Package Instance

reference_id

dsa-5561

reference_type

scores

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-11-25T19:19:02Z/

url

https://www.mozilla.org/en-US/security/advisories/mfsa2023-49

reference_url	https://security.gentoo.org/glsa/202402-25
reference_id	GLSA-202402-25
reference_type
scores
url	https://security.gentoo.org/glsa/202402-25

reference_url

reference_id

mfsa2023-49

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2023-49

reference_url

https://www.mozilla.org/security/advisories/mfsa2023-49/

reference_id

mfsa2023-49

reference_type

scores

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-11-25T19:19:02Z/

url

https://www.mozilla.org/security/advisories/mfsa2023-49/

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2023-50

reference_id

mfsa2023-50

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2023-50

reference_url

https://www.mozilla.org/security/advisories/mfsa2023-50/

reference_id

mfsa2023-50

reference_type

scores

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-11-25T19:19:02Z/

url

https://www.mozilla.org/security/advisories/mfsa2023-50/

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2023-52

reference_id

mfsa2023-52

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2023-52

reference_url

https://www.mozilla.org/security/advisories/mfsa2023-52/

reference_id

mfsa2023-52

reference_type

scores

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-11-25T19:19:02Z/

url

https://www.mozilla.org/security/advisories/mfsa2023-52/

reference_url

https://lists.debian.org/debian-lts-announce/2023/11/msg00017.html

reference_id

msg00017.html

reference_type

scores

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-11-25T19:19:02Z/

url

https://lists.debian.org/debian-lts-announce/2023/11/msg00017.html

reference_url

https://lists.debian.org/debian-lts-announce/2023/11/msg00030.html

reference_id

msg00030.html

reference_type

scores

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-11-25T19:19:02Z/

url

https://lists.debian.org/debian-lts-announce/2023/11/msg00030.html

reference_url	https://access.redhat.com/errata/RHSA-2023:7499
reference_id	RHSA-2023:7499
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:7499

reference_url	https://access.redhat.com/errata/RHSA-2023:7500
reference_id	RHSA-2023:7500
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:7500

reference_url	https://access.redhat.com/errata/RHSA-2023:7501
reference_id	RHSA-2023:7501
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:7501

reference_url	https://access.redhat.com/errata/RHSA-2023:7502
reference_id	RHSA-2023:7502
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:7502

reference_url	https://access.redhat.com/errata/RHSA-2023:7503
reference_id	RHSA-2023:7503
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:7503

reference_url	https://access.redhat.com/errata/RHSA-2023:7504
reference_id	RHSA-2023:7504
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:7504

reference_url	https://access.redhat.com/errata/RHSA-2023:7505
reference_id	RHSA-2023:7505
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:7505

reference_url	https://access.redhat.com/errata/RHSA-2023:7506
reference_id	RHSA-2023:7506
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:7506

reference_url	https://access.redhat.com/errata/RHSA-2023:7507
reference_id	RHSA-2023:7507
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:7507

reference_url	https://access.redhat.com/errata/RHSA-2023:7508
reference_id	RHSA-2023:7508
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:7508

reference_url	https://access.redhat.com/errata/RHSA-2023:7509
reference_id	RHSA-2023:7509
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:7509

reference_url	https://access.redhat.com/errata/RHSA-2023:7510
reference_id	RHSA-2023:7510
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:7510

reference_url	https://access.redhat.com/errata/RHSA-2023:7511
reference_id	RHSA-2023:7511
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:7511

reference_url	https://access.redhat.com/errata/RHSA-2023:7512
reference_id	RHSA-2023:7512
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:7512

reference_url	https://access.redhat.com/errata/RHSA-2023:7547
reference_id	RHSA-2023:7547
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:7547

reference_url	https://access.redhat.com/errata/RHSA-2023:7569
reference_id	RHSA-2023:7569
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:7569

reference_url	https://access.redhat.com/errata/RHSA-2023:7570
reference_id	RHSA-2023:7570
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:7570

reference_url	https://access.redhat.com/errata/RHSA-2023:7573
reference_id	RHSA-2023:7573
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:7573

reference_url	https://access.redhat.com/errata/RHSA-2023:7574
reference_id	RHSA-2023:7574
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:7574

reference_url	https://access.redhat.com/errata/RHSA-2023:7577
reference_id	RHSA-2023:7577
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:7577

reference_url

https://bugzilla.mozilla.org/show_bug.cgi?id=1854076

reference_id

show_bug.cgi?id=1854076

reference_type

scores

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-11-25T19:19:02Z/

url

https://bugzilla.mozilla.org/show_bug.cgi?id=1854076

reference_url	https://usn.ubuntu.com/6509-1/
reference_id	USN-6509-1
reference_type
scores
url	https://usn.ubuntu.com/6509-1/

reference_url	https://usn.ubuntu.com/6515-1/
reference_id	USN-6515-1
reference_type
scores
url	https://usn.ubuntu.com/6515-1/

fixed_packages

url	pkg:ebuild/mail-client/thunderbird-bin@115.7.0
purl	pkg:ebuild/mail-client/thunderbird-bin@115.7.0
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:ebuild/mail-client/thunderbird-bin@115.7.0

aliases CVE-2023-6205

risk_score 4.0

exploitability 0.5

weighted_severity 8.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-1hrm-k4f9-c3dq

url VCID-1xzb-e8as-yqfb

vulnerability_id VCID-1xzb-e8as-yqfb

summary A phishing site could have repurposed an `about:` dialog to show phishing content with an incorrect origin in the address bar. This vulnerability affects Firefox < 122 and Thunderbird < 115.7.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-0749.json

reference_id

reference_type

scores

value	6.1
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-0749.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2024-0749

reference_id

reference_type

scores

value	0.00338
scoring_system	epss
scoring_elements	0.57056
published_at	2026-06-12T12:55:00Z

value	0.00338
scoring_system	epss
scoring_elements	0.56937
published_at	2026-06-11T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2024-0749

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-0741
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-0741

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-0742
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-0742

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-0746
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-0746

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-0747
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-0747

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-0749
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-0749

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-0750
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-0750

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-0751
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-0751

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-0753
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-0753

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-0755
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-0755

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2259930
reference_id	2259930
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2259930

reference_url	https://security.gentoo.org/glsa/202402-25
reference_id	GLSA-202402-25
reference_type
scores
url	https://security.gentoo.org/glsa/202402-25

reference_url	https://security.gentoo.org/glsa/202402-26
reference_id	GLSA-202402-26
reference_type
scores
url	https://security.gentoo.org/glsa/202402-26

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2024-01

reference_id

mfsa2024-01

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2024-01

reference_url

https://www.mozilla.org/security/advisories/mfsa2024-01/

reference_id

mfsa2024-01

reference_type

scores

value	4.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-01-29T19:41:27Z/

url

https://www.mozilla.org/security/advisories/mfsa2024-01/

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2024-04

reference_id

mfsa2024-04

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2024-04

reference_url

https://www.mozilla.org/security/advisories/mfsa2024-04/

reference_id

mfsa2024-04

reference_type

scores

value	4.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-01-29T19:41:27Z/

url

https://www.mozilla.org/security/advisories/mfsa2024-04/

reference_url

https://lists.debian.org/debian-lts-announce/2024/01/msg00015.html

reference_id

msg00015.html

reference_type

scores

value	4.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-01-29T19:41:27Z/

url

https://lists.debian.org/debian-lts-announce/2024/01/msg00015.html

reference_url

https://lists.debian.org/debian-lts-announce/2024/01/msg00022.html

reference_id

msg00022.html

reference_type

scores

value	4.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-01-29T19:41:27Z/

url

https://lists.debian.org/debian-lts-announce/2024/01/msg00022.html

reference_url	https://access.redhat.com/errata/RHSA-2024:0559
reference_id	RHSA-2024:0559
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0559

reference_url	https://access.redhat.com/errata/RHSA-2024:0565
reference_id	RHSA-2024:0565
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0565

reference_url	https://access.redhat.com/errata/RHSA-2024:0596
reference_id	RHSA-2024:0596
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0596

reference_url	https://access.redhat.com/errata/RHSA-2024:0598
reference_id	RHSA-2024:0598
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0598

reference_url	https://access.redhat.com/errata/RHSA-2024:0600
reference_id	RHSA-2024:0600
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0600

reference_url	https://access.redhat.com/errata/RHSA-2024:0601
reference_id	RHSA-2024:0601
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0601

reference_url	https://access.redhat.com/errata/RHSA-2024:0602
reference_id	RHSA-2024:0602
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0602

reference_url	https://access.redhat.com/errata/RHSA-2024:0603
reference_id	RHSA-2024:0603
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0603

reference_url	https://access.redhat.com/errata/RHSA-2024:0604
reference_id	RHSA-2024:0604
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0604

reference_url	https://access.redhat.com/errata/RHSA-2024:0605
reference_id	RHSA-2024:0605
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0605

reference_url	https://access.redhat.com/errata/RHSA-2024:0608
reference_id	RHSA-2024:0608
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0608

reference_url	https://access.redhat.com/errata/RHSA-2024:0609
reference_id	RHSA-2024:0609
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0609

reference_url	https://access.redhat.com/errata/RHSA-2024:0615
reference_id	RHSA-2024:0615
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0615

reference_url	https://access.redhat.com/errata/RHSA-2024:0616
reference_id	RHSA-2024:0616
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0616

reference_url	https://access.redhat.com/errata/RHSA-2024:0618
reference_id	RHSA-2024:0618
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0618

reference_url	https://access.redhat.com/errata/RHSA-2024:0619
reference_id	RHSA-2024:0619
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0619

reference_url	https://access.redhat.com/errata/RHSA-2024:0622
reference_id	RHSA-2024:0622
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0622

reference_url	https://access.redhat.com/errata/RHSA-2024:0623
reference_id	RHSA-2024:0623
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0623

reference_url

https://bugzilla.mozilla.org/show_bug.cgi?id=1813463

reference_id

show_bug.cgi?id=1813463

reference_type

scores

value	4.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-01-29T19:41:27Z/

url

https://bugzilla.mozilla.org/show_bug.cgi?id=1813463

reference_url	https://usn.ubuntu.com/6610-1/
reference_id	USN-6610-1
reference_type
scores
url	https://usn.ubuntu.com/6610-1/

reference_url	https://usn.ubuntu.com/6669-1/
reference_id	USN-6669-1
reference_type
scores
url	https://usn.ubuntu.com/6669-1/

fixed_packages

url	pkg:ebuild/mail-client/thunderbird-bin@115.7.0
purl	pkg:ebuild/mail-client/thunderbird-bin@115.7.0
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:ebuild/mail-client/thunderbird-bin@115.7.0

aliases CVE-2024-0749

risk_score 4.0

exploitability 0.5

weighted_severity 8.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-1xzb-e8as-yqfb

url VCID-22y5-qnrx-nye4

vulnerability_id VCID-22y5-qnrx-nye4

summary Multiple vulnerabilities have been discovered in Mozilla Thunderbird, the worst of which could lead to remote code execution.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-6209.json

reference_id

reference_type

scores

value	6.1
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-6209.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2023-6209

reference_id

reference_type

scores

value	0.00378
scoring_system	epss
scoring_elements	0.59736
published_at	2026-06-11T12:55:00Z

value	0.00378
scoring_system	epss
scoring_elements	0.59844
published_at	2026-06-12T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2023-6209

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6204
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6204

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6205
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6205

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6206
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6206

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6207
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6207

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6208
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6208

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6209
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6209

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6212
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6212

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2250901
reference_id	2250901
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2250901

reference_url	https://security.gentoo.org/glsa/202402-25
reference_id	GLSA-202402-25
reference_type
scores
url	https://security.gentoo.org/glsa/202402-25

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2023-49

reference_id

mfsa2023-49

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2023-49

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2023-50

reference_id

mfsa2023-50

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2023-50

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2023-52

reference_id

mfsa2023-52

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2023-52

reference_url	https://access.redhat.com/errata/RHSA-2023:7499
reference_id	RHSA-2023:7499
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:7499

reference_url	https://access.redhat.com/errata/RHSA-2023:7500
reference_id	RHSA-2023:7500
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:7500

reference_url	https://access.redhat.com/errata/RHSA-2023:7501
reference_id	RHSA-2023:7501
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:7501

reference_url	https://access.redhat.com/errata/RHSA-2023:7502
reference_id	RHSA-2023:7502
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:7502

reference_url	https://access.redhat.com/errata/RHSA-2023:7503
reference_id	RHSA-2023:7503
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:7503

reference_url	https://access.redhat.com/errata/RHSA-2023:7504
reference_id	RHSA-2023:7504
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:7504

reference_url	https://access.redhat.com/errata/RHSA-2023:7505
reference_id	RHSA-2023:7505
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:7505

reference_url	https://access.redhat.com/errata/RHSA-2023:7506
reference_id	RHSA-2023:7506
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:7506

reference_url	https://access.redhat.com/errata/RHSA-2023:7507
reference_id	RHSA-2023:7507
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:7507

reference_url	https://access.redhat.com/errata/RHSA-2023:7508
reference_id	RHSA-2023:7508
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:7508

reference_url	https://access.redhat.com/errata/RHSA-2023:7509
reference_id	RHSA-2023:7509
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:7509

reference_url	https://access.redhat.com/errata/RHSA-2023:7510
reference_id	RHSA-2023:7510
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:7510

reference_url	https://access.redhat.com/errata/RHSA-2023:7511
reference_id	RHSA-2023:7511
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:7511

reference_url	https://access.redhat.com/errata/RHSA-2023:7512
reference_id	RHSA-2023:7512
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:7512

reference_url	https://access.redhat.com/errata/RHSA-2023:7547
reference_id	RHSA-2023:7547
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:7547

reference_url	https://access.redhat.com/errata/RHSA-2023:7569
reference_id	RHSA-2023:7569
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:7569

reference_url	https://access.redhat.com/errata/RHSA-2023:7570
reference_id	RHSA-2023:7570
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:7570

reference_url	https://access.redhat.com/errata/RHSA-2023:7573
reference_id	RHSA-2023:7573
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:7573

reference_url	https://access.redhat.com/errata/RHSA-2023:7574
reference_id	RHSA-2023:7574
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:7574

reference_url	https://access.redhat.com/errata/RHSA-2023:7577
reference_id	RHSA-2023:7577
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:7577

reference_url	https://usn.ubuntu.com/6509-1/
reference_id	USN-6509-1
reference_type
scores
url	https://usn.ubuntu.com/6509-1/

reference_url	https://usn.ubuntu.com/6515-1/
reference_id	USN-6515-1
reference_type
scores
url	https://usn.ubuntu.com/6515-1/

fixed_packages

url	pkg:ebuild/mail-client/thunderbird-bin@115.7.0
purl	pkg:ebuild/mail-client/thunderbird-bin@115.7.0
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:ebuild/mail-client/thunderbird-bin@115.7.0

aliases CVE-2023-6209

risk_score 4.0

exploitability 0.5

weighted_severity 8.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-22y5-qnrx-nye4

url VCID-2521-mfj6-p7av

vulnerability_id VCID-2521-mfj6-p7av

summary In specific HSTS configurations an attacker could have bypassed HSTS on a subdomain. This vulnerability affects Firefox < 122, Firefox ESR < 115.7, and Thunderbird < 115.7.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-0753.json

reference_id

reference_type

scores

value	6.1
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-0753.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2024-0753

reference_id

reference_type

scores

value	0.00327
scoring_system	epss
scoring_elements	0.56136
published_at	2026-06-12T12:55:00Z

value	0.00327
scoring_system	epss
scoring_elements	0.56016
published_at	2026-06-11T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2024-0753

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-0741
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-0741

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-0742
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-0742

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-0746
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-0746

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-0747
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-0747

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-0749
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-0749

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-0750
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-0750

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-0751
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-0751

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-0753
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-0753

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-0755
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-0755

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2259933
reference_id	2259933
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2259933

reference_url	https://security.gentoo.org/glsa/202402-25
reference_id	GLSA-202402-25
reference_type
scores
url	https://security.gentoo.org/glsa/202402-25

reference_url	https://security.gentoo.org/glsa/202402-26
reference_id	GLSA-202402-26
reference_type
scores
url	https://security.gentoo.org/glsa/202402-26

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2024-01

reference_id

mfsa2024-01

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2024-01

reference_url

https://www.mozilla.org/security/advisories/mfsa2024-01/

reference_id

mfsa2024-01

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-08T17:35:23Z/

url

https://www.mozilla.org/security/advisories/mfsa2024-01/

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2024-02

reference_id

mfsa2024-02

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2024-02

reference_url

https://www.mozilla.org/security/advisories/mfsa2024-02/

reference_id

mfsa2024-02

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-08T17:35:23Z/

url

https://www.mozilla.org/security/advisories/mfsa2024-02/

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2024-04

reference_id

mfsa2024-04

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2024-04

reference_url

https://www.mozilla.org/security/advisories/mfsa2024-04/

reference_id

mfsa2024-04

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-08T17:35:23Z/

url

https://www.mozilla.org/security/advisories/mfsa2024-04/

reference_url

https://lists.debian.org/debian-lts-announce/2024/01/msg00015.html

reference_id

msg00015.html

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-08T17:35:23Z/

url

https://lists.debian.org/debian-lts-announce/2024/01/msg00015.html

reference_url

https://lists.debian.org/debian-lts-announce/2024/01/msg00022.html

reference_id

msg00022.html

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-08T17:35:23Z/

url

https://lists.debian.org/debian-lts-announce/2024/01/msg00022.html

reference_url	https://access.redhat.com/errata/RHSA-2024:0559
reference_id	RHSA-2024:0559
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0559

reference_url	https://access.redhat.com/errata/RHSA-2024:0565
reference_id	RHSA-2024:0565
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0565

reference_url	https://access.redhat.com/errata/RHSA-2024:0596
reference_id	RHSA-2024:0596
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0596

reference_url	https://access.redhat.com/errata/RHSA-2024:0598
reference_id	RHSA-2024:0598
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0598

reference_url	https://access.redhat.com/errata/RHSA-2024:0600
reference_id	RHSA-2024:0600
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0600

reference_url	https://access.redhat.com/errata/RHSA-2024:0601
reference_id	RHSA-2024:0601
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0601

reference_url	https://access.redhat.com/errata/RHSA-2024:0602
reference_id	RHSA-2024:0602
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0602

reference_url	https://access.redhat.com/errata/RHSA-2024:0603
reference_id	RHSA-2024:0603
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0603

reference_url	https://access.redhat.com/errata/RHSA-2024:0604
reference_id	RHSA-2024:0604
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0604

reference_url	https://access.redhat.com/errata/RHSA-2024:0605
reference_id	RHSA-2024:0605
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0605

reference_url	https://access.redhat.com/errata/RHSA-2024:0608
reference_id	RHSA-2024:0608
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0608

reference_url	https://access.redhat.com/errata/RHSA-2024:0609
reference_id	RHSA-2024:0609
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0609

reference_url	https://access.redhat.com/errata/RHSA-2024:0615
reference_id	RHSA-2024:0615
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0615

reference_url	https://access.redhat.com/errata/RHSA-2024:0616
reference_id	RHSA-2024:0616
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0616

reference_url	https://access.redhat.com/errata/RHSA-2024:0618
reference_id	RHSA-2024:0618
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0618

reference_url	https://access.redhat.com/errata/RHSA-2024:0619
reference_id	RHSA-2024:0619
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0619

reference_url	https://access.redhat.com/errata/RHSA-2024:0622
reference_id	RHSA-2024:0622
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0622

reference_url	https://access.redhat.com/errata/RHSA-2024:0623
reference_id	RHSA-2024:0623
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0623

reference_url

https://bugzilla.mozilla.org/show_bug.cgi?id=1870262

reference_id

show_bug.cgi?id=1870262

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-08T17:35:23Z/

url

https://bugzilla.mozilla.org/show_bug.cgi?id=1870262

reference_url	https://usn.ubuntu.com/6610-1/
reference_id	USN-6610-1
reference_type
scores
url	https://usn.ubuntu.com/6610-1/

reference_url	https://usn.ubuntu.com/6669-1/
reference_id	USN-6669-1
reference_type
scores
url	https://usn.ubuntu.com/6669-1/

fixed_packages

url	pkg:ebuild/mail-client/thunderbird-bin@115.7.0
purl	pkg:ebuild/mail-client/thunderbird-bin@115.7.0
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:ebuild/mail-client/thunderbird-bin@115.7.0

aliases CVE-2024-0753

risk_score 4.0

exploitability 0.5

weighted_severity 8.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-2521-mfj6-p7av

url VCID-25up-n1fr-jkat

vulnerability_id VCID-25up-n1fr-jkat

summary Memory safety bugs present in Firefox 121, Firefox ESR 115.6, and Thunderbird 115.6. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 122, Firefox ESR < 115.7, and Thunderbird < 115.7.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-0755.json

reference_id

reference_type

scores

value	8.8
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-0755.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2024-0755

reference_id

reference_type

scores

value	0.00646
scoring_system	epss
scoring_elements	0.71286
published_at	2026-06-12T12:55:00Z

value	0.00646
scoring_system	epss
scoring_elements	0.71196
published_at	2026-06-11T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2024-0755

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-0741
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-0741

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-0742
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-0742

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-0746
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-0746

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-0747
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-0747

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-0749
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-0749

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-0750
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-0750

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-0751
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-0751

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-0753
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-0753

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-0755
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-0755

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2259934
reference_id	2259934
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2259934

reference_url

https://bugzilla.mozilla.org/buglist.cgi?bug_id=1868456%2C1871445%2C1873701

reference_id

buglist.cgi?bug_id=1868456%2C1871445%2C1873701

reference_type

scores

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-02-06T05:00:17Z/

url

https://bugzilla.mozilla.org/buglist.cgi?bug_id=1868456%2C1871445%2C1873701

reference_url	https://security.gentoo.org/glsa/202402-25
reference_id	GLSA-202402-25
reference_type
scores
url	https://security.gentoo.org/glsa/202402-25

reference_url	https://security.gentoo.org/glsa/202402-26
reference_id	GLSA-202402-26
reference_type
scores
url	https://security.gentoo.org/glsa/202402-26

