:deb/debian/firefox@145.0-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@145.0-1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/582059?format=api", "purl": "pkg:deb/debian/firefox@149.0-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0-1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/1059611?format=api", "purl": "pkg:deb/debian/firefox@149.0.2-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0.2-1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/1076056?format=api", "purl": "pkg:deb/debian/firefox@150.0-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@150.0-1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/1088670?format=api", "purl": "pkg:deb/debian/firefox@150.0.1-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@150.0.1-1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/1105248?format=api", "purl": "pkg:deb/debian/firefox@150.0.2-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@150.0.2-1%3Fdistro=sid" } ], "aliases": [ "CVE-2025-13014" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-qgvy-hzsx-hkge" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/63071?format=api", "vulnerability_id": "VCID-uhcz-v63r-m3ft", "summary": "Sandbox escape due to incorrect boundary conditions in the Graphics: WebGPU component. This vulnerability affects Firefox < 145 and Thunderbird < 145.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-13026.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-13026.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-13026", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00051", "scoring_system": "epss", "scoring_elements": "0.16015", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00051", "scoring_system": "epss", "scoring_elements": "0.16173", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00051", "scoring_system": "epss", "scoring_elements": "0.16134", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00051", "scoring_system": "epss", "scoring_elements": "0.16066", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00051", "scoring_system": "epss", "scoring_elements": "0.16001", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00053", "scoring_system": "epss", "scoring_elements": "0.16866", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00061", "scoring_system": "epss", "scoring_elements": "0.18885", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.00061", "scoring_system": "epss", "scoring_elements": "0.18901", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00061", "scoring_system": "epss", "scoring_elements": "0.19009", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00061", "scoring_system": "epss", "scoring_elements": "0.18843", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.00061", "scoring_system": "epss", "scoring_elements": "0.1872", "published_at": "2026-05-05T12:55:00Z" }, { "value": "0.00061", "scoring_system": "epss", "scoring_elements": "0.18804", "published_at": "2026-05-07T12:55:00Z" }, { "value": "0.00061", "scoring_system": "epss", "scoring_elements": "0.18908", "published_at": "2026-05-09T12:55:00Z" }, { "value": "0.00082", "scoring_system": "epss", "scoring_elements": "0.24182", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00082", "scoring_system": "epss", "scoring_elements": "0.24294", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00082", "scoring_system": "epss", "scoring_elements": "0.24328", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00082", "scoring_system": "epss", "scoring_elements": "0.24116", "published_at": "2026-04-07T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-13026" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2414082", "reference_id": "2414082", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2414082" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-87", "reference_id": "mfsa2025-87", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-87" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2025-87/", "reference_id": "mfsa2025-87", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-11-12T15:17:23Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2025-87/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-90", "reference_id": "mfsa2025-90", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-90" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2025-90/", "reference_id": "mfsa2025-90", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-11-12T15:17:23Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2025-90/" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1994441", "reference_id": "show_bug.cgi?id=1994441", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-11-12T15:17:23Z/" } ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1994441" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/582812?format=api", "purl": "pkg:deb/debian/firefox@145.0-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@145.0-1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/582059?format=api", "purl": "pkg:deb/debian/firefox@149.0-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0-1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/1059611?format=api", "purl": "pkg:deb/debian/firefox@149.0.2-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0.2-1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/1076056?format=api", "purl": "pkg:deb/debian/firefox@150.0-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@150.0-1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/1088670?format=api", "purl": "pkg:deb/debian/firefox@150.0.1-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@150.0.1-1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/1105248?format=api", "purl": "pkg:deb/debian/firefox@150.0.2-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@150.0.2-1%3Fdistro=sid" } ], "aliases": [ "CVE-2025-13026" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-uhcz-v63r-m3ft" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/63015?format=api", "vulnerability_id": "VCID-ukut-zyjx-93gq", "summary": "Mitigation bypass in the DOM: Core & HTML component. This vulnerability affects Firefox < 145, Firefox ESR < 140.5, Firefox ESR < 115.30, Thunderbird < 145, and Thunderbird < 140.5.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-13013.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-13013.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-13013", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0004", "scoring_system": "epss", "scoring_elements": "0.12141", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.0004", "scoring_system": "epss", "scoring_elements": "0.11977", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.0004", "scoring_system": "epss", "scoring_elements": "0.1198", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.0004", "scoring_system": "epss", "scoring_elements": "0.12109", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.0004", "scoring_system": "epss", "scoring_elements": "0.12178", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00041", "scoring_system": "epss", "scoring_elements": "0.12681", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00054", "scoring_system": "epss", "scoring_elements": "0.16841", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.00054", "scoring_system": "epss", "scoring_elements": "0.16933", "published_at": "2026-05-09T12:55:00Z" }, { "value": "0.00054", "scoring_system": "epss", "scoring_elements": "0.16826", "published_at": "2026-05-07T12:55:00Z" }, { "value": "0.00054", "scoring_system": "epss", "scoring_elements": "0.16709", "published_at": "2026-05-05T12:55:00Z" }, { "value": "0.00054", "scoring_system": "epss", "scoring_