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2024-01

reference_id

mfsa2024-01

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2024-01

reference_url

https://www.mozilla.org/security/advisories/mfsa2024-01/

reference_id

mfsa2024-01

reference_type

scores

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-02-06T05:00:17Z/

url

https://www.mozilla.org/security/advisories/mfsa2024-01/

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2024-02

reference_id

mfsa2024-02

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2024-02

reference_url

https://www.mozilla.org/security/advisories/mfsa2024-02/

reference_id

mfsa2024-02

reference_type

scores

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-02-06T05:00:17Z/

url

https://www.mozilla.org/security/advisories/mfsa2024-02/

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2024-04

reference_id

mfsa2024-04

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2024-04

reference_url

https://www.mozilla.org/security/advisories/mfsa2024-04/

reference_id

mfsa2024-04

reference_type

scores

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-02-06T05:00:17Z/

url

https://www.mozilla.org/security/advisories/mfsa2024-04/

reference_url

https://lists.debian.org/debian-lts-announce/2024/01/msg00015.html

reference_id

msg00015.html

reference_type

scores

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-02-06T05:00:17Z/

url

https://lists.debian.org/debian-lts-announce/2024/01/msg00015.html

reference_url

https://lists.debian.org/debian-lts-announce/2024/01/msg00022.html

reference_id

msg00022.html

reference_type

scores

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-02-06T05:00:17Z/

url

https://lists.debian.org/debian-lts-announce/2024/01/msg00022.html

reference_url	https://access.redhat.com/errata/RHSA-2024:0559
reference_id	RHSA-2024:0559
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0559

reference_url	https://access.redhat.com/errata/RHSA-2024:0565
reference_id	RHSA-2024:0565
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0565

reference_url	https://access.redhat.com/errata/RHSA-2024:0596
reference_id	RHSA-2024:0596
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0596

reference_url	https://access.redhat.com/errata/RHSA-2024:0598
reference_id	RHSA-2024:0598
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0598

reference_url	https://access.redhat.com/errata/RHSA-2024:0600
reference_id	RHSA-2024:0600
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0600

reference_url	https://access.redhat.com/errata/RHSA-2024:0601
reference_id	RHSA-2024:0601
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0601

reference_url	https://access.redhat.com/errata/RHSA-2024:0602
reference_id	RHSA-2024:0602
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0602

reference_url	https://access.redhat.com/errata/RHSA-2024:0603
reference_id	RHSA-2024:0603
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0603

reference_url	https://access.redhat.com/errata/RHSA-2024:0604
reference_id	RHSA-2024:0604
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0604

reference_url	https://access.redhat.com/errata/RHSA-2024:0605
reference_id	RHSA-2024:0605
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0605

reference_url	https://access.redhat.com/errata/RHSA-2024:0608
reference_id	RHSA-2024:0608
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0608

reference_url	https://access.redhat.com/errata/RHSA-2024:0609
reference_id	RHSA-2024:0609
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0609

reference_url	https://access.redhat.com/errata/RHSA-2024:0615
reference_id	RHSA-2024:0615
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0615

reference_url	https://access.redhat.com/errata/RHSA-2024:0616
reference_id	RHSA-2024:0616
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0616

reference_url	https://access.redhat.com/errata/RHSA-2024:0618
reference_id	RHSA-2024:0618
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0618

reference_url	https://access.redhat.com/errata/RHSA-2024:0619
reference_id	RHSA-2024:0619
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0619

reference_url	https://access.redhat.com/errata/RHSA-2024:0622
reference_id	RHSA-2024:0622
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0622

reference_url	https://access.redhat.com/errata/RHSA-2024:0623
reference_id	RHSA-2024:0623
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0623

reference_url	https://usn.ubuntu.com/6610-1/
reference_id	USN-6610-1
reference_type
scores
url	https://usn.ubuntu.com/6610-1/

reference_url	https://usn.ubuntu.com/6669-1/
reference_id	USN-6669-1
reference_type
scores
url	https://usn.ubuntu.com/6669-1/

fixed_packages

url	pkg:ebuild/mail-client/thunderbird-bin@115.7.0
purl	pkg:ebuild/mail-client/thunderbird-bin@115.7.0
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:ebuild/mail-client/thunderbird-bin@115.7.0

aliases CVE-2024-0755

risk_score 4.0

exploitability 0.5

weighted_severity 8.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-25up-n1fr-jkat

url VCID-2nqe-rk2x-qbdk

vulnerability_id VCID-2nqe-rk2x-qbdk

summary

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-5725.json

reference_id

reference_type

scores

value	6.1
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-5725.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2023-5725

reference_id

reference_type

scores

value	0.00415
scoring_system	epss
scoring_elements	0.62089
published_at	2026-06-11T12:55:00Z

value	0.00415
scoring_system	epss
scoring_elements	0.62191
published_at	2026-06-12T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2023-5725

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-5721
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-5721

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-5724
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-5724

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-5725
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-5725

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-5728
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-5728

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-5730
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-5730

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-5732
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-5732

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	6.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2245900
reference_id	2245900
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2245900

reference_url

reference_id

dsa-5535

reference_type

scores

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-11T18:54:27Z/

url

reference_url

reference_id

dsa-5538

reference_type

scores

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-11T18:54:27Z/

url

https://www.mozilla.org/en-US/security/advisories/mfsa2023-45

reference_url	https://security.gentoo.org/glsa/202402-25
reference_id	GLSA-202402-25
reference_type
scores
url	https://security.gentoo.org/glsa/202402-25

reference_url

reference_id

mfsa2023-45

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2023-45

reference_url

https://www.mozilla.org/security/advisories/mfsa2023-45/

reference_id

mfsa2023-45

reference_type

scores

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-11T18:54:27Z/

url

https://www.mozilla.org/security/advisories/mfsa2023-45/

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2023-46

reference_id

mfsa2023-46

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2023-46

reference_url

https://www.mozilla.org/security/advisories/mfsa2023-46/

reference_id

mfsa2023-46

reference_type

scores

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-11T18:54:27Z/

url

https://www.mozilla.org/security/advisories/mfsa2023-46/

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2023-47

reference_id

mfsa2023-47

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2023-47

reference_url

https://www.mozilla.org/security/advisories/mfsa2023-47/

reference_id

mfsa2023-47

reference_type

scores

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-11T18:54:27Z/

url

https://www.mozilla.org/security/advisories/mfsa2023-47/

reference_url

https://lists.debian.org/debian-lts-announce/2023/10/msg00037.html

reference_id

msg00037.html

reference_type

scores

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-11T18:54:27Z/

url

https://lists.debian.org/debian-lts-announce/2023/10/msg00037.html

reference_url

https://lists.debian.org/debian-lts-announce/2023/10/msg00042.html

reference_id

msg00042.html

reference_type

scores

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-11T18:54:27Z/

url

https://lists.debian.org/debian-lts-announce/2023/10/msg00042.html

reference_url	https://access.redhat.com/errata/RHSA-2023:6162
reference_id	RHSA-2023:6162
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:6162

reference_url	https://access.redhat.com/errata/RHSA-2023:6185
reference_id	RHSA-2023:6185
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:6185

reference_url	https://access.redhat.com/errata/RHSA-2023:6186
reference_id	RHSA-2023:6186
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:6186

reference_url	https://access.redhat.com/errata/RHSA-2023:6187
reference_id	RHSA-2023:6187
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:6187

reference_url	https://access.redhat.com/errata/RHSA-2023:6188
reference_id	RHSA-2023:6188
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:6188

reference_url	https://access.redhat.com/errata/RHSA-2023:6189
reference_id	RHSA-2023:6189
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:6189

reference_url	https://access.redhat.com/errata/RHSA-2023:6191
reference_id	RHSA-2023:6191
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:6191

reference_url	https://access.redhat.com/errata/RHSA-2023:6194
reference_id	RHSA-2023:6194
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:6194

reference_url	https://access.redhat.com/errata/RHSA-2023:6195
reference_id	RHSA-2023:6195
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:6195

reference_url	https://access.redhat.com/errata/RHSA-2023:6196
reference_id	RHSA-2023:6196
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:6196

reference_url	https://access.redhat.com/errata/RHSA-2023:6197
reference_id	RHSA-2023:6197
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:6197

reference_url	https://access.redhat.com/errata/RHSA-2023:6198
reference_id	RHSA-2023:6198
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:6198

reference_url	https://access.redhat.com/errata/RHSA-2023:6199
reference_id	RHSA-2023:6199
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:6199

reference_url

https://bugzilla.mozilla.org/show_bug.cgi?id=1845739

reference_id

show_bug.cgi?id=1845739

reference_type

scores

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-11T18:54:27Z/

url

https://bugzilla.mozilla.org/show_bug.cgi?id=1845739

reference_url	https://usn.ubuntu.com/6456-1/
reference_id	USN-6456-1
reference_type
scores
url	https://usn.ubuntu.com/6456-1/

reference_url	https://usn.ubuntu.com/6468-1/
reference_id	USN-6468-1
reference_type
scores
url	https://usn.ubuntu.com/6468-1/

fixed_packages

url	pkg:ebuild/mail-client/thunderbird-bin@115.7.0
purl	pkg:ebuild/mail-client/thunderbird-bin@115.7.0
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:ebuild/mail-client/thunderbird-bin@115.7.0

aliases CVE-2023-5725

risk_score 4.0

exploitability 0.5

weighted_severity 8.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-2nqe-rk2x-qbdk

url VCID-2sm5-7ark-xfe2

vulnerability_id VCID-2sm5-7ark-xfe2

summary Multiple vulnerabilities have been discovered in Mozilla Thunderbird, the worst of which could lead to remote code execution.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-6204.json

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-6204.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2023-6204

reference_id

reference_type

scores

value	0.00338
scoring_system	epss
scoring_elements	0.56958
published_at	2026-06-11T12:55:00Z

value	0.00338
scoring_system	epss
scoring_elements	0.57078
published_at	2026-06-12T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2023-6204

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6204
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6204

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6205
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6205

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6206
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6206

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6207
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6207

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6208
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6208

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6209
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6209

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6212
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6212

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2250896
reference_id	2250896
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2250896

reference_url	https://security.gentoo.org/glsa/202402-25
reference_id	GLSA-202402-25
reference_type
scores
url	https://security.gentoo.org/glsa/202402-25

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2023-49

reference_id

mfsa2023-49

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2023-49

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2023-50

reference_id

mfsa2023-50

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2023-50

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2023-52

reference_id

mfsa2023-52

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2023-52

reference_url	https://access.redhat.com/errata/RHSA-2023:7499
reference_id	RHSA-2023:7499
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:7499

reference_url	https://access.redhat.com/errata/RHSA-2023:7500
reference_id	RHSA-2023:7500
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:7500

reference_url	https://access.redhat.com/errata/RHSA-2023:7501
reference_id	RHSA-2023:7501
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:7501

reference_url	https://access.redhat.com/errata/RHSA-2023:7502
reference_id	RHSA-2023:7502
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:7502

reference_url	https://access.redhat.com/errata/RHSA-2023:7503
reference_id	RHSA-2023:7503
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:7503

reference_url	https://access.redhat.com/errata/RHSA-2023:7504
reference_id	RHSA-2023:7504
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:7504

reference_url	https://access.redhat.com/errata/RHSA-2023:7505
reference_id	RHSA-2023:7505
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:7505

reference_url	https://access.redhat.com/errata/RHSA-2023:7506
reference_id	RHSA-2023:7506
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:7506

reference_url	https://access.redhat.com/errata/RHSA-2023:7507
reference_id	RHSA-2023:7507
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:7507

reference_url	https://access.redhat.com/errata/RHSA-2023:7508
reference_id	RHSA-2023:7508
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:7508

reference_url	https://access.redhat.com/errata/RHSA-2023:7509
reference_id	RHSA-2023:7509
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:7509

reference_url	https://access.redhat.com/errata/RHSA-2023:7510
reference_id	RHSA-2023:7510
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:7510

reference_url	https://access.redhat.com/errata/RHSA-2023:7511
reference_id	RHSA-2023:7511
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:7511

reference_url	https://access.redhat.com/errata/RHSA-2023:7512
reference_id	RHSA-2023:7512
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:7512

reference_url	https://access.redhat.com/errata/RHSA-2023:7547
reference_id	RHSA-2023:7547
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:7547

reference_url	https://access.redhat.com/errata/RHSA-2023:7569
reference_id	RHSA-2023:7569
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:7569

reference_url	https://access.redhat.com/errata/RHSA-2023:7570
reference_id	RHSA-2023:7570
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:7570

reference_url	https://access.redhat.com/errata/RHSA-2023:7573
reference_id	RHSA-2023:7573
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:7573

reference_url	https://access.redhat.com/errata/RHSA-2023:7574
reference_id	RHSA-2023:7574
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:7574

reference_url	https://access.redhat.com/errata/RHSA-2023:7577
reference_id	RHSA-2023:7577
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:7577

reference_url	https://usn.ubuntu.com/6509-1/
reference_id	USN-6509-1
reference_type
scores
url	https://usn.ubuntu.com/6509-1/

reference_url	https://usn.ubuntu.com/6515-1/
reference_id	USN-6515-1
reference_type
scores
url	https://usn.ubuntu.com/6515-1/

fixed_packages

url	pkg:ebuild/mail-client/thunderbird-bin@115.7.0
purl	pkg:ebuild/mail-client/thunderbird-bin@115.7.0
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:ebuild/mail-client/thunderbird-bin@115.7.0

aliases CVE-2023-6204

risk_score 4.0

exploitability 0.5

weighted_severity 8.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-2sm5-7ark-xfe2

url VCID-3bsf-nmms-wkg9

vulnerability_id VCID-3bsf-nmms-wkg9

summary A website could have obscured the full screen notification by using the file open dialog. This could have led to user confusion and possible spoofing attacks. This vulnerability affects Firefox < 116, Firefox ESR < 115.2, and Thunderbird < 115.2.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-4051.json

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-4051.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2023-4051

reference_id

reference_type

scores

value	0.00168
scoring_system	epss
scoring_elements	0.37858
published_at	2026-06-12T12:55:00Z

value	0.00168
scoring_system	epss
scoring_elements	0.37681
published_at	2026-06-11T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2023-4051

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2236076
reference_id	2236076
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2236076

reference_url	https://security.gentoo.org/glsa/202402-25
reference_id	GLSA-202402-25
reference_type
scores
url	https://security.gentoo.org/glsa/202402-25

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2023-29

reference_id

mfsa2023-29

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2023-29

reference_url

https://www.mozilla.org/security/advisories/mfsa2023-29/

reference_id

mfsa2023-29

reference_type

scores

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-22T14:40:45Z/

url

https://www.mozilla.org/security/advisories/mfsa2023-29/

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2023-36

reference_id

mfsa2023-36

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2023-36

reference_url

https://www.mozilla.org/security/advisories/mfsa2023-36/

reference_id

mfsa2023-36

reference_type

scores

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-22T14:40:45Z/

url

https://www.mozilla.org/security/advisories/mfsa2023-36/

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2023-38

reference_id

mfsa2023-38

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2023-38

reference_url

https://www.mozilla.org/security/advisories/mfsa2023-38/

reference_id

mfsa2023-38

reference_type

scores

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-22T14:40:45Z/

url

https://www.mozilla.org/security/advisories/mfsa2023-38/

reference_url	https://access.redhat.com/errata/RHSA-2023:4945
reference_id	RHSA-2023:4945
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:4945

reference_url	https://access.redhat.com/errata/RHSA-2023:4946
reference_id	RHSA-2023:4946
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:4946

reference_url	https://access.redhat.com/errata/RHSA-2023:4947
reference_id	RHSA-2023:4947
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:4947

reference_url	https://access.redhat.com/errata/RHSA-2023:4948
reference_id	RHSA-2023:4948
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:4948

reference_url	https://access.redhat.com/errata/RHSA-2023:4949
reference_id	RHSA-2023:4949
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:4949

reference_url	https://access.redhat.com/errata/RHSA-2023:4950
reference_id	RHSA-2023:4950
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:4950

reference_url	https://access.redhat.com/errata/RHSA-2023:4951
reference_id	RHSA-2023:4951
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:4951

reference_url	https://access.redhat.com/errata/RHSA-2023:4952
reference_id	RHSA-2023:4952
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:4952

reference_url	https://access.redhat.com/errata/RHSA-2023:4954
reference_id	RHSA-2023:4954
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:4954

reference_url	https://access.redhat.com/errata/RHSA-2023:4955
reference_id	RHSA-2023:4955
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:4955

reference_url	https://access.redhat.com/errata/RHSA-2023:4956
reference_id	RHSA-2023:4956
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:4956

reference_url	https://access.redhat.com/errata/RHSA-2023:4957
reference_id	RHSA-2023:4957
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:4957

reference_url	https://access.redhat.com/errata/RHSA-2023:4958
reference_id	RHSA-2023:4958
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:4958

reference_url	https://access.redhat.com/errata/RHSA-2023:4959
reference_id	RHSA-2023:4959
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:4959

reference_url	https://access.redhat.com/errata/RHSA-2023:5019
reference_id	RHSA-2023:5019
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:5019

reference_url

https://bugzilla.mozilla.org/show_bug.cgi?id=1821884

reference_id

show_bug.cgi?id=1821884

reference_type

scores

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-22T14:40:45Z/

url

https://bugzilla.mozilla.org/show_bug.cgi?id=1821884

reference_url	https://usn.ubuntu.com/6267-1/
reference_id	USN-6267-1
reference_type
scores
url	https://usn.ubuntu.com/6267-1/

fixed_packages

url	pkg:ebuild/mail-client/thunderbird-bin@115.7.0
purl	pkg:ebuild/mail-client/thunderbird-bin@115.7.0
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:ebuild/mail-client/thunderbird-bin@115.7.0

aliases CVE-2023-4051

risk_score 4.0

exploitability 0.5

weighted_severity 8.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-3bsf-nmms-wkg9

url VCID-3h6z-s6mj-mqgf

vulnerability_id VCID-3h6z-s6mj-mqgf

summary Memory safety bugs present in Firefox 115, Firefox ESR 115.0, Firefox ESR 102.13, Thunderbird 115.0, and Thunderbird 102.13. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 116, Firefox ESR < 102.14, and Firefox ESR < 115.1.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-4056.json

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-4056.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2023-4056

reference_id

reference_type

scores

value	0.00645
scoring_system	epss
scoring_elements	0.71282
published_at	2026-06-12T12:55:00Z

value	0.00645
scoring_system	epss
scoring_elements	0.71192
published_at	2026-06-11T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2023-4056

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-4045
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-4045

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-4046
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-4046

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-4047
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-4047

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-4048
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-4048

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-4049
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-4049

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-4050
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-4050

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-4055
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-4055

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-4056
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-4056

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2228370
reference_id	2228370
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2228370

reference_url

https://bugzilla.mozilla.org/buglist.cgi?bug_id=1820587%2C1824634%2C1839235%2C1842325%2C1843847

reference_id

buglist.cgi?bug_id=1820587%2C1824634%2C1839235%2C1842325%2C1843847

reference_type

scores

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-10-22T14:25:23Z/

url

https://bugzilla.mozilla.org/buglist.cgi?bug_id=1820587%2C1824634%2C1839235%2C1842325%2C1843847

reference_url

reference_id

dsa-5464

reference_type

scores

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-10-22T14:25:23Z/

url

reference_url

reference_id

dsa-5469

reference_type

scores

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-10-22T14:25:23Z/

url

https://www.mozilla.org/en-US/security/advisories/mfsa2023-29

reference_url	https://security.gentoo.org/glsa/202402-25
reference_id	GLSA-202402-25
reference_type
scores
url	https://security.gentoo.org/glsa/202402-25

reference_url

reference_id

mfsa2023-29

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2023-29

reference_url

https://www.mozilla.org/security/advisories/mfsa2023-29/

reference_id

mfsa2023-29

reference_type

scores

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-10-22T14:25:23Z/

url

https://www.mozilla.org/security/advisories/mfsa2023-29/

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2023-30

reference_id

mfsa2023-30

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2023-30

reference_url

https://www.mozilla.org/security/advisories/mfsa2023-30/

reference_id

mfsa2023-30

reference_type

scores

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-10-22T14:25:23Z/

url

https://www.mozilla.org/security/advisories/mfsa2023-30/

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2023-31

reference_id

mfsa2023-31

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2023-31

reference_url

https://www.mozilla.org/security/advisories/mfsa2023-31/

reference_id

mfsa2023-31

reference_type

scores

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-10-22T14:25:23Z/

url

https://www.mozilla.org/security/advisories/mfsa2023-31/

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2023-32

reference_id

mfsa2023-32

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2023-32

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2023-33

reference_id

mfsa2023-33

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2023-33

reference_url

https://lists.debian.org/debian-lts-announce/2023/08/msg00008.html

reference_id

msg00008.html

reference_type

scores

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-10-22T14:25:23Z/

url

https://lists.debian.org/debian-lts-announce/2023/08/msg00008.html

reference_url

https://lists.debian.org/debian-lts-announce/2023/08/msg00010.html

reference_id

msg00010.html

reference_type

scores

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-10-22T14:25:23Z/

url

https://lists.debian.org/debian-lts-announce/2023/08/msg00010.html

reference_url	https://access.redhat.com/errata/RHSA-2023:4460
reference_id	RHSA-2023:4460
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:4460

reference_url	https://access.redhat.com/errata/RHSA-2023:4461
reference_id	RHSA-2023:4461
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:4461

reference_url	https://access.redhat.com/errata/RHSA-2023:4462
reference_id	RHSA-2023:4462
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:4462

reference_url	https://access.redhat.com/errata/RHSA-2023:4463
reference_id	RHSA-2023:4463
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:4463

reference_url	https://access.redhat.com/errata/RHSA-2023:4464
reference_id	RHSA-2023:4464
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:4464

reference_url	https://access.redhat.com/errata/RHSA-2023:4465
reference_id	RHSA-2023:4465
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:4465

reference_url	https://access.redhat.com/errata/RHSA-2023:4468
reference_id	RHSA-2023:4468
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:4468

reference_url	https://access.redhat.com/errata/RHSA-2023:4469
reference_id	RHSA-2023:4469
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:4469

reference_url	https://access.redhat.com/errata/RHSA-2023:4492
reference_id	RHSA-2023:4492
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:4492

reference_url	https://access.redhat.com/errata/RHSA-2023:4493
reference_id	RHSA-2023:4493
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:4493

reference_url	https://access.redhat.com/errata/RHSA-2023:4494
reference_id	RHSA-2023:4494
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:4494

reference_url	https://access.redhat.com/errata/RHSA-2023:4495
reference_id	RHSA-2023:4495
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:4495

reference_url	https://access.redhat.com/errata/RHSA-2023:4496
reference_id	RHSA-2023:4496
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:4496

reference_url	https://access.redhat.com/errata/RHSA-2023:4497
reference_id	RHSA-2023:4497
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:4497

reference_url	https://access.redhat.com/errata/RHSA-2023:4499
reference_id	RHSA-2023:4499
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:4499

reference_url	https://access.redhat.com/errata/RHSA-2023:4500
reference_id	RHSA-2023:4500
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:4500

reference_url	https://usn.ubuntu.com/6267-1/
reference_id	USN-6267-1
reference_type
scores
url	https://usn.ubuntu.com/6267-1/

reference_url	https://usn.ubuntu.com/6333-1/
reference_id	USN-6333-1
reference_type
scores
url	https://usn.ubuntu.com/6333-1/

fixed_packages

url	pkg:ebuild/mail-client/thunderbird-bin@115.7.0
purl	pkg:ebuild/mail-client/thunderbird-bin@115.7.0
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:ebuild/mail-client/thunderbird-bin@115.7.0

aliases CVE-2023-4056

risk_score 4.4

exploitability 0.5

weighted_severity 8.8

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-3h6z-s6mj-mqgf

url VCID-3y6g-mnyv-zfdh

vulnerability_id VCID-3y6g-mnyv-zfdh

summary Multiple vulnerabilities have been discovered in Mozilla Thunderbird, the worst of which could lead to remote code execution.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-6207.json

reference_id

reference_type

scores

value	8.8
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-6207.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2023-6207

reference_id

reference_type

scores

value	0.00407
scoring_system	epss
scoring_elements	0.61546
published_at	2026-06-11T12:55:00Z

value	0.00407
scoring_system	epss
scoring_elements	0.6165
published_at	2026-06-12T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2023-6207

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6204
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6204

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6205
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6205

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6206
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6206

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6207
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6207

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6208
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6208

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6209
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6209

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6212
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6212

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2250899
reference_id	2250899
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2250899

reference_url	https://security.gentoo.org/glsa/202402-25
reference_id	GLSA-202402-25
reference_type
scores
url	https://security.gentoo.org/glsa/202402-25

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2023-49

reference_id

mfsa2023-49

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2023-49

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2023-50

reference_id

mfsa2023-50

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2023-50

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2023-52

reference_id

mfsa2023-52

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2023-52

reference_url	https://access.redhat.com/errata/RHSA-2023:7499
reference_id	RHSA-2023:7499
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:7499

reference_url	https://access.redhat.com/errata/RHSA-2023:7500
reference_id	RHSA-2023:7500
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:7500

reference_url	https://access.redhat.com/errata/RHSA-2023:7501
reference_id	RHSA-2023:7501
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:7501

reference_url	https://access.redhat.com/errata/RHSA-2023:7502
reference_id	RHSA-2023:7502
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:7502

reference_url	https://access.redhat.com/errata/RHSA-2023:7503
reference_id	RHSA-2023:7503
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:7503

reference_url	https://access.redhat.com/errata/RHSA-2023:7504
reference_id	RHSA-2023:7504
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:7504

reference_url	https://access.redhat.com/errata/RHSA-2023:7505
reference_id	RHSA-2023:7505
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:7505

reference_url	https://access.redhat.com/errata/RHSA-2023:7506
reference_id	RHSA-2023:7506
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:7506

reference_url	https://access.redhat.com/errata/RHSA-2023:7507
reference_id	RHSA-2023:7507
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:7507

reference_url	https://access.redhat.com/errata/RHSA-2023:7508
reference_id	RHSA-2023:7508
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:7508

reference_url	https://access.redhat.com/errata/RHSA-2023:7509
reference_id	RHSA-2023:7509
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:7509

reference_url	https://access.redhat.com/errata/RHSA-2023:7510
reference_id	RHSA-2023:7510
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:7510

reference_url	https://access.redhat.com/errata/RHSA-2023:7511
reference_id	RHSA-2023:7511
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:7511

reference_url	https://access.redhat.com/errata/RHSA-2023:7512
reference_id	RHSA-2023:7512
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:7512

reference_url	https://access.redhat.com/errata/RHSA-2023:7547
reference_id	RHSA-2023:7547
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:7547

reference_url	https://access.redhat.com/errata/RHSA-2023:7569
reference_id	RHSA-2023:7569
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:7569

reference_url	https://access.redhat.com/errata/RHSA-2023:7570
reference_id	RHSA-2023:7570
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:7570

reference_url	https://access.redhat.com/errata/RHSA-2023:7573
reference_id	RHSA-2023:7573
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:7573

reference_url	https://access.redhat.com/errata/RHSA-2023:7574
reference_id	RHSA-2023:7574
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:7574

reference_url	https://access.redhat.com/errata/RHSA-2023:7577
reference_id	RHSA-2023:7577
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:7577

reference_url	https://usn.ubuntu.com/6509-1/
reference_id	USN-6509-1
reference_type
scores
url	https://usn.ubuntu.com/6509-1/

reference_url	https://usn.ubuntu.com/6515-1/
reference_id	USN-6515-1
reference_type
scores
url	https://usn.ubuntu.com/6515-1/

fixed_packages

url	pkg:ebuild/mail-client/thunderbird-bin@115.7.0
purl	pkg:ebuild/mail-client/thunderbird-bin@115.7.0
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:ebuild/mail-client/thunderbird-bin@115.7.0

aliases CVE-2023-6207

risk_score 4.0

exploitability 0.5

weighted_severity 8.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-3y6g-mnyv-zfdh

url VCID-4ntn-7zea-pqc6

vulnerability_id VCID-4ntn-7zea-pqc6

summary Push notifications stored on disk in private browsing mode were not being encrypted potentially allowing the leak of sensitive information. This vulnerability affects Firefox < 117, Firefox ESR < 115.2, and Thunderbird < 115.2.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-4580.json

reference_id

reference_type

scores

value	6.1
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-4580.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2023-4580

reference_id

reference_type

scores

value	0.00069
scoring_system	epss
scoring_elements	0.21522
published_at	2026-06-12T12:55:00Z

value	0.00069
scoring_system	epss
scoring_elements	0.21338
published_at	2026-06-11T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2023-4580

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2236079
reference_id	2236079
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2236079

reference_url	https://security.gentoo.org/glsa/202402-25
reference_id	GLSA-202402-25
reference_type
scores
url	https://security.gentoo.org/glsa/202402-25

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2023-34

reference_id

mfsa2023-34

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2023-34

reference_url

https://www.mozilla.org/security/advisories/mfsa2023-34/

reference_id

mfsa2023-34

reference_type

scores

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-19T20:01:48Z/

url

https://www.mozilla.org/security/advisories/mfsa2023-34/

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2023-36

reference_id

mfsa2023-36

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2023-36

reference_url

https://www.mozilla.org/security/advisories/mfsa2023-36/

reference_id

mfsa2023-36

reference_type

scores

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-19T20:01:48Z/

url

https://www.mozilla.org/security/advisories/mfsa2023-36/

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2023-38

reference_id

mfsa2023-38

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2023-38

reference_url

https://www.mozilla.org/security/advisories/mfsa2023-38/

reference_id

mfsa2023-38

reference_type

scores

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-19T20:01:48Z/

url

https://www.mozilla.org/security/advisories/mfsa2023-38/

reference_url	https://access.redhat.com/errata/RHSA-2023:4945
reference_id	RHSA-2023:4945
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:4945

reference_url	https://access.redhat.com/errata/RHSA-2023:4946
reference_id	RHSA-2023:4946
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:4946

reference_url	https://access.redhat.com/errata/RHSA-2023:4947
reference_id	RHSA-2023:4947
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:4947

reference_url	https://access.redhat.com/errata/RHSA-2023:4948
reference_id	RHSA-2023:4948
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:4948

reference_url	https://access.redhat.com/errata/RHSA-2023:4949
reference_id	RHSA-2023:4949
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:4949

reference_url	https://access.redhat.com/errata/RHSA-2023:4950
reference_id	RHSA-2023:4950
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:4950

reference_url	https://access.redhat.com/errata/RHSA-2023:4951
reference_id	RHSA-2023:4951
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:4951

reference_url	https://access.redhat.com/errata/RHSA-2023:4952
reference_id	RHSA-2023:4952
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:4952

reference_url	https://access.redhat.com/errata/RHSA-2023:4954
reference_id	RHSA-2023:4954
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:4954

reference_url	https://access.redhat.com/errata/RHSA-2023:4955
reference_id	RHSA-2023:4955
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:4955

reference_url	https://access.redhat.com/errata/RHSA-2023:4956
reference_id	RHSA-2023:4956
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:4956

reference_url	https://access.redhat.com/errata/RHSA-2023:4957
reference_id	RHSA-2023:4957
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:4957

reference_url	https://access.redhat.com/errata/RHSA-2023:4958
reference_id	RHSA-2023:4958
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:4958

reference_url	https://access.redhat.com/errata/RHSA-2023:4959
reference_id	RHSA-2023:4959
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:4959

reference_url	https://access.redhat.com/errata/RHSA-2023:5019
reference_id	RHSA-2023:5019
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:5019

reference_url

https://bugzilla.mozilla.org/show_bug.cgi?id=1843046

reference_id

show_bug.cgi?id=1843046

reference_type

scores

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-19T20:01:48Z/

url

https://bugzilla.mozilla.org/show_bug.cgi?id=1843046

reference_url	https://usn.ubuntu.com/6320-1/
reference_id	USN-6320-1
reference_type
scores
url	https://usn.ubuntu.com/6320-1/

reference_url	https://usn.ubuntu.com/6405-1/
reference_id	USN-6405-1
reference_type
scores
url	https://usn.ubuntu.com/6405-1/

fixed_packages

url	pkg:ebuild/mail-client/thunderbird-bin@115.7.0
purl	pkg:ebuild/mail-client/thunderbird-bin@115.7.0
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:ebuild/mail-client/thunderbird-bin@115.7.0

aliases CVE-2023-4580

risk_score 4.0

exploitability 0.5

weighted_severity 8.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-4ntn-7zea-pqc6

url VCID-4sud-wrqj-53hz

vulnerability_id VCID-4sud-wrqj-53hz

summary Multiple vulnerabilities have been discovered in Mozilla Thunderbird, the worst of which could lead to remote code execution.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-6857.json

reference_id

reference_type

scores

value	6.1
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-6857.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2023-6857

reference_id

reference_type

scores

value	0.00227
scoring_system	epss
scoring_elements	0.45648
published_at	2026-06-11T12:55:00Z

value	0.00227
scoring_system	epss
scoring_elements	0.45795
published_at	2026-06-12T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2023-6857

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-50761
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-50761

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-50762
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-50762

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6856
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6856

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6857
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6857

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6858
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6858

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6859
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6859

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6860
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6860

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6861
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6861

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6862
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6862

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6863
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6863

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6864
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6864

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6865
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6865

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6867
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6867

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6873
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6873

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2255362
reference_id	2255362
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2255362

reference_url	https://security.gentoo.org/glsa/202402-25
reference_id	GLSA-202402-25
reference_type
scores
url	https://security.gentoo.org/glsa/202402-25

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2023-54

reference_id

mfsa2023-54

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2023-54

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2023-55

reference_id

mfsa2023-55

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2023-55

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2023-56

reference_id

mfsa2023-56

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2023-56

reference_url	https://access.redhat.com/errata/RHSA-2024:0001
reference_id	RHSA-2024:0001
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0001

reference_url	https://access.redhat.com/errata/RHSA-2024:0002
reference_id	RHSA-2024:0002
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0002

reference_url	https://access.redhat.com/errata/RHSA-2024:0003
reference_id	RHSA-2024:0003
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0003

reference_url	https://access.redhat.com/errata/RHSA-2024:0004
reference_id	RHSA-2024:0004
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0004

reference_url	https://access.redhat.com/errata/RHSA-2024:0005
reference_id	RHSA-2024:0005
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0005

reference_url	https://access.redhat.com/errata/RHSA-2024:0011
reference_id	RHSA-2024:0011
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0011

reference_url	https://access.redhat.com/errata/RHSA-2024:0012
reference_id	RHSA-2024:0012
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0012

reference_url	https://access.redhat.com/errata/RHSA-2024:0019
reference_id	RHSA-2024:0019
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0019

reference_url	https://access.redhat.com/errata/RHSA-2024:0021
reference_id	RHSA-2024:0021
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0021

reference_url	https://access.redhat.com/errata/RHSA-2024:0022
reference_id	RHSA-2024:0022
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0022

reference_url	https://access.redhat.com/errata/RHSA-2024:0023
reference_id	RHSA-2024:0023
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0023

reference_url	https://access.redhat.com/errata/RHSA-2024:0024
reference_id	RHSA-2024:0024
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0024

reference_url	https://access.redhat.com/errata/RHSA-2024:0025
reference_id	RHSA-2024:0025
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0025

reference_url	https://access.redhat.com/errata/RHSA-2024:0026
reference_id	RHSA-2024:0026
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0026

reference_url	https://access.redhat.com/errata/RHSA-2024:0027
reference_id	RHSA-2024:0027
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0027

reference_url	https://access.redhat.com/errata/RHSA-2024:0028
reference_id	RHSA-2024:0028
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0028

reference_url	https://access.redhat.com/errata/RHSA-2024:0029
reference_id	RHSA-2024:0029
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0029

reference_url	https://access.redhat.com/errata/RHSA-2024:0030
reference_id	RHSA-2024:0030
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0030

reference_url	https://usn.ubuntu.com/6562-1/
reference_id	USN-6562-1
reference_type
scores
url	https://usn.ubuntu.com/6562-1/

reference_url	https://usn.ubuntu.com/6563-1/
reference_id	USN-6563-1
reference_type
scores
url	https://usn.ubuntu.com/6563-1/

fixed_packages

url	pkg:ebuild/mail-client/thunderbird-bin@115.7.0
purl	pkg:ebuild/mail-client/thunderbird-bin@115.7.0
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:ebuild/mail-client/thunderbird-bin@115.7.0

aliases CVE-2023-6857

risk_score 4.0

exploitability 0.5

weighted_severity 8.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-4sud-wrqj-53hz

url VCID-5861-z27w-2kch

vulnerability_id VCID-5861-z27w-2kch

summary A bug in popup notifications delay calculation could have made it possible for an attacker to trick a user into granting permissions. This vulnerability affects Firefox < 116, Firefox ESR < 102.14, and Firefox ESR < 115.1.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-4047.json

reference_id

reference_type

scores

value	8.8
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-4047.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2023-4047

reference_id

reference_type

scores

value	0.00621
scoring_system	epss
scoring_elements	0.70645
published_at	2026-06-12T12:55:00Z

value	0.00621
scoring_system	epss
scoring_elements	0.70555
published_at	2026-06-11T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2023-4047

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-4045
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-4045

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-4046
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-4046

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-4047
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-4047

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-4048
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-4048

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-4049
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-4049

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-4050
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-4050

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-4055
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-4055

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-4056
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-4056

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2228362
reference_id	2228362
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2228362

reference_url

reference_id

dsa-5464

reference_type

scores

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-22T15:16:57Z/

url

reference_url

reference_id

dsa-5469

reference_type

scores

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-22T15:16:57Z/

url

https://www.mozilla.org/en-US/security/advisories/mfsa2023-29

reference_url	https://security.gentoo.org/glsa/202402-25
reference_id	GLSA-202402-25
reference_type
scores
url	https://security.gentoo.org/glsa/202402-25

reference_url

reference_id

mfsa2023-29

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2023-29

reference_url

https://www.mozilla.org/security/advisories/mfsa2023-29/

reference_id

mfsa2023-29

reference_type

scores

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-22T15:16:57Z/

url

https://www.mozilla.org/security/advisories/mfsa2023-29/

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2023-30

reference_id

mfsa2023-30

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2023-30

reference_url

https://www.mozilla.org/security/advisories/mfsa2023-30/

reference_id

mfsa2023-30

reference_type

scores

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-22T15:16:57Z/

url

https://www.mozilla.org/security/advisories/mfsa2023-30/

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2023-31

reference_id

mfsa2023-31

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2023-31

reference_url

https://www.mozilla.org/security/advisories/mfsa2023-31/

reference_id

mfsa2023-31

reference_type

scores

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-22T15:16:57Z/

url

https://www.mozilla.org/security/advisories/mfsa2023-31/

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2023-32

reference_id

mfsa2023-32

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2023-32

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2023-33

reference_id

mfsa2023-33

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2023-33

reference_url

https://lists.debian.org/debian-lts-announce/2023/08/msg00008.html

reference_id

msg00008.html

reference_type

scores

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-22T15:16:57Z/

url

https://lists.debian.org/debian-lts-announce/2023/08/msg00008.html

reference_url

https://lists.debian.org/debian-lts-announce/2023/08/msg00010.html

reference_id

msg00010.html

reference_type

scores

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-22T15:16:57Z/

url

https://lists.debian.org/debian-lts-announce/2023/08/msg00010.html

reference_url	https://access.redhat.com/errata/RHSA-2023:4460
reference_id	RHSA-2023:4460
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:4460

reference_url	https://access.redhat.com/errata/RHSA-2023:4461
reference_id	RHSA-2023:4461
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:4461

reference_url	https://access.redhat.com/errata/RHSA-2023:4462
reference_id	RHSA-2023:4462
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:4462

reference_url	https://access.redhat.com/errata/RHSA-2023:4463
reference_id	RHSA-2023:4463
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:4463

reference_url	https://access.redhat.com/errata/RHSA-2023:4464
reference_id	RHSA-2023:4464
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:4464

reference_url	https://access.redhat.com/errata/RHSA-2023:4465
reference_id	RHSA-2023:4465
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:4465

reference_url	https://access.redhat.com/errata/RHSA-2023:4468
reference_id	RHSA-2023:4468
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:4468

reference_url	https://access.redhat.com/errata/RHSA-2023:4469
reference_id	RHSA-2023:4469
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:4469

reference_url	https://access.redhat.com/errata/RHSA-2023:4492
reference_id	RHSA-2023:4492
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:4492

reference_url	https://access.redhat.com/errata/RHSA-2023:4493
reference_id	RHSA-2023:4493
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:4493

reference_url	https://access.redhat.com/errata/RHSA-2023:4494
reference_id	RHSA-2023:4494
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:4494

reference_url	https://access.redhat.com/errata/RHSA-2023:4495
reference_id	RHSA-2023:4495
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:4495

reference_url	https://access.redhat.com/errata/RHSA-2023:4496
reference_id	RHSA-2023:4496
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:4496

reference_url	https://access.redhat.com/errata/RHSA-2023:4497
reference_id	RHSA-2023:4497
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:4497

reference_url	https://access.redhat.com/errata/RHSA-2023:4499
reference_id	RHSA-2023:4499
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:4499

reference_url	https://access.redhat.com/errata/RHSA-2023:4500
reference_id	RHSA-2023:4500
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:4500

reference_url

https://bugzilla.mozilla.org/show_bug.cgi?id=1839073

reference_id

show_bug.cgi?id=1839073

reference_type

scores

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-22T15:16:57Z/

url

https://bugzilla.mozilla.org/show_bug.cgi?id=1839073

reference_url	https://usn.ubuntu.com/6267-1/
reference_id	USN-6267-1
reference_type
scores
url	https://usn.ubuntu.com/6267-1/

reference_url	https://usn.ubuntu.com/6333-1/
reference_id	USN-6333-1
reference_type
scores
url	https://usn.ubuntu.com/6333-1/

fixed_packages

url	pkg:ebuild/mail-client/thunderbird-bin@115.7.0
purl	pkg:ebuild/mail-client/thunderbird-bin@115.7.0
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:ebuild/mail-client/thunderbird-bin@115.7.0

aliases CVE-2023-4047

risk_score 4.0

exploitability 0.5

weighted_severity 8.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-5861-z27w-2kch

url VCID-5ghd-qsy2-33c7

vulnerability_id VCID-5ghd-qsy2-33c7

summary

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-3600.json

reference_id

reference_type

scores

value	8.8
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-3600.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2023-3600

reference_id

reference_type

scores

value	0.0019
scoring_system	epss
scoring_elements	0.40883
published_at	2026-06-12T12:55:00Z

value	0.0019
scoring_system	epss
scoring_elements	0.40716
published_at	2026-06-11T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2023-3600

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2222652
reference_id	2222652
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2222652

reference_url	https://security.gentoo.org/glsa/202402-25
reference_id	GLSA-202402-25
reference_type
scores
url	https://security.gentoo.org/glsa/202402-25

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2023-26

reference_id

mfsa2023-26

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2023-26

reference_url

https://www.mozilla.org/security/advisories/mfsa2023-26/

reference_id

mfsa2023-26

reference_type

scores

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-11-07T16:47:10Z/

url

https://www.mozilla.org/security/advisories/mfsa2023-26/

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2023-27

reference_id

mfsa2023-27

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2023-27

reference_url

https://www.mozilla.org/security/advisories/mfsa2023-27/

reference_id

mfsa2023-27

reference_type

scores

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-11-07T16:47:10Z/

url

https://www.mozilla.org/security/advisories/mfsa2023-27/

reference_url	https://access.redhat.com/errata/RHSA-2023:5426
reference_id	RHSA-2023:5426
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:5426

reference_url	https://access.redhat.com/errata/RHSA-2023:5427
reference_id	RHSA-2023:5427
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:5427

reference_url	https://access.redhat.com/errata/RHSA-2023:5428
reference_id	RHSA-2023:5428
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:5428

reference_url	https://access.redhat.com/errata/RHSA-2023:5429
reference_id	RHSA-2023:5429
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:5429

reference_url	https://access.redhat.com/errata/RHSA-2023:5430
reference_id	RHSA-2023:5430
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:5430

reference_url	https://access.redhat.com/errata/RHSA-2023:5432
reference_id	RHSA-2023:5432
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:5432

reference_url	https://access.redhat.com/errata/RHSA-2023:5433
reference_id	RHSA-2023:5433
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:5433

reference_url	https://access.redhat.com/errata/RHSA-2023:5434
reference_id	RHSA-2023:5434
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:5434

reference_url	https://access.redhat.com/errata/RHSA-2023:5435
reference_id	RHSA-2023:5435
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:5435

reference_url	https://access.redhat.com/errata/RHSA-2023:5436
reference_id	RHSA-2023:5436
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:5436

reference_url	https://access.redhat.com/errata/RHSA-2023:5437
reference_id	RHSA-2023:5437
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:5437

reference_url	https://access.redhat.com/errata/RHSA-2023:5438
reference_id	RHSA-2023:5438
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:5438

reference_url	https://access.redhat.com/errata/RHSA-2023:5439
reference_id	RHSA-2023:5439
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:5439

reference_url	https://access.redhat.com/errata/RHSA-2023:5440
reference_id	RHSA-2023:5440
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:5440

reference_url	https://access.redhat.com/errata/RHSA-2023:5475
reference_id	RHSA-2023:5475
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:5475

reference_url	https://access.redhat.com/errata/RHSA-2023:5477
reference_id	RHSA-2023:5477
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:5477

reference_url

https://bugzilla.mozilla.org/show_bug.cgi?id=1839703

reference_id

show_bug.cgi?id=1839703

reference_type

scores

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-11-07T16:47:10Z/

url

https://bugzilla.mozilla.org/show_bug.cgi?id=1839703

reference_url	https://usn.ubuntu.com/6218-1/
reference_id	USN-6218-1
reference_type
scores
url	https://usn.ubuntu.com/6218-1/

reference_url	https://usn.ubuntu.com/6405-1/
reference_id	USN-6405-1
reference_type
scores
url	https://usn.ubuntu.com/6405-1/

fixed_packages

url	pkg:ebuild/mail-client/thunderbird-bin@115.7.0
purl	pkg:ebuild/mail-client/thunderbird-bin@115.7.0
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:ebuild/mail-client/thunderbird-bin@115.7.0

aliases CVE-2023-3600

risk_score 4.0

exploitability 0.5

weighted_severity 8.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-5ghd-qsy2-33c7

url VCID-6dxq-ky4z-ubdj

vulnerability_id VCID-6dxq-ky4z-ubdj

summary

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-5724.json

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-5724.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2023-5724

reference_id

reference_type

scores

value	0.00831
scoring_system	epss
scoring_elements	0.75073
published_at	2026-06-12T12:55:00Z

value	0.00831
scoring_system	epss
scoring_elements	0.75003
published_at	2026-06-11T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2023-5724

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-5721
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-5721

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-5724
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-5724

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-5725
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-5725

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-5728
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-5728

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-5730
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-5730

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-5732
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-5732

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	6.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2245899
reference_id	2245899
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2245899

reference_url

reference_id

dsa-5535

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-09-11T18:56:11Z/

url

reference_url

reference_id

dsa-5538

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-09-11T18:56:11Z/

url

https://www.mozilla.org/en-US/security/advisories/mfsa2023-45

reference_url	https://security.gentoo.org/glsa/202402-25
reference_id	GLSA-202402-25
reference_type
scores
url	https://security.gentoo.org/glsa/202402-25

reference_url

reference_id

mfsa2023-45

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2023-45

reference_url

https://www.mozilla.org/security/advisories/mfsa2023-45/

reference_id

mfsa2023-45

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-09-11T18:56:11Z/

url

https://www.mozilla.org/security/advisories/mfsa2023-45/

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2023-46

reference_id

mfsa2023-46

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2023-46

reference_url

https://www.mozilla.org/security/advisories/mfsa2023-46/

reference_id

mfsa2023-46

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-09-11T18:56:11Z/

url

https://www.mozilla.org/security/advisories/mfsa2023-46/

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2023-47

reference_id

mfsa2023-47

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2023-47

reference_url

https://www.mozilla.org/security/advisories/mfsa2023-47/

reference_id

mfsa2023-47

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-09-11T18:56:11Z/

url

https://www.mozilla.org/security/advisories/mfsa2023-47/

reference_url

https://lists.debian.org/debian-lts-announce/2023/10/msg00037.html

reference_id

msg00037.html

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-09-11T18:56:11Z/

url

https://lists.debian.org/debian-lts-announce/2023/10/msg00037.html

reference_url

https://lists.debian.org/debian-lts-announce/2023/10/msg00042.html

reference_id

msg00042.html

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-09-11T18:56:11Z/

url

https://lists.debian.org/debian-lts-announce/2023/10/msg00042.html

reference_url	https://access.redhat.com/errata/RHSA-2023:6162
reference_id	RHSA-2023:6162
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:6162

reference_url	https://access.redhat.com/errata/RHSA-2023:6185
reference_id	RHSA-2023:6185
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:6185

reference_url	https://access.redhat.com/errata/RHSA-2023:6186
reference_id	RHSA-2023:6186
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:6186

reference_url	https://access.redhat.com/errata/RHSA-2023:6187
reference_id	RHSA-2023:6187
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:6187

reference_url	https://access.redhat.com/errata/RHSA-2023:6188
reference_id	RHSA-2023:6188
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:6188

reference_url	https://access.redhat.com/errata/RHSA-2023:6189
reference_id	RHSA-2023:6189
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:6189

reference_url	https://access.redhat.com/errata/RHSA-2023:6191
reference_id	RHSA-2023:6191
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:6191

reference_url	https://access.redhat.com/errata/RHSA-2023:6194
reference_id	RHSA-2023:6194
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:6194

reference_url	https://access.redhat.com/errata/RHSA-2023:6195
reference_id	RHSA-2023:6195
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:6195

reference_url	https://access.redhat.com/errata/RHSA-2023:6196
reference_id	RHSA-2023:6196
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:6196

reference_url	https://access.redhat.com/errata/RHSA-2023:6197
reference_id	RHSA-2023:6197
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:6197

reference_url	https://access.redhat.com/errata/RHSA-2023:6198
reference_id	RHSA-2023:6198
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:6198

reference_url	https://access.redhat.com/errata/RHSA-2023:6199
reference_id	RHSA-2023:6199
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:6199

reference_url

https://bugzilla.mozilla.org/show_bug.cgi?id=1836705

reference_id

show_bug.cgi?id=1836705

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-09-11T18:56:11Z/

url

https://bugzilla.mozilla.org/show_bug.cgi?id=1836705

reference_url	https://usn.ubuntu.com/6456-1/
reference_id	USN-6456-1
reference_type
scores
url	https://usn.ubuntu.com/6456-1/

reference_url	https://usn.ubuntu.com/6468-1/
reference_id	USN-6468-1
reference_type
scores
url	https://usn.ubuntu.com/6468-1/

fixed_packages

url	pkg:ebuild/mail-client/thunderbird-bin@115.7.0
purl	pkg:ebuild/mail-client/thunderbird-bin@115.7.0
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:ebuild/mail-client/thunderbird-bin@115.7.0

aliases CVE-2023-5724

risk_score 4.0

exploitability 0.5

weighted_severity 8.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-6dxq-ky4z-ubdj

url VCID-6j39-ntkk-cuax

vulnerability_id VCID-6j39-ntkk-cuax

summary It was possible for certain browser prompts and dialogs to be activated or dismissed unintentionally by the user due to an incorrect timestamp used to prevent input after page load. This vulnerability affects Firefox < 122, Firefox ESR < 115.7, and Thunderbird < 115.7.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-0742.json