elements": "0.16891", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.00054", "scoring_system": "epss", "scoring_elements": "0.16907", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00054", "scoring_system": "epss", "scoring_elements": "0.17003", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00094", "scoring_system": "epss", "scoring_elements": "0.26086", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00094", "scoring_system": "epss", "scoring_elements": "0.26153", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00094", "scoring_system": "epss", "scoring_elements": "0.26272", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00094", "scoring_system": "epss", "scoring_elements": "0.26314", "published_at": "2026-04-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-13013" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-13013", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-13013" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2414091", "reference_id": "2414091", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2414091" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-87", "reference_id": "mfsa2025-87", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-87" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2025-87/", "reference_id": "mfsa2025-87", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-11-13T15:35:19Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2025-87/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-88", "reference_id": "mfsa2025-88", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-88" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2025-88/", "reference_id": "mfsa2025-88", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-11-13T15:35:19Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2025-88/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-89", "reference_id": "mfsa2025-89", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-89" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2025-89/", "reference_id": "mfsa2025-89", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-11-13T15:35:19Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2025-89/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-90", "reference_id": "mfsa2025-90", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-90" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2025-90/", "reference_id": "mfsa2025-90", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-11-13T15:35:19Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2025-90/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-91", "reference_id": "mfsa2025-91", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-91" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2025-91/", "reference_id": "mfsa2025-91", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-11-13T15:35:19Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2025-91/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:21120", "reference_id": "RHSA-2025:21120", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:21120" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:21121", "reference_id": "RHSA-2025:21121", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:21121" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:21280", "reference_id": "RHSA-2025:21280", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:21280" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:21281", "reference_id": "RHSA-2025:21281", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:21281" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:21841", "reference_id": "RHSA-2025:21841", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:21841" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:21842", "reference_id": "RHSA-2025:21842", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:21842" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:21843", "reference_id": "RHSA-2025:21843", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:21843" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:21844", "reference_id": "RHSA-2025:21844", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:21844" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:21881", "reference_id": "RHSA-2025:21881", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:21881" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:22363", "reference_id": "RHSA-2025:22363", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:22363" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:22367", "reference_id": "RHSA-2025:22367", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:22367" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:22368", "reference_id": "RHSA-2025:22368", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:22368" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:22369", "reference_id": "RHSA-2025:22369", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:22369" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:22371", "reference_id": "RHSA-2025:22371", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:22371" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:22372", "reference_id": "RHSA-2025:22372", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:22372" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:22373", "reference_id": "RHSA-2025:22373", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:22373" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:22374", "reference_id": "RHSA-2025:22374", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:22374" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:22375", "reference_id": "RHSA-2025:22375", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:22375" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:22449", "reference_id": "RHSA-2025:22449", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:22449" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:22450", "reference_id": "RHSA-2025:22450", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:22450" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:22451", "reference_id": "RHSA-2025:22451", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:22451" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:22791", "reference_id": "RHSA-2025:22791", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:22791" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:22792", "reference_id": "RHSA-2025:22792", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:22792" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:22882", "reference_id": "RHSA-2025:22882", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:22882" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:22883", "reference_id": "RHSA-2025:22883", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:22883" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1991945", "reference_id": "show_bug.cgi?id=1991945", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-11-13T15:35:19Z/" } ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1991945" }, { "reference_url": "https://usn.ubuntu.com/7991-1/", "reference_id": "USN-7991-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7991-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/582812?format=api", "purl": "pkg:deb/debian/firefox@145.0-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@145.0-1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/582059?format=api", "purl": "pkg:deb/debian/firefox@149.0-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0-1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/1059611?format=api", "purl": "pkg:deb/debian/firefox@149.0.2-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0.2-1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/1076056?format=api", "purl": "pkg:deb/debian/firefox@150.0-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@150.0-1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/1088670?format=api", "purl": "pkg:deb/debian/firefox@150.0.1-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@150.0.1-1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/1105248?format=api", "purl": "pkg:deb/debian/firefox@150.0.2-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@150.0.2-1%3Fdistro=sid" } ], "aliases": [ "CVE-2025-13013" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-ukut-zyjx-93gq" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/63012?format=api", "vulnerability_id": "VCID-wz6r-xzm9-m7hp", "summary": "Same-origin policy bypass in the DOM: Notifications component. This vulnerability affects Firefox < 145, Firefox ESR < 140.5, Thunderbird < 145, and Thunderbird < 140.5.