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-0742.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2024-0742

reference_id

reference_type

scores

value	0.01842
scoring_system	epss
scoring_elements	0.83375
published_at	2026-06-11T12:55:00Z

value	0.01842
scoring_system	epss
scoring_elements	0.83436
published_at	2026-06-12T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2024-0742

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-0741
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-0741

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-0742
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-0742

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-0746
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-0746

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-0747
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-0747

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-0749
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-0749

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-0750
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-0750

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-0751
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-0751

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-0753
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-0753

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-0755
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-0755

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2259927
reference_id	2259927
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2259927

reference_url	https://security.gentoo.org/glsa/202402-25
reference_id	GLSA-202402-25
reference_type
scores
url	https://security.gentoo.org/glsa/202402-25

reference_url	https://security.gentoo.org/glsa/202402-26
reference_id	GLSA-202402-26
reference_type
scores
url	https://security.gentoo.org/glsa/202402-26

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2024-01

reference_id

mfsa2024-01

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2024-01

reference_url

https://www.mozilla.org/security/advisories/mfsa2024-01/

reference_id

mfsa2024-01

reference_type

scores

value	4.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-08T17:35:26Z/

url

https://www.mozilla.org/security/advisories/mfsa2024-01/

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2024-02

reference_id

mfsa2024-02

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2024-02

reference_url

https://www.mozilla.org/security/advisories/mfsa2024-02/

reference_id

mfsa2024-02

reference_type

scores

value	4.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-08T17:35:26Z/

url

https://www.mozilla.org/security/advisories/mfsa2024-02/

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2024-04

reference_id

mfsa2024-04

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2024-04

reference_url

https://www.mozilla.org/security/advisories/mfsa2024-04/

reference_id

mfsa2024-04

reference_type

scores

value	4.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-08T17:35:26Z/

url

https://www.mozilla.org/security/advisories/mfsa2024-04/

reference_url

https://lists.debian.org/debian-lts-announce/2024/01/msg00015.html

reference_id

msg00015.html

reference_type

scores

value	4.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-08T17:35:26Z/

url

https://lists.debian.org/debian-lts-announce/2024/01/msg00015.html

reference_url

https://lists.debian.org/debian-lts-announce/2024/01/msg00022.html

reference_id

msg00022.html

reference_type

scores

value	4.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-08T17:35:26Z/

url

https://lists.debian.org/debian-lts-announce/2024/01/msg00022.html

reference_url	https://access.redhat.com/errata/RHSA-2024:0559
reference_id	RHSA-2024:0559
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0559

reference_url	https://access.redhat.com/errata/RHSA-2024:0565
reference_id	RHSA-2024:0565
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0565

reference_url	https://access.redhat.com/errata/RHSA-2024:0596
reference_id	RHSA-2024:0596
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0596

reference_url	https://access.redhat.com/errata/RHSA-2024:0598
reference_id	RHSA-2024:0598
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0598

reference_url	https://access.redhat.com/errata/RHSA-2024:0600
reference_id	RHSA-2024:0600
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0600

reference_url	https://access.redhat.com/errata/RHSA-2024:0601
reference_id	RHSA-2024:0601
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0601

reference_url	https://access.redhat.com/errata/RHSA-2024:0602
reference_id	RHSA-2024:0602
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0602

reference_url	https://access.redhat.com/errata/RHSA-2024:0603
reference_id	RHSA-2024:0603
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0603

reference_url	https://access.redhat.com/errata/RHSA-2024:0604
reference_id	RHSA-2024:0604
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0604

reference_url	https://access.redhat.com/errata/RHSA-2024:0605
reference_id	RHSA-2024:0605
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0605

reference_url	https://access.redhat.com/errata/RHSA-2024:0608
reference_id	RHSA-2024:0608
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0608

reference_url	https://access.redhat.com/errata/RHSA-2024:0609
reference_id	RHSA-2024:0609
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0609

reference_url	https://access.redhat.com/errata/RHSA-2024:0615
reference_id	RHSA-2024:0615
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0615

reference_url	https://access.redhat.com/errata/RHSA-2024:0616
reference_id	RHSA-2024:0616
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0616

reference_url	https://access.redhat.com/errata/RHSA-2024:0618
reference_id	RHSA-2024:0618
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0618

reference_url	https://access.redhat.com/errata/RHSA-2024:0619
reference_id	RHSA-2024:0619
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0619

reference_url	https://access.redhat.com/errata/RHSA-2024:0622
reference_id	RHSA-2024:0622
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0622

reference_url	https://access.redhat.com/errata/RHSA-2024:0623
reference_id	RHSA-2024:0623
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0623

reference_url

https://bugzilla.mozilla.org/show_bug.cgi?id=1867152

reference_id

show_bug.cgi?id=1867152

reference_type

scores

value	4.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-08T17:35:26Z/

url

https://bugzilla.mozilla.org/show_bug.cgi?id=1867152

reference_url	https://usn.ubuntu.com/6610-1/
reference_id	USN-6610-1
reference_type
scores
url	https://usn.ubuntu.com/6610-1/

reference_url	https://usn.ubuntu.com/6669-1/
reference_id	USN-6669-1
reference_type
scores
url	https://usn.ubuntu.com/6669-1/

fixed_packages

url	pkg:ebuild/mail-client/thunderbird-bin@115.7.0
purl	pkg:ebuild/mail-client/thunderbird-bin@115.7.0
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:ebuild/mail-client/thunderbird-bin@115.7.0

aliases CVE-2024-0742

risk_score 4.0

exploitability 0.5

weighted_severity 8.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-6j39-ntkk-cuax

url VCID-7s91-4488-bfas

vulnerability_id VCID-7s91-4488-bfas

summary Firefox was susceptible to a heap buffer overflow in `nsTextFragment` due to insufficient OOM handling. This vulnerability affects Firefox ESR < 115.6, Thunderbird < 115.6, and Firefox < 121.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-6858.json

reference_id

reference_type

scores

value	8.8
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-6858.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2023-6858

reference_id

reference_type

scores

value	0.00417
scoring_system	epss
scoring_elements	0.62176
published_at	2026-06-11T12:55:00Z

value	0.00417
scoring_system	epss
scoring_elements	0.62278
published_at	2026-06-12T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2023-6858

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-50761
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-50761

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-50762
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-50762

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6856
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6856

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6857
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6857

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6858
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6858

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6859
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6859

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6860
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6860

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6861
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6861

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6862
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6862

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6863
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6863

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6864
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6864

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6865
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6865

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6867
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6867

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6873
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6873

reference_url

reference_id

202401-10

reference_type

scores

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-05-07T20:24:54Z/

url

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2255363
reference_id	2255363
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2255363

reference_url

reference_id

dsa-5581

reference_type

scores

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-05-07T20:24:54Z/

url

reference_url

reference_id

dsa-5582

reference_type

scores

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-05-07T20:24:54Z/

url

https://www.mozilla.org/en-US/security/advisories/mfsa2023-54

reference_url	https://security.gentoo.org/glsa/202402-25
reference_id	GLSA-202402-25
reference_type
scores
url	https://security.gentoo.org/glsa/202402-25

reference_url

reference_id

mfsa2023-54

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2023-54

reference_url

https://www.mozilla.org/security/advisories/mfsa2023-54/

reference_id

mfsa2023-54

reference_type

scores

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-05-07T20:24:54Z/

url

https://www.mozilla.org/security/advisories/mfsa2023-54/

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2023-55

reference_id

mfsa2023-55

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2023-55

reference_url

https://www.mozilla.org/security/advisories/mfsa2023-55/

reference_id

mfsa2023-55

reference_type

scores

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-05-07T20:24:54Z/

url

https://www.mozilla.org/security/advisories/mfsa2023-55/

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2023-56

reference_id

mfsa2023-56

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2023-56

reference_url

https://www.mozilla.org/security/advisories/mfsa2023-56/

reference_id

mfsa2023-56

reference_type

scores

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-05-07T20:24:54Z/

url

https://www.mozilla.org/security/advisories/mfsa2023-56/

reference_url

https://lists.debian.org/debian-lts-announce/2023/12/msg00020.html

reference_id

msg00020.html

reference_type

scores

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-05-07T20:24:54Z/

url

https://lists.debian.org/debian-lts-announce/2023/12/msg00020.html

reference_url

https://lists.debian.org/debian-lts-announce/2023/12/msg00021.html

reference_id

msg00021.html

reference_type

scores

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-05-07T20:24:54Z/

url

https://lists.debian.org/debian-lts-announce/2023/12/msg00021.html

reference_url	https://access.redhat.com/errata/RHSA-2024:0001
reference_id	RHSA-2024:0001
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0001

reference_url	https://access.redhat.com/errata/RHSA-2024:0002
reference_id	RHSA-2024:0002
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0002

reference_url	https://access.redhat.com/errata/RHSA-2024:0003
reference_id	RHSA-2024:0003
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0003

reference_url	https://access.redhat.com/errata/RHSA-2024:0004
reference_id	RHSA-2024:0004
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0004

reference_url	https://access.redhat.com/errata/RHSA-2024:0005
reference_id	RHSA-2024:0005
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0005

reference_url	https://access.redhat.com/errata/RHSA-2024:0011
reference_id	RHSA-2024:0011
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0011

reference_url	https://access.redhat.com/errata/RHSA-2024:0012
reference_id	RHSA-2024:0012
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0012

reference_url	https://access.redhat.com/errata/RHSA-2024:0019
reference_id	RHSA-2024:0019
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0019

reference_url	https://access.redhat.com/errata/RHSA-2024:0021
reference_id	RHSA-2024:0021
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0021

reference_url	https://access.redhat.com/errata/RHSA-2024:0022
reference_id	RHSA-2024:0022
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0022

reference_url	https://access.redhat.com/errata/RHSA-2024:0023
reference_id	RHSA-2024:0023
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0023

reference_url	https://access.redhat.com/errata/RHSA-2024:0024
reference_id	RHSA-2024:0024
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0024

reference_url	https://access.redhat.com/errata/RHSA-2024:0025
reference_id	RHSA-2024:0025
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0025

reference_url	https://access.redhat.com/errata/RHSA-2024:0026
reference_id	RHSA-2024:0026
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0026

reference_url	https://access.redhat.com/errata/RHSA-2024:0027
reference_id	RHSA-2024:0027
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0027

reference_url	https://access.redhat.com/errata/RHSA-2024:0028
reference_id	RHSA-2024:0028
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0028

reference_url	https://access.redhat.com/errata/RHSA-2024:0029
reference_id	RHSA-2024:0029
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0029

reference_url	https://access.redhat.com/errata/RHSA-2024:0030
reference_id	RHSA-2024:0030
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0030

reference_url

https://bugzilla.mozilla.org/show_bug.cgi?id=1826791

reference_id

show_bug.cgi?id=1826791

reference_type

scores

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-05-07T20:24:54Z/

url

https://bugzilla.mozilla.org/show_bug.cgi?id=1826791

reference_url	https://usn.ubuntu.com/6562-1/
reference_id	USN-6562-1
reference_type
scores
url	https://usn.ubuntu.com/6562-1/

reference_url	https://usn.ubuntu.com/6563-1/
reference_id	USN-6563-1
reference_type
scores
url	https://usn.ubuntu.com/6563-1/

fixed_packages

url	pkg:ebuild/mail-client/thunderbird-bin@115.7.0
purl	pkg:ebuild/mail-client/thunderbird-bin@115.7.0
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:ebuild/mail-client/thunderbird-bin@115.7.0

aliases CVE-2023-6858

risk_score 4.0

exploitability 0.5

weighted_severity 8.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-7s91-4488-bfas

url VCID-7x1b-vgws-myeu

vulnerability_id VCID-7x1b-vgws-myeu

summary

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-5721.json

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-5721.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2023-5721

reference_id

reference_type

scores

value	0.00309
scoring_system	epss
scoring_elements	0.54449
published_at	2026-06-11T12:55:00Z

value	0.00309
scoring_system	epss
scoring_elements	0.54574
published_at	2026-06-12T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2023-5721

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-5721
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-5721

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-5724
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-5724

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-5725
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-5725

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-5728
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-5728

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-5730
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-5730

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-5732
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-5732

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2245896
reference_id	2245896
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2245896

reference_url

reference_id

dsa-5535

reference_type

scores

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-11T18:57:20Z/

url

reference_url

reference_id

dsa-5538

reference_type

scores

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-11T18:57:20Z/

url

https://www.mozilla.org/en-US/security/advisories/mfsa2023-45

reference_url	https://security.gentoo.org/glsa/202402-25
reference_id	GLSA-202402-25
reference_type
scores
url	https://security.gentoo.org/glsa/202402-25

reference_url

reference_id

mfsa2023-45

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2023-45

reference_url

https://www.mozilla.org/security/advisories/mfsa2023-45/

reference_id

mfsa2023-45

reference_type

scores

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-11T18:57:20Z/

url

https://www.mozilla.org/security/advisories/mfsa2023-45/

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2023-46

reference_id

mfsa2023-46

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2023-46

reference_url

https://www.mozilla.org/security/advisories/mfsa2023-46/

reference_id

mfsa2023-46

reference_type

scores

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-11T18:57:20Z/

url

https://www.mozilla.org/security/advisories/mfsa2023-46/

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2023-47

reference_id

mfsa2023-47

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2023-47

reference_url

https://www.mozilla.org/security/advisories/mfsa2023-47/

reference_id

mfsa2023-47

reference_type

scores

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-11T18:57:20Z/

url

https://www.mozilla.org/security/advisories/mfsa2023-47/

reference_url

https://lists.debian.org/debian-lts-announce/2023/10/msg00037.html

reference_id

msg00037.html

reference_type

scores

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-11T18:57:20Z/

url

https://lists.debian.org/debian-lts-announce/2023/10/msg00037.html

reference_url

https://lists.debian.org/debian-lts-announce/2023/10/msg00042.html

reference_id

msg00042.html

reference_type

scores

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-11T18:57:20Z/

url

https://lists.debian.org/debian-lts-announce/2023/10/msg00042.html

reference_url	https://access.redhat.com/errata/RHSA-2023:6162
reference_id	RHSA-2023:6162
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:6162

reference_url	https://access.redhat.com/errata/RHSA-2023:6185
reference_id	RHSA-2023:6185
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:6185

reference_url	https://access.redhat.com/errata/RHSA-2023:6186
reference_id	RHSA-2023:6186
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:6186

reference_url	https://access.redhat.com/errata/RHSA-2023:6187
reference_id	RHSA-2023:6187
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:6187

reference_url	https://access.redhat.com/errata/RHSA-2023:6188
reference_id	RHSA-2023:6188
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:6188

reference_url	https://access.redhat.com/errata/RHSA-2023:6189
reference_id	RHSA-2023:6189
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:6189

reference_url	https://access.redhat.com/errata/RHSA-2023:6191
reference_id	RHSA-2023:6191
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:6191

reference_url	https://access.redhat.com/errata/RHSA-2023:6194
reference_id	RHSA-2023:6194
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:6194

reference_url	https://access.redhat.com/errata/RHSA-2023:6195
reference_id	RHSA-2023:6195
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:6195

reference_url	https://access.redhat.com/errata/RHSA-2023:6196
reference_id	RHSA-2023:6196
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:6196

reference_url	https://access.redhat.com/errata/RHSA-2023:6197
reference_id	RHSA-2023:6197
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:6197

reference_url	https://access.redhat.com/errata/RHSA-2023:6198
reference_id	RHSA-2023:6198
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:6198

reference_url	https://access.redhat.com/errata/RHSA-2023:6199
reference_id	RHSA-2023:6199
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:6199

reference_url

https://bugzilla.mozilla.org/show_bug.cgi?id=1830820

reference_id

show_bug.cgi?id=1830820

reference_type

scores

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-11T18:57:20Z/

url

https://bugzilla.mozilla.org/show_bug.cgi?id=1830820

reference_url	https://usn.ubuntu.com/6456-1/
reference_id	USN-6456-1
reference_type
scores
url	https://usn.ubuntu.com/6456-1/

reference_url	https://usn.ubuntu.com/6468-1/
reference_id	USN-6468-1
reference_type
scores
url	https://usn.ubuntu.com/6468-1/

fixed_packages

url	pkg:ebuild/mail-client/thunderbird-bin@115.7.0
purl	pkg:ebuild/mail-client/thunderbird-bin@115.7.0
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:ebuild/mail-client/thunderbird-bin@115.7.0

aliases CVE-2023-5721

risk_score 4.0

exploitability 0.5

weighted_severity 8.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-7x1b-vgws-myeu

url VCID-824p-a2wh-h7b9

vulnerability_id VCID-824p-a2wh-h7b9

summary

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-5727.json

reference_id

reference_type

scores

value	6.1
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-5727.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2023-5727

reference_id

reference_type

scores

value	0.00212
scoring_system	epss
scoring_elements	0.43983
published_at	2026-06-12T12:55:00Z

value	0.00212
scoring_system	epss
scoring_elements	0.43828
published_at	2026-06-11T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2023-5727

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	6.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2245902
reference_id	2245902
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2245902

reference_url	https://security.gentoo.org/glsa/202402-25
reference_id	GLSA-202402-25
reference_type
scores
url	https://security.gentoo.org/glsa/202402-25

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2023-45

reference_id

mfsa2023-45

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2023-45

reference_url

https://www.mozilla.org/security/advisories/mfsa2023-45/

reference_id

mfsa2023-45

reference_type

scores

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-11T18:47:05Z/

url

https://www.mozilla.org/security/advisories/mfsa2023-45/

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2023-46

reference_id

mfsa2023-46

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2023-46

reference_url

https://www.mozilla.org/security/advisories/mfsa2023-46/

reference_id

mfsa2023-46

reference_type

scores

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-11T18:47:05Z/

url

https://www.mozilla.org/security/advisories/mfsa2023-46/

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2023-47

reference_id

mfsa2023-47

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2023-47

reference_url

https://www.mozilla.org/security/advisories/mfsa2023-47/

reference_id

mfsa2023-47

reference_type

scores

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-11T18:47:05Z/

url

https://www.mozilla.org/security/advisories/mfsa2023-47/

reference_url

https://bugzilla.mozilla.org/show_bug.cgi?id=1847180

reference_id

show_bug.cgi?id=1847180

reference_type

scores

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-11T18:47:05Z/

url

https://bugzilla.mozilla.org/show_bug.cgi?id=1847180

fixed_packages

url	pkg:ebuild/mail-client/thunderbird-bin@115.7.0
purl	pkg:ebuild/mail-client/thunderbird-bin@115.7.0
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:ebuild/mail-client/thunderbird-bin@115.7.0

aliases CVE-2023-5727

risk_score null

exploitability null

weighted_severity null

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-824p-a2wh-h7b9

url VCID-8af6-ye5f-4ua5

vulnerability_id VCID-8af6-ye5f-4ua5

summary Excel `.xll` add-in files did not have a blocklist entry in Firefox's executable blocklist which allowed them to be downloaded without any warning of their potential harm. This vulnerability affects Firefox < 117, Firefox ESR < 102.15, Firefox ESR < 115.2, Thunderbird < 102.15, and Thunderbird < 115.2.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-4581.json

reference_id

reference_type

scores

value	6.1
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-4581.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2023-4581

reference_id

reference_type

scores

value	0.0016
scoring_system	epss
scoring_elements	0.36884
published_at	2026-06-12T12:55:00Z

value	0.0016
scoring_system	epss
scoring_elements	0.36705
published_at	2026-06-11T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2023-4581

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-4573
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-4573

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-4574
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-4574

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-4575
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-4575

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-4581
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-4581

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-4584
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-4584

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2236080
reference_id	2236080
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2236080

reference_url	https://security.gentoo.org/glsa/202402-25
reference_id	GLSA-202402-25
reference_type
scores
url	https://security.gentoo.org/glsa/202402-25

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2023-34

reference_id

mfsa2023-34

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2023-34

reference_url

https://www.mozilla.org/security/advisories/mfsa2023-34/

reference_id

mfsa2023-34

reference_type

scores

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-26T16:02:47Z/

url

https://www.mozilla.org/security/advisories/mfsa2023-34/

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2023-35

reference_id

mfsa2023-35

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2023-35

reference_url

https://www.mozilla.org/security/advisories/mfsa2023-35/

reference_id

mfsa2023-35

reference_type

scores

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-26T16:02:47Z/

url

https://www.mozilla.org/security/advisories/mfsa2023-35/

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2023-36

reference_id

mfsa2023-36

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2023-36

reference_url

https://www.mozilla.org/security/advisories/mfsa2023-36/

reference_id

mfsa2023-36

reference_type

scores

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-26T16:02:47Z/

url

https://www.mozilla.org/security/advisories/mfsa2023-36/

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2023-37

reference_id

mfsa2023-37

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2023-37

reference_url

https://www.mozilla.org/security/advisories/mfsa2023-37/

reference_id

mfsa2023-37

reference_type

scores

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-26T16:02:47Z/

url

https://www.mozilla.org/security/advisories/mfsa2023-37/

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2023-38

reference_id

mfsa2023-38

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2023-38

reference_url

https://www.mozilla.org/security/advisories/mfsa2023-38/

reference_id

mfsa2023-38

reference_type

scores

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-26T16:02:47Z/

url

https://www.mozilla.org/security/advisories/mfsa2023-38/

reference_url	https://access.redhat.com/errata/RHSA-2023:4945
reference_id	RHSA-2023:4945
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:4945

reference_url	https://access.redhat.com/errata/RHSA-2023:4946
reference_id	RHSA-2023:4946
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:4946

reference_url	https://access.redhat.com/errata/RHSA-2023:4947
reference_id	RHSA-2023:4947
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:4947

reference_url	https://access.redhat.com/errata/RHSA-2023:4948
reference_id	RHSA-2023:4948
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:4948

reference_url	https://access.redhat.com/errata/RHSA-2023:4949
reference_id	RHSA-2023:4949
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:4949

reference_url	https://access.redhat.com/errata/RHSA-2023:4950
reference_id	RHSA-2023:4950
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:4950

reference_url	https://access.redhat.com/errata/RHSA-2023:4951
reference_id	RHSA-2023:4951
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:4951

reference_url	https://access.redhat.com/errata/RHSA-2023:4952
reference_id	RHSA-2023:4952
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:4952

reference_url	https://access.redhat.com/errata/RHSA-2023:4954
reference_id	RHSA-2023:4954
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:4954

reference_url	https://access.redhat.com/errata/RHSA-2023:4955
reference_id	RHSA-2023:4955
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:4955

reference_url	https://access.redhat.com/errata/RHSA-2023:4956
reference_id	RHSA-2023:4956
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:4956

reference_url	https://access.redhat.com/errata/RHSA-2023:4957
reference_id	RHSA-2023:4957
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:4957

reference_url	https://access.redhat.com/errata/RHSA-2023:4958
reference_id	RHSA-2023:4958
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:4958

reference_url	https://access.redhat.com/errata/RHSA-2023:4959
reference_id	RHSA-2023:4959
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:4959

reference_url	https://access.redhat.com/errata/RHSA-2023:5019
reference_id	RHSA-2023:5019
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:5019

reference_url

https://bugzilla.mozilla.org/show_bug.cgi?id=1843758

reference_id

show_bug.cgi?id=1843758

reference_type

scores

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-26T16:02:47Z/

url

https://bugzilla.mozilla.org/show_bug.cgi?id=1843758

reference_url	https://usn.ubuntu.com/6320-1/
reference_id	USN-6320-1
reference_type
scores
url	https://usn.ubuntu.com/6320-1/

reference_url	https://usn.ubuntu.com/6368-1/
reference_id	USN-6368-1
reference_type
scores
url	https://usn.ubuntu.com/6368-1/

fixed_packages

url	pkg:ebuild/mail-client/thunderbird-bin@115.7.0
purl	pkg:ebuild/mail-client/thunderbird-bin@115.7.0
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:ebuild/mail-client/thunderbird-bin@115.7.0

aliases CVE-2023-4581

risk_score 4.0

exploitability 0.5

weighted_severity 8.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-8af6-ye5f-4ua5

url VCID-8f5p-vpt4-yyb5

vulnerability_id VCID-8f5p-vpt4-yyb5

summary

Due to large allocation checks in Angle for glsl shaders being too lenient a buffer overflow could have occured when allocating too much private shader memory on mac OS. 
*This bug only affects Firefox on macOS. Other operating systems are unaffected.* This vulnerability affects Firefox < 117, Firefox ESR < 115.2, and Thunderbird < 115.2.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-4582.json

reference_id

reference_type

scores

value	8.8
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-4582.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2023-4582

reference_id

reference_type

scores

value	0.00657
scoring_system	epss
scoring_elements	0.71503
published_at	2026-06-11T12:55:00Z

value	0.00657
scoring_system	epss
scoring_elements	0.71589
published_at	2026-06-12T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2023-4582

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2236081
reference_id	2236081
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2236081

reference_url	https://security.gentoo.org/glsa/202402-25
reference_id	GLSA-202402-25
reference_type
scores
url	https://security.gentoo.org/glsa/202402-25

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2023-34

reference_id

mfsa2023-34

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2023-34

reference_url

https://www.mozilla.org/security/advisories/mfsa2023-34/

reference_id

mfsa2023-34

reference_type

scores

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-09-19T20:00:26Z/

url

https://www.mozilla.org/security/advisories/mfsa2023-34/

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2023-36

reference_id

mfsa2023-36

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2023-36

reference_url

https://www.mozilla.org/security/advisories/mfsa2023-36/

reference_id

mfsa2023-36

reference_type

scores

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-09-19T20:00:26Z/

url

https://www.mozilla.org/security/advisories/mfsa2023-36/

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2023-38

reference_id

mfsa2023-38

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2023-38

reference_url

https://www.mozilla.org/security/advisories/mfsa2023-38/

reference_id

mfsa2023-38

reference_type

scores

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-09-19T20:00:26Z/

url

https://www.mozilla.org/security/advisories/mfsa2023-38/

reference_url

https://bugzilla.mozilla.org/show_bug.cgi?id=1773874

reference_id

show_bug.cgi?id=1773874

reference_type

scores

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-09-19T20:00:26Z/

url

https://bugzilla.mozilla.org/show_bug.cgi?id=1773874

fixed_packages

url	pkg:ebuild/mail-client/thunderbird-bin@115.7.0
purl	pkg:ebuild/mail-client/thunderbird-bin@115.7.0
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:ebuild/mail-client/thunderbird-bin@115.7.0

aliases CVE-2023-4582

risk_score null

exploitability null

weighted_severity null

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-8f5p-vpt4-yyb5

url VCID-91m7-6fjz-r3g3

vulnerability_id VCID-91m7-6fjz-r3g3

summary When creating a callback over IPC for showing the Color Picker window, multiple of the same callbacks could have been created at a time and eventually all simultaneously destroyed as soon as one of the callbacks finished. This could have led to a use-after-free causing a potentially exploitable crash. This vulnerability affects Firefox < 117, Firefox ESR < 102.15, Firefox ESR < 115.2, Thunderbird < 102.15, and Thunderbird < 115.2.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-4574.json

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-4574.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2023-4574

reference_id

reference_type

scores

value	0.00137
scoring_system	epss
scoring_elements	0.33618
published_at	2026-06-12T12:55:00Z

value	0.00137
scoring_system	epss
scoring_elements	0.33437
published_at	2026-06-11T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2023-4574

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-4573
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-4573

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-4574
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-4574

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-4575
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-4575

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-4581
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-4581

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-4584
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-4584

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2236072
reference_id	2236072
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2236072

reference_url	https://security.gentoo.org/glsa/202402-25
reference_id	GLSA-202402-25
reference_type
scores
url	https://security.gentoo.org/glsa/202402-25

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2023-34

reference_id

mfsa2023-34

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2023-34

reference_url

https://www.mozilla.org/security/advisories/mfsa2023-34/

reference_id

mfsa2023-34

reference_type

scores

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-26T15:07:09Z/

url

https://www.mozilla.org/security/advisories/mfsa2023-34/

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2023-35

reference_id

mfsa2023-35

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2023-35

reference_url

https://www.mozilla.org/security/advisories/mfsa2023-35/

reference_id

mfsa2023-35

reference_type

scores

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-26T15:07:09Z/

url

https://www.mozilla.org/security/advisories/mfsa2023-35/

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2023-36

reference_id

mfsa2023-36

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2023-36

reference_url

https://www.mozilla.org/security/advisories/mfsa2023-36/

reference_id

mfsa2023-36

reference_type

scores

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-26T15:07:09Z/

url

https://www.mozilla.org/security/advisories/mfsa2023-36/

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2023-37

reference_id

mfsa2023-37

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2023-37

reference_url

https://www.mozilla.org/security/advisories/mfsa2023-37/

reference_id

mfsa2023-37

reference_type

scores

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-26T15:07:09Z/

url

https://www.mozilla.org/security/advisories/mfsa2023-37/

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2023-38

reference_id

mfsa2023-38

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2023-38

reference_url

https://www.mozilla.org/security/advisories/mfsa2023-38/

reference_id

mfsa2023-38

reference_type

scores

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-26T15:07:09Z/

url

https://www.mozilla.org/security/advisories/mfsa2023-38/

reference_url	https://access.redhat.com/errata/RHSA-2023:4945
reference_id	RHSA-2023:4945
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:4945

reference_url	https://access.redhat.com/errata/RHSA-2023:4946
reference_id	RHSA-2023:4946
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:4946

reference_url	https://access.redhat.com/errata/RHSA-2023:4947
reference_id	RHSA-2023:4947
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:4947

reference_url	https://access.redhat.com/errata/RHSA-2023:4948
reference_id	RHSA-2023:4948
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:4948

reference_url	https://access.redhat.com/errata/RHSA-2023:4949
reference_id	RHSA-2023:4949
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:4949

reference_url	https://access.redhat.com/errata/RHSA-2023:4950
reference_id	RHSA-2023:4950
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:4950

reference_url	https://access.redhat.com/errata/RHSA-2023:4951
reference_id	RHSA-2023:4951
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:4951

reference_url	https://access.redhat.com/errata/RHSA-2023:4952
reference_id	RHSA-2023:4952
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:4952

reference_url	https://access.redhat.com/errata/RHSA-2023:4954
reference_id	RHSA-2023:4954
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:4954

reference_url	https://access.redhat.com/errata/RHSA-2023:4955
reference_id	RHSA-2023:4955
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:4955

reference_url	https://access.redhat.com/errata/RHSA-2023:4956
reference_id	RHSA-2023:4956
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:4956

reference_url	https://access.redhat.com/errata/RHSA-2023:4957
reference_id	RHSA-2023:4957
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:4957

reference_url	https://access.redhat.com/errata/RHSA-2023:4958
reference_id	RHSA-2023:4958
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:4958

reference_url	https://access.redhat.com/errata/RHSA-2023:4959
reference_id	RHSA-2023:4959
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:4959

reference_url	https://access.redhat.com/errata/RHSA-2023:5019
reference_id	RHSA-2023:5019
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:5019

reference_url

https://bugzilla.mozilla.org/show_bug.cgi?id=1846688

reference_id

show_bug.cgi?id=1846688

reference_type

scores

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-26T15:07:09Z/

url

https://bugzilla.mozilla.org/show_bug.cgi?id=1846688

reference_url	https://usn.ubuntu.com/6320-1/
reference_id	USN-6320-1
reference_type
scores
url	https://usn.ubuntu.com/6320-1/

reference_url	https://usn.ubuntu.com/6368-1/
reference_id	USN-6368-1
reference_type
scores
url	https://usn.ubuntu.com/6368-1/

fixed_packages

url	pkg:ebuild/mail-client/thunderbird-bin@115.7.0
purl	pkg:ebuild/mail-client/thunderbird-bin@115.7.0
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:ebuild/mail-client/thunderbird-bin@115.7.0

aliases CVE-2023-4574

risk_score 4.0

exploitability 0.5

weighted_severity 8.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-91m7-6fjz-r3g3

url VCID-a2ev-h5zt-j7h5

vulnerability_id VCID-a2ev-h5zt-j7h5

summary

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-5728.json

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-5728.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2023-5728

reference_id

reference_type

scores

value	0.00525
scoring_system	epss
scoring_elements	0.67412
published_at	2026-06-11T12:55:00Z

value	0.00525
scoring_system	epss
scoring_elements	0.67502
published_at	2026-06-12T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2023-5728

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-5721
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-5721

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-5724
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-5724

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-5725
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-5725

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-5728
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-5728

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-5730
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-5730

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-5732
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-5732

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	6.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2245903
reference_id	2245903
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2245903

reference_url

reference_id

dsa-5535

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-09-11T18:34:03Z/

url

reference_url

reference_id

dsa-5538

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-09-11T18:34:03Z/

url

https://www.mozilla.org/en-US/security/advisories/mfsa2023-45

reference_url	https://security.gentoo.org/glsa/202402-25
reference_id	GLSA-202402-25
reference_type
scores
url	https://security.gentoo.org/glsa/202402-25

reference_url

reference_id

mfsa2023-45

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2023-45

reference_url

https://www.mozilla.org/security/advisories/mfsa2023-45/

reference_id

mfsa2023-45

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-09-11T18:34:03Z/

url

https://www.mozilla.org/security/advisories/mfsa2023-45/

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2023-46

reference_id

mfsa2023-46

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2023-46

reference_url

https://www.mozilla.org/security/advisories/mfsa2023-46/

reference_id

mfsa2023-46

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-09-11T18:34:03Z/

url

https://www.mozilla.org/security/advisories/mfsa2023-46/

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2023-47

reference_id

mfsa2023-47

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2023-47

reference_url

https://www.mozilla.org/security/advisories/mfsa2023-47/

reference_id

mfsa2023-47

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-09-11T18:34:03Z/

url

https://www.mozilla.org/security/advisories/mfsa2023-47/

reference_url

https://lists.debian.org/debian-lts-announce/2023/10/msg00037.html

reference_id

msg00037.html

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-09-11T18:34:03Z/

url

https://lists.debian.org/debian-lts-announce/2023/10/msg00037.html

reference_url

https://lists.debian.org/debian-lts-announce/2023/10/msg00042.html

reference_id

msg00042.html

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-09-11T18:34:03Z/

url

https://lists.debian.org/debian-lts-announce/2023/10/msg00042.html

reference_url	https://access.redhat.com/errata/RHSA-2023:6162
reference_id	RHSA-2023:6162
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:6162

reference_url	https://access.redhat.com/errata/RHSA-2023:6185
reference_id	RHSA-2023:6185
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:6185

reference_url	https://access.redhat.com/errata/RHSA-2023:6186
reference_id	RHSA-2023:6186
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:6186

reference_url	https://access.redhat.com/errata/RHSA-2023:6187
reference_id	RHSA-2023:6187
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:6187

reference_url	https://access.redhat.com/errata/RHSA-2023:6188
reference_id	RHSA-2023:6188
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:6188

reference_url	https://access.redhat.com/errata/RHSA-2023:6189
reference_id	RHSA-2023:6189
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:6189

reference_url	https://access.redhat.com/errata/RHSA-2023:6191
reference_id	RHSA-2023:6191
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:6191

reference_url	https://access.redhat.com/errata/RHSA-2023:6194
reference_id	RHSA-2023:6194
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:6194

reference_url	https://access.redhat.com/errata/RHSA-2023:6195
reference_id	RHSA-2023:6195
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:6195

reference_url	https://access.redhat.com/errata/RHSA-2023:6196
reference_id	RHSA-2023:6196
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:6196

reference_url	https://access.redhat.com/errata/RHSA-2023:6197
reference_id	RHSA-2023:6197
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:6197

reference_url	https://access.redhat.com/errata/RHSA-2023:6198
reference_id	RHSA-2023:6198
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:6198

reference_url	https://access.redhat.com/errata/RHSA-2023:6199
reference_id	RHSA-2023:6199
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:6199

reference_url

https://bugzilla.mozilla.org/show_bug.cgi?id=1852729

reference_id

show_bug.cgi?id=1852729

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-09-11T18:34:03Z/

url

https://bugzilla.mozilla.org/show_bug.cgi?id=1852729

reference_url	https://usn.ubuntu.com/6456-1/
reference_id	USN-6456-1
reference_type
scores
url	https://usn.ubuntu.com/6456-1/

reference_url	https://usn.ubuntu.com/6468-1/
reference_id	USN-6468-1
reference_type
scores
url	https://usn.ubuntu.com/6468-1/

fixed_packages

url	pkg:ebuild/mail-client/thunderbird-bin@115.7.0
purl	pkg:ebuild/mail-client/thunderbird-bin@115.7.0
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:ebuild/mail-client/thunderbird-bin@115.7.0

aliases CVE-2023-5728

risk_score 4.0

exploitability 0.5

weighted_severity 8.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-a2ev-h5zt-j7h5

url VCID-adfe-j1mn-jyg8

vulnerability_id VCID-adfe-j1mn-jyg8

summary When the number of cookies per domain was exceeded in `document.cookie`, the actual cookie jar sent to the host was no longer consistent with expected cookie jar state. This could have caused requests to be sent with some cookies missing. This vulnerability affects Firefox < 116, Firefox ESR < 102.14, and Firefox ESR < 115.1.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-4055.json

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-4055.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2023-4055

reference_id

reference_type

scores

value	0.00371
scoring_system	epss
scoring_elements	0.59448
published_at	2026-06-12T12:55:00Z

value	0.00371
scoring_system	epss
scoring_elements	0.59338
published_at	2026-06-11T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2023-4055

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-4045
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-4045

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-4046
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-4046

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-4047
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-4047

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-4048
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-4048

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-4049
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-4049

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-4050
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-4050

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-4055
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-4055

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-4056
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-4056

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2228367
reference_id	2228367
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2228367

reference_url

reference_id

dsa-5464

reference_type

scores

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-22T14:30:02Z/

url

reference_url

reference_id

dsa-5469

reference_type

scores

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-22T14:30:02Z/

url

https://www.mozilla.org/en-US/security/advisories/mfsa2023-29

reference_url	https://security.gentoo.org/glsa/202402-25
reference_id	GLSA-202402-25
reference_type
scores
url	https://security.gentoo.org/glsa/202402-25

reference_url

reference_id

mfsa2023-29

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2023-29

reference_url

https://www.mozilla.org/security/advisories/mfsa2023-29/

reference_id

mfsa2023-29

reference_type

scores

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-22T14:30:02Z/

url

https://www.mozilla.org/security/advisories/mfsa2023-29/

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2023-30

reference_id

mfsa2023-30

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2023-30

reference_url

https://www.mozilla.org/security/advisories/mfsa2023-30/

reference_id

mfsa2023-30

reference_type

scores

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-22T14:30:02Z/

url

https://www.mozilla.org/security/advisories/mfsa2023-30/

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2023-31

reference_id

mfsa2023-31

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2023-31

reference_url

https://www.mozilla.org/security/advisories/mfsa2023-31/

reference_id

mfsa2023-31

reference_type

scores

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-22T14:30:02Z/

url

https://www.mozilla.org/security/advisories/mfsa2023-31/

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2023-32

reference_id

mfsa2023-32

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2023-32

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2023-33

reference_id

mfsa2023-33

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2023-33

reference_url

https://lists.debian.org/debian-lts-announce/2023/08/msg00008.html

reference_id

msg00008.html

reference_type

scores

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-22T14:30:02Z/

url

https://lists.debian.org/debian-lts-announce/2023/08/msg00008.html

reference_url

https://lists.debian.org/debian-lts-announce/2023/08/msg00010.html

reference_id

msg00010.html

reference_type

scores

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-22T14:30:02Z/

url

https://lists.debian.org/debian-lts-announce/2023/08/msg00010.html

reference_url	https://access.redhat.com/errata/RHSA-2023:4460
reference_id	RHSA-2023:4460
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:4460

reference_url	https://access.redhat.com/errata/RHSA-2023:4461
reference_id	RHSA-2023:4461
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:4461

reference_url	https://access.redhat.com/errata/RHSA-2023:4462
reference_id	RHSA-2023:4462
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:4462

reference_url	https://access.redhat.com/errata/RHSA-2023:4463
reference_id	RHSA-2023:4463
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:4463

reference_url	https://access.redhat.com/errata/RHSA-2023:4464
reference_id	RHSA-2023:4464
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:4464

reference_url	https://access.redhat.com/errata/RHSA-2023:4465
reference_id	RHSA-2023:4465
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:4465

reference_url	https://access.redhat.com/errata/RHSA-2023:4468
reference_id	RHSA-2023:4468
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:4468

reference_url	https://access.redhat.com/errata/RHSA-2023:4469
reference_id	RHSA-2023:4469
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:4469

reference_url	https://access.redhat.com/errata/RHSA-2023:4492
reference_id	RHSA-2023:4492
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:4492

reference_url	https://access.redhat.com/errata/RHSA-2023:4493
reference_id	RHSA-2023:4493
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:4493

reference_url	https://access.redhat.com/errata/RHSA-2023:4494
reference_id	RHSA-2023:4494
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:4494

reference_url	https://access.redhat.com/errata/RHSA-2023:4495
reference_id	RHSA-2023:4495
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:4495

reference_url	https://access.redhat.com/errata/RHSA-2023:4496
reference_id	RHSA-2023:4496
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:4496

reference_url	https://access.redhat.com/errata/RHSA-2023:4497
reference_id	RHSA-2023:4497
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:4497

reference_url	https://access.redhat.com/errata/RHSA-2023:4499
reference_id	RHSA-2023:4499
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:4499

reference_url	https://access.redhat.com/errata/RHSA-2023:4500
reference_id	RHSA-2023:4500
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:4500

reference_url

https://bugzilla.mozilla.org/show_bug.cgi?id=1782561

reference_id

show_bug.cgi?id=1782561

reference_type

scores

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-22T14:30:02Z/

url

https://bugzilla.mozilla.org/show_bug.cgi?id=1782561

reference_url	https://usn.ubuntu.com/6267-1/
reference_id	USN-6267-1
reference_type
scores
url	https://usn.ubuntu.com/6267-1/

reference_url	https://usn.ubuntu.com/6333-1/
reference_id	USN-6333-1
reference_type
scores
url	https://usn.ubuntu.com/6333-1/

fixed_packages

url	pkg:ebuild/mail-client/thunderbird-bin@115.7.0
purl	pkg:ebuild/mail-client/thunderbird-bin@115.7.0
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:ebuild/mail-client/thunderbird-bin@115.7.0

aliases CVE-2023-4055

risk_score 4.0

exploitability 0.5

weighted_severity 8.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-adfe-j1mn-jyg8

url VCID-bawb-xauy-4kb4

vulnerability_id VCID-bawb-xauy-4kb4

summary When `UpdateRegExpStatics` attempted to access `initialStringHeap` it could already have been garbage collected prior to entering the function, which could potentially have led to an exploitable crash. This vulnerability affects Firefox < 117, Firefox ESR < 115.2, and Thunderbird < 115.2.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-4577.json

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-4577.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2023-4577

reference_id

reference_type

scores

value	0.00102
scoring_system	epss
scoring_elements	0.27702
published_at	2026-06-12T12:55:00Z

value	0.00102
scoring_system	epss
scoring_elements	0.275
published_at	2026-06-11T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2023-4577

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2236075
reference_id	2236075
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2236075

reference_url	https://security.gentoo.org/glsa/202402-25
reference_id	GLSA-202402-25
reference_type
scores
url	https://security.gentoo.org/glsa/202402-25

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2023-34

reference_id

mfsa2023-34

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2023-34

reference_url

https://www.mozilla.org/security/advisories/mfsa2023-34/

reference_id

mfsa2023-34

reference_type

scores

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-19T20:02:33Z/

url

https://www.mozilla.org/security/advisories/mfsa2023-34/

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2023-36

reference_id

mfsa2023-36

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2023-36

reference_url

https://www.mozilla.org/security/advisories/mfsa2023-36/

reference_id

mfsa2023-36

reference_type

scores

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-19T20:02:33Z/

url

https://www.mozilla.org/security/advisories/mfsa2023-36/

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2023-38

reference_id

mfsa2023-38

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2023-38

reference_url

https://www.mozilla.org/security/advisories/mfsa2023-38/

reference_id

mfsa2023-38

reference_type

scores

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-19T20:02:33Z/

url

https://www.mozilla.org/security/advisories/mfsa2023-38/

reference_url	https://access.redhat.com/errata/RHSA-2023:4945
reference_id	RHSA-2023:4945
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:4945

reference_url	https://access.redhat.com/errata/RHSA-2023:4946
reference_id	RHSA-2023:4946
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:4946

reference_url	https://access.redhat.com/errata/RHSA-2023:4947
reference_id	RHSA-2023:4947
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:4947

reference_url	https://access.redhat.com/errata/RHSA-2023:4948
reference_id	RHSA-2023:4948
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:4948

reference_url	https://access.redhat.com/errata/RHSA-2023:4949
reference_id	RHSA-2023:4949
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:4949

reference_url	https://access.redhat.com/errata/RHSA-2023:4950
reference_id	RHSA-2023:4950
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:4950

reference_url	https://access.redhat.com/errata/RHSA-2023:4951
reference_id	RHSA-2023:4951
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:4951

reference_url	https://access.redhat.com/errata/RHSA-2023:4952
reference_id	RHSA-2023:4952
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:4952

reference_url	https://access.redhat.com/errata/RHSA-2023:4954
reference_id	RHSA-2023:4954
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:4954

reference_url	https://access.redhat.com/errata/RHSA-2023:4955
reference_id	RHSA-2023:4955
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:4955

reference_url	https://access.redhat.com/errata/RHSA-2023:4956
reference_id	RHSA-2023:4956
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:4956

reference_url	https://access.redhat.com/errata/RHSA-2023:4957
reference_id	RHSA-2023:4957
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:4957

reference_url	https://access.redhat.com/errata/RHSA-2023:4958
reference_id	RHSA-2023:4958
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:4958

reference_url	https://access.redhat.com/errata/RHSA-2023:4959
reference_id	RHSA-2023:4959
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:4959

reference_url	https://access.redhat.com/errata/RHSA-2023:5019
reference_id	RHSA-2023:5019
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:5019

reference_url

https://bugzilla.mozilla.org/show_bug.cgi?id=1847397

reference_id

show_bug.cgi?id=1847397

reference_type

scores

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-19T20:02:33Z/

url

https://bugzilla.mozilla.org/show_bug.cgi?id=1847397

reference_url	https://usn.ubuntu.com/6320-1/
reference_id	USN-6320-1
reference_type
scores
url	https://usn.ubuntu.com/6320-1/

reference_url	https://usn.ubuntu.com/6405-1/
reference_id	USN-6405-1
reference_type
scores
url	https://usn.ubuntu.com/6405-1/

fixed_packages

url	pkg:ebuild/mail-client/thunderbird-bin@115.7.0
purl	pkg:ebuild/mail-client/thunderbird-bin@115.7.0
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:ebuild/mail-client/thunderbird-bin@115.7.0

aliases CVE-2023-4577

risk_score 4.0

exploitability 0.5

weighted_severity 8.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-bawb-xauy-4kb4

url VCID-bbef-dvqd-53gq

vulnerability_id VCID-bbef-dvqd-53gq

summary During Ion compilation, a Garbage Collection could have resulted in a use-after-free condition, allowing an attacker to write two NUL bytes, and cause a potentially exploitable crash. This vulnerability affects Firefox < 118, Firefox ESR < 115.3, and Thunderbird < 115.3.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-5171.json

reference_id

reference_type

scores

value	6.5
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-5171.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2023-5171

reference_id

reference_type

scores

value	0.0026
scoring_system	epss
scoring_elements	0.49701
published_at	2026-06-11T12:55:00Z

value	0.0026
scoring_system	epss
scoring_elements	0.49837
published_at	2026-06-12T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2023-5171