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-13017.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-13017.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-13017", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00025", "scoring_system": "epss", "scoring_elements": "0.06945", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00025", "scoring_system": "epss", "scoring_elements": "0.06929", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00025", "scoring_system": "epss", "scoring_elements": "0.07023", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00025", "scoring_system": "epss", "scoring_elements": "0.07013", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00025", "scoring_system": "epss", "scoring_elements": "0.07006", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00026", "scoring_system": "epss", "scoring_elements": "0.0734", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00034", "scoring_system": "epss", "scoring_elements": "0.10189", "published_at": "2026-05-09T12:55:00Z" }, { "value": "0.00034", "scoring_system": "epss", "scoring_elements": "0.10121", "published_at": "2026-05-07T12:55:00Z" }, { "value": "0.00034", "scoring_system": "epss", "scoring_elements": "0.09971", "published_at": "2026-05-05T12:55:00Z" }, { "value": "0.00034", "scoring_system": "epss", "scoring_elements": "0.10034", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.00034", "scoring_system": "epss", "scoring_elements": "0.10136", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00034", "scoring_system": "epss", "scoring_elements": "0.10112", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00034", "scoring_system": "epss", "scoring_elements": "0.10092", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.00059", "scoring_system": "epss", "scoring_elements": "0.18708", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00059", "scoring_system": "epss", "scoring_elements": "0.18762", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00059", "scoring_system": "epss", "scoring_elements": "0.18478", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00059", "scoring_system": "epss", "scoring_elements": "0.18559", "published_at": "2026-04-08T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-13017" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-13017", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-13017" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2414092", "reference_id": "2414092", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2414092" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-87", "reference_id": "mfsa2025-87", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-87" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2025-87/", "reference_id": "mfsa2025-87", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-11-12T15:14:51Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2025-87/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-88", "reference_id": "mfsa2025-88", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-88" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2025-88/", "reference_id": "mfsa2025-88", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-11-12T15:14:51Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2025-88/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-90", "reference_id": "mfsa2025-90", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-90" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2025-90/", "reference_id": "mfsa2025-90", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-11-12T15:14:51Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2025-90/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-91", "reference_id": "mfsa2025-91", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-91" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2025-91/", "reference_id": "mfsa2025-91", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-11-12T15:14:51Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2025-91/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:21120", "reference_id": "RHSA-2025:21120", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:21120" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:21121", "reference_id": "RHSA-2025:21121", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:21121" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:21280", "reference_id": "RHSA-2025:21280", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:21280" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:21281", "reference_id": "RHSA-2025:21281", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:21281" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:21841", "reference_id": "RHSA-2025:21841", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:21841" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:21842", "reference_id": "RHSA-2025:21842", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:21842" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:21843", "reference_id": "RHSA-2025:21843", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:21843" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:21844", "reference_id": "RHSA-2025:21844", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:21844" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:21881", "reference_id": "RHSA-2025:21881", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:21881" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:22363", "reference_id": "RHSA-2025:22363", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:22363" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:22367", "reference_id": "RHSA-2025:22367", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:22367" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:22368", "reference_id": "RHSA-2025:22368", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:22368" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:22369", "reference_id": "RHSA-2025:22369", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:22369" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:22371", "reference_id": "RHSA-2025:22371", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:22371" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:22372", "reference_id": "RHSA-2025:22372", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:22372" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:22373", "reference_id": "RHSA-2025:22373", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:22373" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:22374", "reference_id": "RHSA-2025:22374", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:22374" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