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-5169
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-5169

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-5171
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-5171

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-5176
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-5176

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-5217
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-5217

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2240894
reference_id	2240894
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2240894

reference_url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AY642Z6JZODQJE7Z62CFREVUHEGCXGPD/

reference_id

AY642Z6JZODQJE7Z62CFREVUHEGCXGPD

reference_type

scores

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-23T19:24:47Z/

url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AY642Z6JZODQJE7Z62CFREVUHEGCXGPD/

reference_url

reference_id

dsa-5506

reference_type

scores

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-23T19:24:47Z/

url

reference_url

reference_id

dsa-5513

reference_type

scores

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-23T19:24:47Z/

url

https://www.mozilla.org/en-US/security/advisories/mfsa2023-41

reference_url	https://security.gentoo.org/glsa/202402-25
reference_id	GLSA-202402-25
reference_type
scores
url	https://security.gentoo.org/glsa/202402-25

reference_url

reference_id

mfsa2023-41

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2023-41

reference_url

https://www.mozilla.org/security/advisories/mfsa2023-41/

reference_id

mfsa2023-41

reference_type

scores

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-23T19:24:47Z/

url

https://www.mozilla.org/security/advisories/mfsa2023-41/

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2023-42

reference_id

mfsa2023-42

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2023-42

reference_url

https://www.mozilla.org/security/advisories/mfsa2023-42/

reference_id

mfsa2023-42

reference_type

scores

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-23T19:24:47Z/

url

https://www.mozilla.org/security/advisories/mfsa2023-42/

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2023-43

reference_id

mfsa2023-43

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2023-43

reference_url

https://www.mozilla.org/security/advisories/mfsa2023-43/

reference_id

mfsa2023-43

reference_type

scores

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-23T19:24:47Z/

url

https://www.mozilla.org/security/advisories/mfsa2023-43/

reference_url

https://lists.debian.org/debian-lts-announce/2023/10/msg00015.html

reference_id

msg00015.html

reference_type

scores

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-23T19:24:47Z/

url

https://lists.debian.org/debian-lts-announce/2023/10/msg00015.html

reference_url

https://lists.debian.org/debian-lts-announce/2023/09/msg00034.html

reference_id

msg00034.html

reference_type

scores

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-23T19:24:47Z/

url

https://lists.debian.org/debian-lts-announce/2023/09/msg00034.html

reference_url	https://access.redhat.com/errata/RHSA-2023:5426
reference_id	RHSA-2023:5426
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:5426

reference_url	https://access.redhat.com/errata/RHSA-2023:5427
reference_id	RHSA-2023:5427
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:5427

reference_url	https://access.redhat.com/errata/RHSA-2023:5428
reference_id	RHSA-2023:5428
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:5428

reference_url	https://access.redhat.com/errata/RHSA-2023:5429
reference_id	RHSA-2023:5429
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:5429

reference_url	https://access.redhat.com/errata/RHSA-2023:5430
reference_id	RHSA-2023:5430
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:5430

reference_url	https://access.redhat.com/errata/RHSA-2023:5432
reference_id	RHSA-2023:5432
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:5432

reference_url	https://access.redhat.com/errata/RHSA-2023:5433
reference_id	RHSA-2023:5433
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:5433

reference_url	https://access.redhat.com/errata/RHSA-2023:5434
reference_id	RHSA-2023:5434
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:5434

reference_url	https://access.redhat.com/errata/RHSA-2023:5435
reference_id	RHSA-2023:5435
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:5435

reference_url	https://access.redhat.com/errata/RHSA-2023:5436
reference_id	RHSA-2023:5436
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:5436

reference_url	https://access.redhat.com/errata/RHSA-2023:5437
reference_id	RHSA-2023:5437
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:5437

reference_url	https://access.redhat.com/errata/RHSA-2023:5438
reference_id	RHSA-2023:5438
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:5438

reference_url	https://access.redhat.com/errata/RHSA-2023:5439
reference_id	RHSA-2023:5439
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:5439

reference_url	https://access.redhat.com/errata/RHSA-2023:5440
reference_id	RHSA-2023:5440
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:5440

reference_url	https://access.redhat.com/errata/RHSA-2023:5475
reference_id	RHSA-2023:5475
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:5475

reference_url	https://access.redhat.com/errata/RHSA-2023:5477
reference_id	RHSA-2023:5477
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:5477

reference_url

https://bugzilla.mozilla.org/show_bug.cgi?id=1851599

reference_id

show_bug.cgi?id=1851599

reference_type

scores

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-23T19:24:47Z/

url

https://bugzilla.mozilla.org/show_bug.cgi?id=1851599

reference_url	https://usn.ubuntu.com/6404-1/
reference_id	USN-6404-1
reference_type
scores
url	https://usn.ubuntu.com/6404-1/

reference_url	https://usn.ubuntu.com/6405-1/
reference_id	USN-6405-1
reference_type
scores
url	https://usn.ubuntu.com/6405-1/

fixed_packages

url	pkg:ebuild/mail-client/thunderbird-bin@115.7.0
purl	pkg:ebuild/mail-client/thunderbird-bin@115.7.0
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:ebuild/mail-client/thunderbird-bin@115.7.0

aliases CVE-2023-5171

risk_score 4.0

exploitability 0.5

weighted_severity 8.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-bbef-dvqd-53gq

url VCID-c2yr-56yz-1ye2

vulnerability_id VCID-c2yr-56yz-1ye2

summary Memory safety bugs present in Firefox 115, Firefox ESR 115.0, and Thunderbird 115.0. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 116, Firefox ESR < 115.1, and Thunderbird < 115.1.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-4057.json

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-4057.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2023-4057

reference_id

reference_type

scores

value	0.0023
scoring_system	epss
scoring_elements	0.46074
published_at	2026-06-12T12:55:00Z

value	0.0023
scoring_system	epss
scoring_elements	0.45929
published_at	2026-06-11T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2023-4057

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2228371
reference_id	2228371
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2228371

reference_url	https://security.gentoo.org/glsa/202402-25
reference_id	GLSA-202402-25
reference_type
scores
url	https://security.gentoo.org/glsa/202402-25

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2023-29

reference_id

mfsa2023-29

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2023-29

reference_url

https://www.mozilla.org/security/advisories/mfsa2023-29/

reference_id

mfsa2023-29

reference_type

scores

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-10-22T14:20:29Z/

url

https://www.mozilla.org/security/advisories/mfsa2023-29/

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2023-31

reference_id

mfsa2023-31

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2023-31

reference_url

https://www.mozilla.org/security/advisories/mfsa2023-31/

reference_id

mfsa2023-31

reference_type

scores

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-10-22T14:20:29Z/

url

https://www.mozilla.org/security/advisories/mfsa2023-31/

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2023-33

reference_id

mfsa2023-33

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2023-33

reference_url

https://www.mozilla.org/security/advisories/mfsa2023-33/

reference_id

mfsa2023-33

reference_type

scores

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-10-22T14:20:29Z/

url

https://www.mozilla.org/security/advisories/mfsa2023-33/

reference_url	https://access.redhat.com/errata/RHSA-2023:4460
reference_id	RHSA-2023:4460
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:4460

reference_url	https://access.redhat.com/errata/RHSA-2023:4461
reference_id	RHSA-2023:4461
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:4461

reference_url	https://access.redhat.com/errata/RHSA-2023:4462
reference_id	RHSA-2023:4462
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:4462

reference_url	https://access.redhat.com/errata/RHSA-2023:4463
reference_id	RHSA-2023:4463
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:4463

reference_url	https://access.redhat.com/errata/RHSA-2023:4464
reference_id	RHSA-2023:4464
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:4464

reference_url	https://access.redhat.com/errata/RHSA-2023:4465
reference_id	RHSA-2023:4465
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:4465

reference_url	https://access.redhat.com/errata/RHSA-2023:4468
reference_id	RHSA-2023:4468
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:4468

reference_url	https://access.redhat.com/errata/RHSA-2023:4469
reference_id	RHSA-2023:4469
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:4469

reference_url	https://access.redhat.com/errata/RHSA-2023:4492
reference_id	RHSA-2023:4492
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:4492

reference_url	https://access.redhat.com/errata/RHSA-2023:4493
reference_id	RHSA-2023:4493
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:4493

reference_url	https://access.redhat.com/errata/RHSA-2023:4494
reference_id	RHSA-2023:4494
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:4494

reference_url	https://access.redhat.com/errata/RHSA-2023:4495
reference_id	RHSA-2023:4495
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:4495

reference_url	https://access.redhat.com/errata/RHSA-2023:4496
reference_id	RHSA-2023:4496
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:4496

reference_url	https://access.redhat.com/errata/RHSA-2023:4497
reference_id	RHSA-2023:4497
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:4497

reference_url	https://access.redhat.com/errata/RHSA-2023:4499
reference_id	RHSA-2023:4499
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:4499

reference_url	https://access.redhat.com/errata/RHSA-2023:4500
reference_id	RHSA-2023:4500
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:4500

reference_url

https://bugzilla.mozilla.org/show_bug.cgi?id=1841682

reference_id

show_bug.cgi?id=1841682

reference_type

scores

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-10-22T14:20:29Z/

url

https://bugzilla.mozilla.org/show_bug.cgi?id=1841682

reference_url	https://usn.ubuntu.com/6267-1/
reference_id	USN-6267-1
reference_type
scores
url	https://usn.ubuntu.com/6267-1/

reference_url	https://usn.ubuntu.com/6405-1/
reference_id	USN-6405-1
reference_type
scores
url	https://usn.ubuntu.com/6405-1/

fixed_packages

url	pkg:ebuild/mail-client/thunderbird-bin@115.7.0
purl	pkg:ebuild/mail-client/thunderbird-bin@115.7.0
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:ebuild/mail-client/thunderbird-bin@115.7.0

aliases CVE-2023-4057

risk_score 4.4

exploitability 0.5

weighted_severity 8.8

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-c2yr-56yz-1ye2

url VCID-dgw2-jdmf-aqbg

vulnerability_id VCID-dgw2-jdmf-aqbg

summary Memory safety bugs present in Firefox 116, Firefox ESR 115.1, and Thunderbird 115.1. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 117, Firefox ESR < 115.2, and Thunderbird < 115.2.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-4585.json

reference_id

reference_type

scores

value	8.8
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-4585.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2023-4585

reference_id

reference_type

scores

value	0.00203
scoring_system	epss
scoring_elements	0.42575
published_at	2026-06-12T12:55:00Z

value	0.00203
scoring_system	epss
scoring_elements	0.42412
published_at	2026-06-11T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2023-4585

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2236086
reference_id	2236086
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2236086

reference_url

https://bugzilla.mozilla.org/buglist.cgi?bug_id=1751583%2C1841082%2C1847904%2C1848999

reference_id

buglist.cgi?bug_id=1751583%2C1841082%2C1847904%2C1848999

reference_type

scores

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-09-19T19:08:38Z/

url

https://bugzilla.mozilla.org/buglist.cgi?bug_id=1751583%2C1841082%2C1847904%2C1848999

reference_url	https://security.gentoo.org/glsa/202402-25
reference_id	GLSA-202402-25
reference_type
scores
url	https://security.gentoo.org/glsa/202402-25

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2023-34

reference_id

mfsa2023-34

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2023-34

reference_url

https://www.mozilla.org/security/advisories/mfsa2023-34/

reference_id

mfsa2023-34

reference_type

scores

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-09-19T19:08:38Z/

url

https://www.mozilla.org/security/advisories/mfsa2023-34/

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2023-36

reference_id

mfsa2023-36

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2023-36

reference_url

https://www.mozilla.org/security/advisories/mfsa2023-36/

reference_id

mfsa2023-36

reference_type

scores

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-09-19T19:08:38Z/

url

https://www.mozilla.org/security/advisories/mfsa2023-36/

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2023-38

reference_id

mfsa2023-38

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2023-38

reference_url

https://www.mozilla.org/security/advisories/mfsa2023-38/

reference_id

mfsa2023-38

reference_type

scores

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-09-19T19:08:38Z/

url

https://www.mozilla.org/security/advisories/mfsa2023-38/

reference_url	https://access.redhat.com/errata/RHSA-2023:4945
reference_id	RHSA-2023:4945
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:4945

reference_url	https://access.redhat.com/errata/RHSA-2023:4946
reference_id	RHSA-2023:4946
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:4946

reference_url	https://access.redhat.com/errata/RHSA-2023:4947
reference_id	RHSA-2023:4947
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:4947

reference_url	https://access.redhat.com/errata/RHSA-2023:4948
reference_id	RHSA-2023:4948
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:4948

reference_url	https://access.redhat.com/errata/RHSA-2023:4949
reference_id	RHSA-2023:4949
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:4949

reference_url	https://access.redhat.com/errata/RHSA-2023:4950
reference_id	RHSA-2023:4950
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:4950

reference_url	https://access.redhat.com/errata/RHSA-2023:4951
reference_id	RHSA-2023:4951
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:4951

reference_url	https://access.redhat.com/errata/RHSA-2023:4952
reference_id	RHSA-2023:4952
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:4952

reference_url	https://access.redhat.com/errata/RHSA-2023:4954
reference_id	RHSA-2023:4954
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:4954

reference_url	https://access.redhat.com/errata/RHSA-2023:4955
reference_id	RHSA-2023:4955
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:4955

reference_url	https://access.redhat.com/errata/RHSA-2023:4956
reference_id	RHSA-2023:4956
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:4956

reference_url	https://access.redhat.com/errata/RHSA-2023:4957
reference_id	RHSA-2023:4957
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:4957

reference_url	https://access.redhat.com/errata/RHSA-2023:4958
reference_id	RHSA-2023:4958
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:4958

reference_url	https://access.redhat.com/errata/RHSA-2023:4959
reference_id	RHSA-2023:4959
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:4959

reference_url	https://access.redhat.com/errata/RHSA-2023:5019
reference_id	RHSA-2023:5019
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:5019

reference_url	https://usn.ubuntu.com/6320-1/
reference_id	USN-6320-1
reference_type
scores
url	https://usn.ubuntu.com/6320-1/

reference_url	https://usn.ubuntu.com/6405-1/
reference_id	USN-6405-1
reference_type
scores
url	https://usn.ubuntu.com/6405-1/

fixed_packages

url	pkg:ebuild/mail-client/thunderbird-bin@115.7.0
purl	pkg:ebuild/mail-client/thunderbird-bin@115.7.0
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:ebuild/mail-client/thunderbird-bin@115.7.0

aliases CVE-2023-4585

risk_score 4.0

exploitability 0.5

weighted_severity 8.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-dgw2-jdmf-aqbg

url VCID-djuy-gqk8-5yfs

vulnerability_id VCID-djuy-gqk8-5yfs

summary Multiple vulnerabilities have been discovered in Mozilla Thunderbird, the worst of which could lead to remote code execution.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-4584.json

reference_id

reference_type

scores

value	8.8
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-4584.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2023-4584

reference_id

reference_type

scores

value	0.00292
scoring_system	epss
scoring_elements	0.52961
published_at	2026-06-11T12:55:00Z

value	0.00292
scoring_system	epss
scoring_elements	0.5309
published_at	2026-06-12T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2023-4584

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-4573
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-4573

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-4574
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-4574

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-4575
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-4575

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-4581
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-4581

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-4584
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-4584

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2236084
reference_id	2236084
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2236084

reference_url	https://security.gentoo.org/glsa/202402-25
reference_id	GLSA-202402-25
reference_type
scores
url	https://security.gentoo.org/glsa/202402-25

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2023-34

reference_id

mfsa2023-34

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2023-34

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2023-35

reference_id

mfsa2023-35

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2023-35

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2023-36

reference_id

mfsa2023-36

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2023-36

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2023-37

reference_id

mfsa2023-37

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2023-37

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2023-38

reference_id

mfsa2023-38

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2023-38

reference_url	https://access.redhat.com/errata/RHSA-2023:4945
reference_id	RHSA-2023:4945
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:4945

reference_url	https://access.redhat.com/errata/RHSA-2023:4946
reference_id	RHSA-2023:4946
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:4946

reference_url	https://access.redhat.com/errata/RHSA-2023:4947
reference_id	RHSA-2023:4947
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:4947

reference_url	https://access.redhat.com/errata/RHSA-2023:4948
reference_id	RHSA-2023:4948
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:4948

reference_url	https://access.redhat.com/errata/RHSA-2023:4949
reference_id	RHSA-2023:4949
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:4949

reference_url	https://access.redhat.com/errata/RHSA-2023:4950
reference_id	RHSA-2023:4950
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:4950

reference_url	https://access.redhat.com/errata/RHSA-2023:4951
reference_id	RHSA-2023:4951
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:4951

reference_url	https://access.redhat.com/errata/RHSA-2023:4952
reference_id	RHSA-2023:4952
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:4952

reference_url	https://access.redhat.com/errata/RHSA-2023:4954
reference_id	RHSA-2023:4954
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:4954

reference_url	https://access.redhat.com/errata/RHSA-2023:4955
reference_id	RHSA-2023:4955
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:4955

reference_url	https://access.redhat.com/errata/RHSA-2023:4956
reference_id	RHSA-2023:4956
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:4956

reference_url	https://access.redhat.com/errata/RHSA-2023:4957
reference_id	RHSA-2023:4957
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:4957

reference_url	https://access.redhat.com/errata/RHSA-2023:4958
reference_id	RHSA-2023:4958
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:4958

reference_url	https://access.redhat.com/errata/RHSA-2023:4959
reference_id	RHSA-2023:4959
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:4959

reference_url	https://access.redhat.com/errata/RHSA-2023:5019
reference_id	RHSA-2023:5019
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:5019

reference_url	https://usn.ubuntu.com/6320-1/
reference_id	USN-6320-1
reference_type
scores
url	https://usn.ubuntu.com/6320-1/

reference_url	https://usn.ubuntu.com/6368-1/
reference_id	USN-6368-1
reference_type
scores
url	https://usn.ubuntu.com/6368-1/

fixed_packages

url	pkg:ebuild/mail-client/thunderbird-bin@115.7.0
purl	pkg:ebuild/mail-client/thunderbird-bin@115.7.0
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:ebuild/mail-client/thunderbird-bin@115.7.0

aliases CVE-2023-4584

risk_score 4.0

exploitability 0.5

weighted_severity 8.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-djuy-gqk8-5yfs

url VCID-dt8s-dgam-juhm

vulnerability_id VCID-dt8s-dgam-juhm

summary An out of bounds write in ANGLE could have allowed an attacker to corrupt memory leading to a potentially exploitable crash. This vulnerability affects Firefox < 122, Firefox ESR < 115.7, and Thunderbird < 115.7.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-0741.json

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-0741.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2024-0741

reference_id

reference_type

scores

value	0.47284
scoring_system	epss
scoring_elements	0.97771
published_at	2026-06-12T12:55:00Z

value	0.47284
scoring_system	epss
scoring_elements	0.97762
published_at	2026-06-11T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2024-0741

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-0741
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-0741

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-0742
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-0742

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-0746
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-0746

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-0747
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-0747

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-0749
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-0749

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-0750
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-0750

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-0751
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-0751

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-0753
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-0753

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-0755
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-0755

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2259926
reference_id	2259926
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2259926

reference_url	https://security.gentoo.org/glsa/202402-25
reference_id	GLSA-202402-25
reference_type
scores
url	https://security.gentoo.org/glsa/202402-25

reference_url	https://security.gentoo.org/glsa/202402-26
reference_id	GLSA-202402-26
reference_type
scores
url	https://security.gentoo.org/glsa/202402-26

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2024-01

reference_id

mfsa2024-01

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2024-01

reference_url

https://www.mozilla.org/security/advisories/mfsa2024-01/

reference_id

mfsa2024-01

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-08T17:35:29Z/

url

https://www.mozilla.org/security/advisories/mfsa2024-01/

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2024-02

reference_id

mfsa2024-02

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2024-02

reference_url

https://www.mozilla.org/security/advisories/mfsa2024-02/

reference_id

mfsa2024-02

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-08T17:35:29Z/

url

https://www.mozilla.org/security/advisories/mfsa2024-02/

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2024-04

reference_id

mfsa2024-04

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2024-04

reference_url

https://www.mozilla.org/security/advisories/mfsa2024-04/

reference_id

mfsa2024-04

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-08T17:35:29Z/

url

https://www.mozilla.org/security/advisories/mfsa2024-04/

reference_url

https://lists.debian.org/debian-lts-announce/2024/01/msg00015.html

reference_id

msg00015.html

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-08T17:35:29Z/

url

https://lists.debian.org/debian-lts-announce/2024/01/msg00015.html

reference_url

https://lists.debian.org/debian-lts-announce/2024/01/msg00022.html

reference_id

msg00022.html

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-08T17:35:29Z/

url

https://lists.debian.org/debian-lts-announce/2024/01/msg00022.html

reference_url	https://access.redhat.com/errata/RHSA-2024:0559
reference_id	RHSA-2024:0559
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0559

reference_url	https://access.redhat.com/errata/RHSA-2024:0565
reference_id	RHSA-2024:0565
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0565

reference_url	https://access.redhat.com/errata/RHSA-2024:0596
reference_id	RHSA-2024:0596
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0596

reference_url	https://access.redhat.com/errata/RHSA-2024:0598
reference_id	RHSA-2024:0598
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0598

reference_url	https://access.redhat.com/errata/RHSA-2024:0600
reference_id	RHSA-2024:0600
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0600

reference_url	https://access.redhat.com/errata/RHSA-2024:0601
reference_id	RHSA-2024:0601
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0601

reference_url	https://access.redhat.com/errata/RHSA-2024:0602
reference_id	RHSA-2024:0602
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0602

reference_url	https://access.redhat.com/errata/RHSA-2024:0603
reference_id	RHSA-2024:0603
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0603

reference_url	https://access.redhat.com/errata/RHSA-2024:0604
reference_id	RHSA-2024:0604
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0604

reference_url	https://access.redhat.com/errata/RHSA-2024:0605
reference_id	RHSA-2024:0605
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0605

reference_url	https://access.redhat.com/errata/RHSA-2024:0608
reference_id	RHSA-2024:0608
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0608

reference_url	https://access.redhat.com/errata/RHSA-2024:0609
reference_id	RHSA-2024:0609
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0609

reference_url	https://access.redhat.com/errata/RHSA-2024:0615
reference_id	RHSA-2024:0615
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0615

reference_url	https://access.redhat.com/errata/RHSA-2024:0616
reference_id	RHSA-2024:0616
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0616

reference_url	https://access.redhat.com/errata/RHSA-2024:0618
reference_id	RHSA-2024:0618
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0618

reference_url	https://access.redhat.com/errata/RHSA-2024:0619
reference_id	RHSA-2024:0619
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0619

reference_url	https://access.redhat.com/errata/RHSA-2024:0622
reference_id	RHSA-2024:0622
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0622

reference_url	https://access.redhat.com/errata/RHSA-2024:0623
reference_id	RHSA-2024:0623
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0623

reference_url

https://bugzilla.mozilla.org/show_bug.cgi?id=1864587

reference_id

show_bug.cgi?id=1864587

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-08T17:35:29Z/

url

https://bugzilla.mozilla.org/show_bug.cgi?id=1864587

reference_url	https://usn.ubuntu.com/6610-1/
reference_id	USN-6610-1
reference_type
scores
url	https://usn.ubuntu.com/6610-1/

reference_url	https://usn.ubuntu.com/6669-1/
reference_id	USN-6669-1
reference_type
scores
url	https://usn.ubuntu.com/6669-1/

fixed_packages

url	pkg:ebuild/mail-client/thunderbird-bin@115.7.0
purl	pkg:ebuild/mail-client/thunderbird-bin@115.7.0
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:ebuild/mail-client/thunderbird-bin@115.7.0

aliases CVE-2024-0741

risk_score 4.0

exploitability 0.5

weighted_severity 8.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-dt8s-dgam-juhm

url VCID-e52n-uq1g-gfbp

vulnerability_id VCID-e52n-uq1g-gfbp

summary Multiple vulnerabilities have been discovered in Mozilla Thunderbird, the worst of which could lead to remote code execution.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-6208.json

reference_id

reference_type

scores

value	8.8
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-6208.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2023-6208

reference_id

reference_type

scores

value	0.00374
scoring_system	epss
scoring_elements	0.59487
published_at	2026-06-11T12:55:00Z

value	0.00374
scoring_system	epss
scoring_elements	0.59597
published_at	2026-06-12T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2023-6208