:22375", "reference_id": "RHSA-2025:22375", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:22375" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:22449", "reference_id": "RHSA-2025:22449", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:22449" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:22450", "reference_id": "RHSA-2025:22450", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:22450" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:22451", "reference_id": "RHSA-2025:22451", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:22451" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:22791", "reference_id": "RHSA-2025:22791", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:22791" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:22792", "reference_id": "RHSA-2025:22792", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:22792" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:22882", "reference_id": "RHSA-2025:22882", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:22882" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:22883", "reference_id": "RHSA-2025:22883", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:22883" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1980904", "reference_id": "show_bug.cgi?id=1980904", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-11-12T15:14:51Z/" } ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1980904" }, { "reference_url": "https://usn.ubuntu.com/7991-1/", "reference_id": "USN-7991-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7991-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/582812?format=api", "purl": "pkg:deb/debian/firefox@145.0-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@145.0-1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/582059?format=api", "purl": "pkg:deb/debian/firefox@149.0-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0-1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/1059611?format=api", "purl": "pkg:deb/debian/firefox@149.0.2-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0.2-1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/1076056?format=api", "purl": "pkg:deb/debian/firefox@150.0-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@150.0-1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/1088670?format=api", "purl": "pkg:deb/debian/firefox@150.0.1-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@150.0.1-1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/1105248?format=api", "purl": "pkg:deb/debian/firefox@150.0.2-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@150.0.2-1%3Fdistro=sid" } ], "aliases": [ "CVE-2025-13017" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-wz6r-xzm9-m7hp" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/63066?format=api", "vulnerability_id": "VCID-xcze-cha6-3qcd", "summary": "Incorrect boundary conditions in the Graphics: WebGPU component. This vulnerability affects Firefox < 145 and Thunderbird < 145.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-13021.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-13021.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-13021", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00051", "scoring_system": "epss", "scoring_elements": "0.16015", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00051", "scoring_system": "epss", "scoring_elements": "0.16173", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00051", "scoring_system": "epss", "scoring_elements": "0.16134", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00051", "scoring_system": "epss", "scoring_elements": "0.16066", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00051", "scoring_system": "epss", "scoring_elements": "0.16001", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00053", "scoring_system": "epss", "scoring_elements": "0.16866", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00061", "scoring_system": "epss", "scoring_elements": "0.18885", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.00061", "scoring_system": "epss", "scoring_elements": "0.18901", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00061", "scoring_system": "epss", "scoring_elements": "0.19009", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00061", "scoring_system": "epss", "scoring_elements": "0.18843", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.00061", "scoring_system": "epss", "scoring_elements": "0.1872", "published_at": "2026-05-05T12:55:00Z" }, { "value": "0.00061", "scoring_system": "epss", "scoring_elements": "0.18804", "published_at": "2026-05-07T12:55:00Z" }, { "value": "0.00061", "scoring_system": "epss", "scoring_elements": "0.18908", "published_at": "2026-05-09T12:55:00Z" }, { "value": "0.00082", "scoring_system": "epss", "scoring_elements": "0.24182", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00082", "scoring_system": "epss", "scoring_elements": "0.24294", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00082", "scoring_system": "epss", "scoring_elements": "0.24328", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00082", "scoring_system": "epss", "scoring_elements": "0.24116", "published_at": "2026-04-07T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-13021" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2414075", "reference_id": "2414075", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2414075" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-87", "reference_id": "mfsa2025-87", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-87" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2025-87/", "reference_id": "mfsa2025-87", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-11-13T15:25:13Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2025-87/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-90", "reference_id": "mfsa2025-90", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-90" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2025-90/", "reference_id": "mfsa2025-90", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-11-13T15:25:13Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2025-90/" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1986431", "reference_id": "show_bug.cgi?id=1986431", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-11-13T15:25:13Z/" } ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1986431" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/582812?format=api", "purl": "pkg:deb/debian/firefox@145.0-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@145.0-1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/582059?format=api", "purl": "pkg:deb/debian/firefox@149.0-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0-1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/1059611?format=api", "purl": "pkg:deb/debian/firefox@149.0.2-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0.2-1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/1076056?format=api", "purl": "pkg:deb/debian/firefox@150.0-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@150.0-1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/1088670?format=api", "purl": "pkg:deb/debian/firefox@150.0.1-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@150.0.1-1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/1105248?format=api", "purl": "pkg:deb/debian/firefox@150.0.2-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@150.0.2-1%3Fdistro=sid" } ], "aliases": [ "CVE-2025-13021" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-xcze-cha6-3qcd" } ], "risk_score": null, "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@145.0-1%3Fdistro=sid" }