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6204
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6204

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6205
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6205

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6206
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6206

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6207
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6207

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6208
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6208

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6209
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6209

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6212
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6212

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2250900
reference_id	2250900
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2250900

reference_url	https://security.gentoo.org/glsa/202402-25
reference_id	GLSA-202402-25
reference_type
scores
url	https://security.gentoo.org/glsa/202402-25

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2023-49

reference_id

mfsa2023-49

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2023-49

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2023-50

reference_id

mfsa2023-50

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2023-50

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2023-52

reference_id

mfsa2023-52

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2023-52

reference_url	https://access.redhat.com/errata/RHSA-2023:7499
reference_id	RHSA-2023:7499
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:7499

reference_url	https://access.redhat.com/errata/RHSA-2023:7500
reference_id	RHSA-2023:7500
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:7500

reference_url	https://access.redhat.com/errata/RHSA-2023:7501
reference_id	RHSA-2023:7501
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:7501

reference_url	https://access.redhat.com/errata/RHSA-2023:7502
reference_id	RHSA-2023:7502
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:7502

reference_url	https://access.redhat.com/errata/RHSA-2023:7503
reference_id	RHSA-2023:7503
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:7503

reference_url	https://access.redhat.com/errata/RHSA-2023:7504
reference_id	RHSA-2023:7504
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:7504

reference_url	https://access.redhat.com/errata/RHSA-2023:7505
reference_id	RHSA-2023:7505
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:7505

reference_url	https://access.redhat.com/errata/RHSA-2023:7506
reference_id	RHSA-2023:7506
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:7506

reference_url	https://access.redhat.com/errata/RHSA-2023:7507
reference_id	RHSA-2023:7507
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:7507

reference_url	https://access.redhat.com/errata/RHSA-2023:7508
reference_id	RHSA-2023:7508
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:7508

reference_url	https://access.redhat.com/errata/RHSA-2023:7509
reference_id	RHSA-2023:7509
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:7509

reference_url	https://access.redhat.com/errata/RHSA-2023:7510
reference_id	RHSA-2023:7510
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:7510

reference_url	https://access.redhat.com/errata/RHSA-2023:7511
reference_id	RHSA-2023:7511
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:7511

reference_url	https://access.redhat.com/errata/RHSA-2023:7512
reference_id	RHSA-2023:7512
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:7512

reference_url	https://access.redhat.com/errata/RHSA-2023:7547
reference_id	RHSA-2023:7547
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:7547

reference_url	https://access.redhat.com/errata/RHSA-2023:7569
reference_id	RHSA-2023:7569
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:7569

reference_url	https://access.redhat.com/errata/RHSA-2023:7570
reference_id	RHSA-2023:7570
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:7570

reference_url	https://access.redhat.com/errata/RHSA-2023:7573
reference_id	RHSA-2023:7573
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:7573

reference_url	https://access.redhat.com/errata/RHSA-2023:7574
reference_id	RHSA-2023:7574
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:7574

reference_url	https://access.redhat.com/errata/RHSA-2023:7577
reference_id	RHSA-2023:7577
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:7577

reference_url	https://usn.ubuntu.com/6509-1/
reference_id	USN-6509-1
reference_type
scores
url	https://usn.ubuntu.com/6509-1/

reference_url	https://usn.ubuntu.com/6515-1/
reference_id	USN-6515-1
reference_type
scores
url	https://usn.ubuntu.com/6515-1/

fixed_packages

url	pkg:ebuild/mail-client/thunderbird-bin@115.7.0
purl	pkg:ebuild/mail-client/thunderbird-bin@115.7.0
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:ebuild/mail-client/thunderbird-bin@115.7.0

aliases CVE-2023-6208

risk_score 4.0

exploitability 0.5

weighted_severity 8.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-e52n-uq1g-gfbp

url VCID-egfk-7wmv-xqdh

vulnerability_id VCID-egfk-7wmv-xqdh

summary A malicious devtools extension could have been used to escalate privileges. This vulnerability affects Firefox < 122, Firefox ESR < 115.7, and Thunderbird < 115.7.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-0751.json

reference_id

reference_type

scores

value	8.8
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-0751.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2024-0751

reference_id

reference_type

scores

value	0.00499
scoring_system	epss
scoring_elements	0.6645
published_at	2026-06-12T12:55:00Z

value	0.00499
scoring_system	epss
scoring_elements	0.66356
published_at	2026-06-11T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2024-0751

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-0741
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-0741

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-0742
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-0742

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-0746
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-0746

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-0747
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-0747

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-0749
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-0749

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-0750
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-0750

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-0751
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-0751

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-0753
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-0753

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-0755
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-0755

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2259932
reference_id	2259932
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2259932

reference_url	https://security.gentoo.org/glsa/202402-25
reference_id	GLSA-202402-25
reference_type
scores
url	https://security.gentoo.org/glsa/202402-25

reference_url	https://security.gentoo.org/glsa/202402-26
reference_id	GLSA-202402-26
reference_type
scores
url	https://security.gentoo.org/glsa/202402-26

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2024-01

reference_id

mfsa2024-01

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2024-01

reference_url

https://www.mozilla.org/security/advisories/mfsa2024-01/

reference_id

mfsa2024-01

reference_type

scores

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-02-06T05:00:16Z/

url

https://www.mozilla.org/security/advisories/mfsa2024-01/

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2024-02

reference_id

mfsa2024-02

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2024-02

reference_url

https://www.mozilla.org/security/advisories/mfsa2024-02/

reference_id

mfsa2024-02

reference_type

scores

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-02-06T05:00:16Z/

url

https://www.mozilla.org/security/advisories/mfsa2024-02/

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2024-04

reference_id

mfsa2024-04

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2024-04

reference_url

https://www.mozilla.org/security/advisories/mfsa2024-04/

reference_id

mfsa2024-04

reference_type

scores

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-02-06T05:00:16Z/

url

https://www.mozilla.org/security/advisories/mfsa2024-04/

reference_url

https://lists.debian.org/debian-lts-announce/2024/01/msg00015.html

reference_id

msg00015.html

reference_type

scores

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-02-06T05:00:16Z/

url

https://lists.debian.org/debian-lts-announce/2024/01/msg00015.html

reference_url

https://lists.debian.org/debian-lts-announce/2024/01/msg00022.html

reference_id

msg00022.html

reference_type

scores

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-02-06T05:00:16Z/

url

https://lists.debian.org/debian-lts-announce/2024/01/msg00022.html

reference_url	https://access.redhat.com/errata/RHSA-2024:0559
reference_id	RHSA-2024:0559
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0559

reference_url	https://access.redhat.com/errata/RHSA-2024:0565
reference_id	RHSA-2024:0565
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0565

reference_url	https://access.redhat.com/errata/RHSA-2024:0596
reference_id	RHSA-2024:0596
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0596

reference_url	https://access.redhat.com/errata/RHSA-2024:0598
reference_id	RHSA-2024:0598
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0598

reference_url	https://access.redhat.com/errata/RHSA-2024:0600
reference_id	RHSA-2024:0600
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0600

reference_url	https://access.redhat.com/errata/RHSA-2024:0601
reference_id	RHSA-2024:0601
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0601

reference_url	https://access.redhat.com/errata/RHSA-2024:0602
reference_id	RHSA-2024:0602
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0602

reference_url	https://access.redhat.com/errata/RHSA-2024:0603
reference_id	RHSA-2024:0603
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0603

reference_url	https://access.redhat.com/errata/RHSA-2024:0604
reference_id	RHSA-2024:0604
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0604

reference_url	https://access.redhat.com/errata/RHSA-2024:0605
reference_id	RHSA-2024:0605
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0605

reference_url	https://access.redhat.com/errata/RHSA-2024:0608
reference_id	RHSA-2024:0608
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0608

reference_url	https://access.redhat.com/errata/RHSA-2024:0609
reference_id	RHSA-2024:0609
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0609

reference_url	https://access.redhat.com/errata/RHSA-2024:0615
reference_id	RHSA-2024:0615
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0615

reference_url	https://access.redhat.com/errata/RHSA-2024:0616
reference_id	RHSA-2024:0616
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0616

reference_url	https://access.redhat.com/errata/RHSA-2024:0618
reference_id	RHSA-2024:0618
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0618

reference_url	https://access.redhat.com/errata/RHSA-2024:0619
reference_id	RHSA-2024:0619
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0619

reference_url	https://access.redhat.com/errata/RHSA-2024:0622
reference_id	RHSA-2024:0622
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0622

reference_url	https://access.redhat.com/errata/RHSA-2024:0623
reference_id	RHSA-2024:0623
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0623

reference_url

https://bugzilla.mozilla.org/show_bug.cgi?id=1865689

reference_id

show_bug.cgi?id=1865689

reference_type

scores

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-02-06T05:00:16Z/

url

https://bugzilla.mozilla.org/show_bug.cgi?id=1865689

reference_url	https://usn.ubuntu.com/6610-1/
reference_id	USN-6610-1
reference_type
scores
url	https://usn.ubuntu.com/6610-1/

reference_url	https://usn.ubuntu.com/6669-1/
reference_id	USN-6669-1
reference_type
scores
url	https://usn.ubuntu.com/6669-1/

fixed_packages

url	pkg:ebuild/mail-client/thunderbird-bin@115.7.0
purl	pkg:ebuild/mail-client/thunderbird-bin@115.7.0
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:ebuild/mail-client/thunderbird-bin@115.7.0

aliases CVE-2024-0751

risk_score 4.0

exploitability 0.5

weighted_severity 8.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-egfk-7wmv-xqdh

url VCID-ej4n-w59v-vfab

vulnerability_id VCID-ej4n-w59v-vfab

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-0750.json

reference_id

reference_type

scores

value	8.8
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-0750.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2024-0750

reference_id

reference_type

scores

value	0.01363
scoring_system	epss
scoring_elements	0.80593
published_at	2026-06-11T12:55:00Z

value	0.01363
scoring_system	epss
scoring_elements	0.80653
published_at	2026-06-12T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2024-0750

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-0741
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-0741

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-0742
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-0742

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-0746
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-0746

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-0747
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-0747

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-0749
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-0749

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-0750
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-0750

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-0751
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-0751

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-0753
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-0753

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-0755
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-0755

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2259931
reference_id	2259931
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2259931

reference_url	https://security.gentoo.org/glsa/202402-25
reference_id	GLSA-202402-25
reference_type
scores
url	https://security.gentoo.org/glsa/202402-25

reference_url	https://security.gentoo.org/glsa/202402-26
reference_id	GLSA-202402-26
reference_type
scores
url	https://security.gentoo.org/glsa/202402-26

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2024-01

reference_id

mfsa2024-01

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2024-01

reference_url

https://www.mozilla.org/security/advisories/mfsa2024-01/

reference_id

mfsa2024-01

reference_type

scores

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-02-06T05:00:17Z/

url

https://www.mozilla.org/security/advisories/mfsa2024-01/

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2024-02

reference_id

mfsa2024-02

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2024-02

reference_url

https://www.mozilla.org/security/advisories/mfsa2024-02/

reference_id

mfsa2024-02

reference_type

scores

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-02-06T05:00:17Z/

url

https://www.mozilla.org/security/advisories/mfsa2024-02/

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2024-04

reference_id

mfsa2024-04

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2024-04

reference_url

https://www.mozilla.org/security/advisories/mfsa2024-04/

reference_id

mfsa2024-04

reference_type

scores

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-02-06T05:00:17Z/

url

https://www.mozilla.org/security/advisories/mfsa2024-04/

reference_url

https://lists.debian.org/debian-lts-announce/2024/01/msg00015.html

reference_id

msg00015.html

reference_type

scores

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-02-06T05:00:17Z/

url

https://lists.debian.org/debian-lts-announce/2024/01/msg00015.html

reference_url

https://lists.debian.org/debian-lts-announce/2024/01/msg00022.html

reference_id

msg00022.html

reference_type

scores

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-02-06T05:00:17Z/

url

https://lists.debian.org/debian-lts-announce/2024/01/msg00022.html

reference_url	https://access.redhat.com/errata/RHSA-2024:0559
reference_id	RHSA-2024:0559
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0559

reference_url	https://access.redhat.com/errata/RHSA-2024:0565
reference_id	RHSA-2024:0565
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0565

reference_url	https://access.redhat.com/errata/RHSA-2024:0596
reference_id	RHSA-2024:0596
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0596

reference_url	https://access.redhat.com/errata/RHSA-2024:0598
reference_id	RHSA-2024:0598
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0598

reference_url	https://access.redhat.com/errata/RHSA-2024:0600
reference_id	RHSA-2024:0600
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0600

reference_url	https://access.redhat.com/errata/RHSA-2024:0601
reference_id	RHSA-2024:0601
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0601

reference_url	https://access.redhat.com/errata/RHSA-2024:0602
reference_id	RHSA-2024:0602
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0602

reference_url	https://access.redhat.com/errata/RHSA-2024:0603
reference_id	RHSA-2024:0603
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0603

reference_url	https://access.redhat.com/errata/RHSA-2024:0604
reference_id	RHSA-2024:0604
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0604

reference_url	https://access.redhat.com/errata/RHSA-2024:0605
reference_id	RHSA-2024:0605
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0605

reference_url	https://access.redhat.com/errata/RHSA-2024:0608
reference_id	RHSA-2024:0608
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0608

reference_url	https://access.redhat.com/errata/RHSA-2024:0609
reference_id	RHSA-2024:0609
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0609

reference_url	https://access.redhat.com/errata/RHSA-2024:0615
reference_id	RHSA-2024:0615
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0615

reference_url	https://access.redhat.com/errata/RHSA-2024:0616
reference_id	RHSA-2024:0616
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0616

reference_url	https://access.redhat.com/errata/RHSA-2024:0618
reference_id	RHSA-2024:0618
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0618

reference_url	https://access.redhat.com/errata/RHSA-2024:0619
reference_id	RHSA-2024:0619
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0619

reference_url	https://access.redhat.com/errata/RHSA-2024:0622
reference_id	RHSA-2024:0622
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0622

reference_url	https://access.redhat.com/errata/RHSA-2024:0623
reference_id	RHSA-2024:0623
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0623

reference_url

https://bugzilla.mozilla.org/show_bug.cgi?id=1863083

reference_id

show_bug.cgi?id=1863083

reference_type

scores

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-02-06T05:00:17Z/

url

https://bugzilla.mozilla.org/show_bug.cgi?id=1863083

reference_url	https://usn.ubuntu.com/6610-1/
reference_id	USN-6610-1
reference_type
scores
url	https://usn.ubuntu.com/6610-1/

reference_url	https://usn.ubuntu.com/6669-1/
reference_id	USN-6669-1
reference_type
scores
url	https://usn.ubuntu.com/6669-1/

fixed_packages

url	pkg:ebuild/mail-client/thunderbird-bin@115.7.0
purl	pkg:ebuild/mail-client/thunderbird-bin@115.7.0
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:ebuild/mail-client/thunderbird-bin@115.7.0

aliases CVE-2024-0750

risk_score 4.0

exploitability 0.5

weighted_severity 8.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-ej4n-w59v-vfab

url VCID-emg3-zrwj-ffah

vulnerability_id VCID-emg3-zrwj-ffah

summary A compromised content process could have provided malicious data in a `PathRecording` resulting in an out-of-bounds write, leading to a potentially exploitable crash in a privileged process. This vulnerability affects Firefox < 118, Firefox ESR < 115.3, and Thunderbird < 115.3.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-5169.json

reference_id

reference_type

scores

value	6.5
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-5169.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2023-5169

reference_id

reference_type

scores

value	0.0024
scoring_system	epss
scoring_elements	0.47325
published_at	2026-06-11T12:55:00Z

value	0.0024
scoring_system	epss
scoring_elements	0.47466
published_at	2026-06-12T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2023-5169

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-5169
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-5169

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-5171
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-5171

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-5176
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-5176

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-5217
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-5217

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2240893
reference_id	2240893
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2240893

reference_url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AY642Z6JZODQJE7Z62CFREVUHEGCXGPD/

reference_id

AY642Z6JZODQJE7Z62CFREVUHEGCXGPD

reference_type

scores

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-23T19:25:15Z/

url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AY642Z6JZODQJE7Z62CFREVUHEGCXGPD/

reference_url

reference_id

dsa-5506

reference_type

scores

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-23T19:25:15Z/

url

reference_url

reference_id

dsa-5513

reference_type

scores

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-23T19:25:15Z/

url

https://www.mozilla.org/en-US/security/advisories/mfsa2023-41

reference_url	https://security.gentoo.org/glsa/202402-25
reference_id	GLSA-202402-25
reference_type
scores
url	https://security.gentoo.org/glsa/202402-25

reference_url

reference_id

mfsa2023-41

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2023-41

reference_url

https://www.mozilla.org/security/advisories/mfsa2023-41/

reference_id

mfsa2023-41

reference_type

scores

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-23T19:25:15Z/

url

https://www.mozilla.org/security/advisories/mfsa2023-41/

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2023-42

reference_id

mfsa2023-42

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2023-42

reference_url

https://www.mozilla.org/security/advisories/mfsa2023-42/

reference_id

mfsa2023-42

reference_type

scores

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-23T19:25:15Z/

url

https://www.mozilla.org/security/advisories/mfsa2023-42/

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2023-43

reference_id

mfsa2023-43

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2023-43

reference_url

https://www.mozilla.org/security/advisories/mfsa2023-43/

reference_id

mfsa2023-43

reference_type

scores

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-23T19:25:15Z/

url

https://www.mozilla.org/security/advisories/mfsa2023-43/

reference_url

https://lists.debian.org/debian-lts-announce/2023/10/msg00015.html

reference_id

msg00015.html

reference_type

scores

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-23T19:25:15Z/

url

https://lists.debian.org/debian-lts-announce/2023/10/msg00015.html

reference_url

https://lists.debian.org/debian-lts-announce/2023/09/msg00034.html

reference_id

msg00034.html

reference_type

scores

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-23T19:25:15Z/

url

https://lists.debian.org/debian-lts-announce/2023/09/msg00034.html

reference_url	https://access.redhat.com/errata/RHSA-2023:5426
reference_id	RHSA-2023:5426
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:5426

reference_url	https://access.redhat.com/errata/RHSA-2023:5427
reference_id	RHSA-2023:5427
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:5427

reference_url	https://access.redhat.com/errata/RHSA-2023:5428
reference_id	RHSA-2023:5428
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:5428

reference_url	https://access.redhat.com/errata/RHSA-2023:5429
reference_id	RHSA-2023:5429
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:5429

reference_url	https://access.redhat.com/errata/RHSA-2023:5430
reference_id	RHSA-2023:5430
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:5430

reference_url	https://access.redhat.com/errata/RHSA-2023:5432
reference_id	RHSA-2023:5432
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:5432

reference_url	https://access.redhat.com/errata/RHSA-2023:5433
reference_id	RHSA-2023:5433
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:5433

reference_url	https://access.redhat.com/errata/RHSA-2023:5434
reference_id	RHSA-2023:5434
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:5434

reference_url	https://access.redhat.com/errata/RHSA-2023:5435
reference_id	RHSA-2023:5435
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:5435

reference_url	https://access.redhat.com/errata/RHSA-2023:5436
reference_id	RHSA-2023:5436
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:5436

reference_url	https://access.redhat.com/errata/RHSA-2023:5437
reference_id	RHSA-2023:5437
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:5437

reference_url	https://access.redhat.com/errata/RHSA-2023:5438
reference_id	RHSA-2023:5438
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:5438

reference_url	https://access.redhat.com/errata/RHSA-2023:5439
reference_id	RHSA-2023:5439
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:5439

reference_url	https://access.redhat.com/errata/RHSA-2023:5440
reference_id	RHSA-2023:5440
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:5440

reference_url	https://access.redhat.com/errata/RHSA-2023:5475
reference_id	RHSA-2023:5475
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:5475

reference_url	https://access.redhat.com/errata/RHSA-2023:5477
reference_id	RHSA-2023:5477
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:5477

reference_url

https://bugzilla.mozilla.org/show_bug.cgi?id=1846685

reference_id

show_bug.cgi?id=1846685

reference_type

scores

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-23T19:25:15Z/

url

https://bugzilla.mozilla.org/show_bug.cgi?id=1846685

reference_url	https://usn.ubuntu.com/6404-1/
reference_id	USN-6404-1
reference_type
scores
url	https://usn.ubuntu.com/6404-1/

reference_url	https://usn.ubuntu.com/6405-1/
reference_id	USN-6405-1
reference_type
scores
url	https://usn.ubuntu.com/6405-1/

fixed_packages

url	pkg:ebuild/mail-client/thunderbird-bin@115.7.0
purl	pkg:ebuild/mail-client/thunderbird-bin@115.7.0
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:ebuild/mail-client/thunderbird-bin@115.7.0

aliases CVE-2023-5169

risk_score 4.0

exploitability 0.5

weighted_severity 8.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-emg3-zrwj-ffah

url VCID-eten-9z5q-m3ar

vulnerability_id VCID-eten-9z5q-m3ar

summary Multiple vulnerabilities have been discovered in Mozilla Thunderbird, the worst of which could lead to remote code execution.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-6206.json

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-6206.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2023-6206

reference_id

reference_type

scores

value	0.00428
scoring_system	epss
scoring_elements	0.62867
published_at	2026-06-11T12:55:00Z

value	0.00428
scoring_system	epss
scoring_elements	0.62968
published_at	2026-06-12T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2023-6206

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6204
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6204

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6205
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6205

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6206
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6206

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6207
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6207

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6208
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6208

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6209
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6209

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6212
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6212

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2250898
reference_id	2250898
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2250898

reference_url	https://security.gentoo.org/glsa/202402-25
reference_id	GLSA-202402-25
reference_type
scores
url	https://security.gentoo.org/glsa/202402-25

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2023-49

reference_id

mfsa2023-49

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2023-49

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2023-50

reference_id

mfsa2023-50

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2023-50

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2023-52

reference_id

mfsa2023-52

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2023-52

reference_url	https://access.redhat.com/errata/RHSA-2023:7499
reference_id	RHSA-2023:7499
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:7499

reference_url	https://access.redhat.com/errata/RHSA-2023:7500
reference_id	RHSA-2023:7500
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:7500

reference_url	https://access.redhat.com/errata/RHSA-2023:7501
reference_id	RHSA-2023:7501
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:7501

reference_url	https://access.redhat.com/errata/RHSA-2023:7502
reference_id	RHSA-2023:7502
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:7502

reference_url	https://access.redhat.com/errata/RHSA-2023:7503
reference_id	RHSA-2023:7503
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:7503

reference_url	https://access.redhat.com/errata/RHSA-2023:7504
reference_id	RHSA-2023:7504
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:7504

reference_url	https://access.redhat.com/errata/RHSA-2023:7505
reference_id	RHSA-2023:7505
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:7505

reference_url	https://access.redhat.com/errata/RHSA-2023:7506
reference_id	RHSA-2023:7506
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:7506

reference_url	https://access.redhat.com/errata/RHSA-2023:7507
reference_id	RHSA-2023:7507
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:7507

reference_url	https://access.redhat.com/errata/RHSA-2023:7508
reference_id	RHSA-2023:7508
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:7508

reference_url	https://access.redhat.com/errata/RHSA-2023:7509
reference_id	RHSA-2023:7509
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:7509

reference_url	https://access.redhat.com/errata/RHSA-2023:7510
reference_id	RHSA-2023:7510
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:7510

reference_url	https://access.redhat.com/errata/RHSA-2023:7511
reference_id	RHSA-2023:7511
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:7511

reference_url	https://access.redhat.com/errata/RHSA-2023:7512
reference_id	RHSA-2023:7512
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:7512

reference_url	https://access.redhat.com/errata/RHSA-2023:7547
reference_id	RHSA-2023:7547
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:7547

reference_url	https://access.redhat.com/errata/RHSA-2023:7569
reference_id	RHSA-2023:7569
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:7569

reference_url	https://access.redhat.com/errata/RHSA-2023:7570
reference_id	RHSA-2023:7570
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:7570

reference_url	https://access.redhat.com/errata/RHSA-2023:7573
reference_id	RHSA-2023:7573
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:7573

reference_url	https://access.redhat.com/errata/RHSA-2023:7574
reference_id	RHSA-2023:7574
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:7574

reference_url	https://access.redhat.com/errata/RHSA-2023:7577
reference_id	RHSA-2023:7577
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:7577

reference_url	https://usn.ubuntu.com/6509-1/
reference_id	USN-6509-1
reference_type
scores
url	https://usn.ubuntu.com/6509-1/

reference_url	https://usn.ubuntu.com/6515-1/
reference_id	USN-6515-1
reference_type
scores
url	https://usn.ubuntu.com/6515-1/

fixed_packages

url	pkg:ebuild/mail-client/thunderbird-bin@115.7.0
purl	pkg:ebuild/mail-client/thunderbird-bin@115.7.0
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:ebuild/mail-client/thunderbird-bin@115.7.0

aliases CVE-2023-6206

risk_score 4.0

exploitability 0.5

weighted_severity 8.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-eten-9z5q-m3ar

url VCID-ev38-kcd1-6ycx

vulnerability_id VCID-ev38-kcd1-6ycx

summary

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-3417.json

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-3417.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2023-3417

reference_id

reference_type

scores

value	0.00205
scoring_system	epss
scoring_elements	0.42647
published_at	2026-06-11T12:55:00Z

value	0.00205
scoring_system	epss
scoring_elements	0.42808
published_at	2026-06-12T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2023-3417

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-3417
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-3417

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2225325
reference_id	2225325
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2225325

reference_url

https://www.debian.org/security/2023/dsa-5463

reference_id

dsa-5463

reference_type

scores

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-25T18:54:00Z/

url

https://www.debian.org/security/2023/dsa-5463

reference_url	https://security.gentoo.org/glsa/202402-25
reference_id	GLSA-202402-25
reference_type
scores
url	https://security.gentoo.org/glsa/202402-25

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2023-27

reference_id

mfsa2023-27

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2023-27

reference_url

https://www.mozilla.org/security/advisories/mfsa2023-27/

reference_id

mfsa2023-27

reference_type

scores

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-25T18:54:00Z/

url

https://www.mozilla.org/security/advisories/mfsa2023-27/

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2023-28

reference_id

mfsa2023-28

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2023-28

reference_url

https://www.mozilla.org/security/advisories/mfsa2023-28/

reference_id

mfsa2023-28

reference_type

scores

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-25T18:54:00Z/

url

https://www.mozilla.org/security/advisories/mfsa2023-28/

reference_url

https://lists.debian.org/debian-lts-announce/2023/07/msg00032.html

reference_id

msg00032.html

reference_type

scores

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-25T18:54:00Z/

url

https://lists.debian.org/debian-lts-announce/2023/07/msg00032.html

reference_url	https://access.redhat.com/errata/RHSA-2023:4492
reference_id	RHSA-2023:4492
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:4492

reference_url	https://access.redhat.com/errata/RHSA-2023:4493
reference_id	RHSA-2023:4493
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:4493

reference_url	https://access.redhat.com/errata/RHSA-2023:4494
reference_id	RHSA-2023:4494
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:4494

reference_url	https://access.redhat.com/errata/RHSA-2023:4495
reference_id	RHSA-2023:4495
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:4495

reference_url	https://access.redhat.com/errata/RHSA-2023:4496
reference_id	RHSA-2023:4496
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:4496

reference_url	https://access.redhat.com/errata/RHSA-2023:4497
reference_id	RHSA-2023:4497
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:4497

reference_url	https://access.redhat.com/errata/RHSA-2023:4499
reference_id	RHSA-2023:4499
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:4499

reference_url	https://access.redhat.com/errata/RHSA-2023:4500
reference_id	RHSA-2023:4500
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:4500

reference_url

https://bugzilla.mozilla.org/show_bug.cgi?id=1835582

reference_id

show_bug.cgi?id=1835582

reference_type

scores

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-25T18:54:00Z/

url

https://bugzilla.mozilla.org/show_bug.cgi?id=1835582

reference_url	https://usn.ubuntu.com/6333-1/
reference_id	USN-6333-1
reference_type
scores
url	https://usn.ubuntu.com/6333-1/

fixed_packages

url	pkg:ebuild/mail-client/thunderbird-bin@115.7.0
purl	pkg:ebuild/mail-client/thunderbird-bin@115.7.0
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:ebuild/mail-client/thunderbird-bin@115.7.0

aliases CVE-2023-3417

risk_score 4.0

exploitability 0.5

weighted_severity 8.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-ev38-kcd1-6ycx

url VCID-ezs2-dmsv-1ygm

vulnerability_id VCID-ezs2-dmsv-1ygm

summary When receiving rendering data over IPC `mStream` could have been destroyed when initialized, which could have led to a use-after-free causing a potentially exploitable crash. This vulnerability affects Firefox < 117, Firefox ESR < 102.15, Firefox ESR < 115.2, Thunderbird < 102.15, and Thunderbird < 115.2.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-4573.json

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-4573.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2023-4573

reference_id

reference_type

scores

value	0.00137
scoring_system	epss
scoring_elements	0.33618
published_at	2026-06-12T12:55:00Z

value	0.00137
scoring_system	epss
scoring_elements	0.33437
published_at	2026-06-11T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2023-4573

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-4573
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-4573

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-4574
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-4574

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-4575
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-4575

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-4581
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-4581

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-4584
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-4584

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2236071
reference_id	2236071
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2236071

reference_url	https://security.gentoo.org/glsa/202402-25
reference_id	GLSA-202402-25
reference_type
scores
url	https://security.gentoo.org/glsa/202402-25

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2023-34

reference_id

mfsa2023-34

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2023-34

reference_url

https://www.mozilla.org/security/advisories/mfsa2023-34/

reference_id

mfsa2023-34

reference_type

scores

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-09-26T15:08:18Z/

url

https://www.mozilla.org/security/advisories/mfsa2023-34/

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2023-35

reference_id

mfsa2023-35

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2023-35

reference_url

https://www.mozilla.org/security/advisories/mfsa2023-35/

reference_id

mfsa2023-35

reference_type

scores

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-09-26T15:08:18Z/

url

https://www.mozilla.org/security/advisories/mfsa2023-35/

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2023-36

reference_id

mfsa2023-36

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2023-36

reference_url

https://www.mozilla.org/security/advisories/mfsa2023-36/

reference_id

mfsa2023-36

reference_type

scores

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-09-26T15:08:18Z/

url

https://www.mozilla.org/security/advisories/mfsa2023-36/

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2023-37

reference_id

mfsa2023-37

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2023-37

reference_url

https://www.mozilla.org/security/advisories/mfsa2023-37/

reference_id

mfsa2023-37

reference_type

scores

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-09-26T15:08:18Z/

url

https://www.mozilla.org/security/advisories/mfsa2023-37/

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2023-38

reference_id

mfsa2023-38

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2023-38

reference_url

https://www.mozilla.org/security/advisories/mfsa2023-38/

reference_id

mfsa2023-38

reference_type

scores

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-09-26T15:08:18Z/

url

https://www.mozilla.org/security/advisories/mfsa2023-38/

reference_url	https://access.redhat.com/errata/RHSA-2023:4945
reference_id	RHSA-2023:4945
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:4945

reference_url	https://access.redhat.com/errata/RHSA-2023:4946
reference_id	RHSA-2023:4946
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:4946

reference_url	https://access.redhat.com/errata/RHSA-2023:4947
reference_id	RHSA-2023:4947
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:4947

reference_url	https://access.redhat.com/errata/RHSA-2023:4948
reference_id	RHSA-2023:4948
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:4948

reference_url	https://access.redhat.com/errata/RHSA-2023:4949
reference_id	RHSA-2023:4949
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:4949

reference_url	https://access.redhat.com/errata/RHSA-2023:4950
reference_id	RHSA-2023:4950
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:4950

reference_url	https://access.redhat.com/errata/RHSA-2023:4951
reference_id	RHSA-2023:4951
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:4951

reference_url	https://access.redhat.com/errata/RHSA-2023:4952
reference_id	RHSA-2023:4952
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:4952

reference_url	https://access.redhat.com/errata/RHSA-2023:4954
reference_id	RHSA-2023:4954
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:4954

reference_url	https://access.redhat.com/errata/RHSA-2023:4955
reference_id	RHSA-2023:4955
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:4955

reference_url	https://access.redhat.com/errata/RHSA-2023:4956
reference_id	RHSA-2023:4956
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:4956

reference_url	https://access.redhat.com/errata/RHSA-2023:4957
reference_id	RHSA-2023:4957
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:4957

reference_url	https://access.redhat.com/errata/RHSA-2023:4958
reference_id	RHSA-2023:4958
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:4958

reference_url	https://access.redhat.com/errata/RHSA-2023:4959
reference_id	RHSA-2023:4959
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:4959

reference_url	https://access.redhat.com/errata/RHSA-2023:5019
reference_id	RHSA-2023:5019
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:5019

reference_url

https://bugzilla.mozilla.org/show_bug.cgi?id=1846687

reference_id

show_bug.cgi?id=1846687

reference_type

scores

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-09-26T15:08:18Z/

url

https://bugzilla.mozilla.org/show_bug.cgi?id=1846687

reference_url	https://usn.ubuntu.com/6320-1/
reference_id	USN-6320-1
reference_type
scores
url	https://usn.ubuntu.com/6320-1/

reference_url	https://usn.ubuntu.com/6368-1/
reference_id	USN-6368-1
reference_type
scores
url	https://usn.ubuntu.com/6368-1/

fixed_packages

url	pkg:ebuild/mail-client/thunderbird-bin@115.7.0
purl	pkg:ebuild/mail-client/thunderbird-bin@115.7.0
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:ebuild/mail-client/thunderbird-bin@115.7.0

aliases CVE-2023-4573

risk_score 4.0

exploitability 0.5

weighted_severity 8.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-ezs2-dmsv-1ygm

url VCID-g2sc-3wte-bqgm

vulnerability_id VCID-g2sc-3wte-bqgm

summary An attacker could have triggered a use-after-free condition when creating a WebRTC connection over HTTPS. This vulnerability affects Firefox < 115, Firefox ESR < 102.13, and Thunderbird < 102.13.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-37201.json

reference_id

reference_type

scores

value	8.8
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-37201.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2023-37201

reference_id

reference_type

scores

value	0.00758
scoring_system	epss
scoring_elements	0.73751
published_at	2026-06-11T12:55:00Z

value	0.00758
scoring_system	epss
scoring_elements	0.73825
published_at	2026-06-12T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2023-37201

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-37201
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-37201

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-37202
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-37202

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-37207
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-37207

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-37208
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-37208

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-37211
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-37211

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2219747
reference_id	2219747
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2219747

reference_url

reference_id

dsa-5450

reference_type

scores

value	Track*
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2024-11-21T14:30:36Z/

url

reference_url

reference_id

dsa-5451

reference_type

scores

value	Track*
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2024-11-21T14:30:36Z/

url

https://www.mozilla.org/en-US/security/advisories/mfsa2023-22

reference_url	https://security.gentoo.org/glsa/202402-25
reference_id	GLSA-202402-25
reference_type
scores
url	https://security.gentoo.org/glsa/202402-25

reference_url

reference_id

mfsa2023-22

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2023-22

reference_url

https://www.mozilla.org/security/advisories/mfsa2023-22/

reference_id

mfsa2023-22

reference_type

scores

value	Track*
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2024-11-21T14:30:36Z/

url

https://www.mozilla.org/security/advisories/mfsa2023-22/

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2023-23

reference_id

mfsa2023-23

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2023-23

reference_url

https://www.mozilla.org/security/advisories/mfsa2023-23/

reference_id

mfsa2023-23

reference_type

scores

value	Track*
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2024-11-21T14:30:36Z/

url

https://www.mozilla.org/security/advisories/mfsa2023-23/

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2023-24

reference_id

mfsa2023-24

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2023-24

reference_url

https://www.mozilla.org/security/advisories/mfsa2023-24/

reference_id

mfsa2023-24

reference_type

scores

value	Track*
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2024-11-21T14:30:36Z/

url

https://www.mozilla.org/security/advisories/mfsa2023-24/

reference_url

https://lists.debian.org/debian-lts-announce/2023/07/msg00006.html

reference_id

msg00006.html

reference_type

scores

value	Track*
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2024-11-21T14:30:36Z/

url

https://lists.debian.org/debian-lts-announce/2023/07/msg00006.html

reference_url

https://lists.debian.org/debian-lts-announce/2023/07/msg00015.html

reference_id

msg00015.html

reference_type

scores

value	Track*
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2024-11-21T14:30:36Z/

url

https://lists.debian.org/debian-lts-announce/2023/07/msg00015.html

reference_url	https://access.redhat.com/errata/RHSA-2023:4062
reference_id	RHSA-2023:4062
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:4062

reference_url	https://access.redhat.com/errata/RHSA-2023:4063
reference_id	RHSA-2023:4063
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:4063

reference_url	https://access.redhat.com/errata/RHSA-2023:4064
reference_id	RHSA-2023:4064
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:4064

reference_url	https://access.redhat.com/errata/RHSA-2023:4065
reference_id	RHSA-2023:4065
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:4065

reference_url	https://access.redhat.com/errata/RHSA-2023:4066
reference_id	RHSA-2023:4066
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:4066

reference_url	https://access.redhat.com/errata/RHSA-2023:4067
reference_id	RHSA-2023:4067
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:4067

reference_url	https://access.redhat.com/errata/RHSA-2023:4068
reference_id	RHSA-2023:4068
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:4068

reference_url	https://access.redhat.com/errata/RHSA-2023:4069
reference_id	RHSA-2023:4069
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:4069

reference_url	https://access.redhat.com/errata/RHSA-2023:4070
reference_id	RHSA-2023:4070
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:4070

reference_url	https://access.redhat.com/errata/RHSA-2023:4071
reference_id	RHSA-2023:4071
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:4071

reference_url	https://access.redhat.com/errata/RHSA-2023:4072
reference_id	RHSA-2023:4072
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:4072

reference_url	https://access.redhat.com/errata/RHSA-2023:4073
reference_id	RHSA-2023:4073
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:4073

reference_url	https://access.redhat.com/errata/RHSA-2023:4074
reference_id	RHSA-2023:4074
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:4074

reference_url	https://access.redhat.com/errata/RHSA-2023:4075
reference_id	RHSA-2023:4075
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:4075

reference_url	https://access.redhat.com/errata/RHSA-2023:4076
reference_id	RHSA-2023:4076
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:4076

reference_url	https://access.redhat.com/errata/RHSA-2023:4079
reference_id	RHSA-2023:4079
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:4079

reference_url

https://bugzilla.mozilla.org/show_bug.cgi?id=1826002

reference_id

show_bug.cgi?id=1826002

reference_type

scores

value	Track*
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2024-11-21T14:30:36Z/

url

https://bugzilla.mozilla.org/show_bug.cgi?id=1826002

reference_url	https://usn.ubuntu.com/6201-1/
reference_id	USN-6201-1
reference_type
scores
url	https://usn.ubuntu.com/6201-1/

reference_url	https://usn.ubuntu.com/6214-1/
reference_id	USN-6214-1
reference_type
scores
url	https://usn.ubuntu.com/6214-1/

fixed_packages

url	pkg:ebuild/mail-client/thunderbird-bin@115.7.0
purl	pkg:ebuild/mail-client/thunderbird-bin@115.7.0
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:ebuild/mail-client/thunderbird-bin@115.7.0

aliases CVE-2023-37201

risk_score 4.0

exploitability 0.5

weighted_severity 8.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-g2sc-3wte-bqgm

url VCID-gavm-ev8z-bfhr

vulnerability_id VCID-gavm-ev8z-bfhr

summary A Linux user opening the print preview dialog could have caused the browser to crash. This vulnerability affects Firefox < 122, Firefox ESR < 115.7, and Thunderbird < 115.7.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-0746.json

reference_id

reference_type

scores

value	6.1
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-0746.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2024-0746

reference_id

reference_type

scores

value	0.00411
scoring_system	epss
scoring_elements	0.6192
published_at	2026-06-12T12:55:00Z

value	0.00411
scoring_system	epss
scoring_elements	0.6182
published_at	2026-06-11T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2024-0746

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-0741
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-0741

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-0742
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-0742

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-0746
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-0746

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-0747
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-0747

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-0749
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-0749

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-0750
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-0750

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-0751
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-0751

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-0753
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-0753

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-0755
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-0755

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2259928
reference_id	2259928
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2259928

reference_url	https://security.gentoo.org/glsa/202402-25
reference_id	GLSA-202402-25
reference_type
scores
url	https://security.gentoo.org/glsa/202402-25

reference_url	https://security.gentoo.org/glsa/202402-26
reference_id	GLSA-202402-26
reference_type
scores
url	https://security.gentoo.org/glsa/202402-26

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2024-01

reference_id

mfsa2024-01

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2024-01

reference_url

https://www.mozilla.org/security/advisories/mfsa2024-01/

reference_id

mfsa2024-01

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-01-23T18:33:56Z/

url

https://www.mozilla.org/security/advisories/mfsa2024-01/

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2024-02

reference_id

mfsa2024-02

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2024-02

reference_url

https://www.mozilla.org/security/advisories/mfsa2024-02/

reference_id

mfsa2024-02

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-01-23T18:33:56Z/

url

https://www.mozilla.org/security/advisories/mfsa2024-02/

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2024-04

reference_id

mfsa2024-04

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2024-04

reference_url

https://www.mozilla.org/security/advisories/mfsa2024-04/

reference_id

mfsa2024-04

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-01-23T18:33:56Z/

url

https://www.mozilla.org/security/advisories/mfsa2024-04/

reference_url

https://lists.debian.org/debian-lts-announce/2024/01/msg00015.html

reference_id

msg00015.html

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-01-23T18:33:56Z/

url

https://lists.debian.org/debian-lts-announce/2024/01/msg00015.html

reference_url

https://lists.debian.org/debian-lts-announce/2024/01/msg00022.html

reference_id

msg00022.html

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-01-23T18:33:56Z/

url

https://lists.debian.org/debian-lts-announce/2024/01/msg00022.html

reference_url	https://access.redhat.com/errata/RHSA-2024:0559
reference_id	RHSA-2024:0559
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0559

reference_url	https://access.redhat.com/errata/RHSA-2024:0565
reference_id	RHSA-2024:0565
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0565

reference_url	https://access.redhat.com/errata/RHSA-2024:0596
reference_id	RHSA-2024:0596
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0596

reference_url	https://access.redhat.com/errata/RHSA-2024:0598
reference_id	RHSA-2024:0598
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0598

reference_url	https://access.redhat.com/errata/RHSA-2024:0600
reference_id	RHSA-2024:0600
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0600

reference_url	https://access.redhat.com/errata/RHSA-2024:0601
reference_id	RHSA-2024:0601
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0601

reference_url	https://access.redhat.com/errata/RHSA-2024:0602
reference_id	RHSA-2024:0602
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0602

reference_url	https://access.redhat.com/errata/RHSA-2024:0603
reference_id	RHSA-2024:0603
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0603

reference_url	https://access.redhat.com/errata/RHSA-2024:0604
reference_id	RHSA-2024:0604
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0604

reference_url	https://access.redhat.com/errata/RHSA-2024:0605
reference_id	RHSA-2024:0605
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0605

reference_url	https://access.redhat.com/errata/RHSA-2024:0608
reference_id	RHSA-2024:0608
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0608

reference_url	https://access.redhat.com/errata/RHSA-2024:0609
reference_id	RHSA-2024:0609
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0609

reference_url	https://access.redhat.com/errata/RHSA-2024:0615
reference_id	RHSA-2024:0615
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0615

reference_url	https://access.redhat.com/errata/RHSA-2024:0616
reference_id	RHSA-2024:0616
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0616

reference_url	https://access.redhat.com/errata/RHSA-2024:0618
reference_id	RHSA-2024:0618
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0618

reference_url	https://access.redhat.com/errata/RHSA-2024:0619
reference_id	RHSA-2024:0619
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0619

reference_url	https://access.redhat.com/errata/RHSA-2024:0622
reference_id	RHSA-2024:0622
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0622

reference_url	https://access.redhat.com/errata/RHSA-2024:0623
reference_id	RHSA-2024:0623
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0623

reference_url

https://bugzilla.mozilla.org/show_bug.cgi?id=1660223

reference_id

show_bug.cgi?id=1660223

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-01-23T18:33:56Z/

url

https://bugzilla.mozilla.org/show_bug.cgi?id=1660223

reference_url	https://usn.ubuntu.com/6610-1/
reference_id	USN-6610-1
reference_type
scores
url	https://usn.ubuntu.com/6610-1/

reference_url	https://usn.ubuntu.com/6669-1/
reference_id	USN-6669-1
reference_type
scores
url	https://usn.ubuntu.com/6669-1/

fixed_packages

url	pkg:ebuild/mail-client/thunderbird-bin@115.7.0
purl	pkg:ebuild/mail-client/thunderbird-bin@115.7.0
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:ebuild/mail-client/thunderbird-bin@115.7.0

aliases CVE-2024-0746

risk_score 4.0

exploitability 0.5

weighted_severity 8.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-gavm-ev8z-bfhr

url VCID-h6nv-ygrv-kyen

vulnerability_id VCID-h6nv-ygrv-kyen

summary

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-4045.json

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-4045.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2023-4045

reference_id

reference_type

scores

value	0.00251
scoring_system	epss
scoring_elements	0.48729
published_at	2026-06-11T12:55:00Z

value	0.00251
scoring_system	epss
scoring_elements	0.48866
published_at	2026-06-12T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2023-4045

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-4045
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-4045

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-4046
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-4046

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-4047
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-4047

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-4048
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-4048

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-4049
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-4049

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-4050
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-4050

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-4055
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-4055

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-4056
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-4056

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2228360
reference_id	2228360
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2228360

reference_url

reference_id

dsa-5464

reference_type

scores

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-22T15:29:47Z/

url

reference_url

reference_id

dsa-5469

reference_type

scores

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-22T15:29:47Z/

url

https://www.mozilla.org/en-US/security/advisories/mfsa2023-29

reference_url	https://security.gentoo.org/glsa/202402-25
reference_id	GLSA-202402-25
reference_type
scores
url	https://security.gentoo.org/glsa/202402-25

reference_url

reference_id

mfsa2023-29

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2023-29

reference_url

https://www.mozilla.org/security/advisories/mfsa2023-29/

reference_id

mfsa2023-29

reference_type

scores

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-22T15:29:47Z/

url

https://www.mozilla.org/security/advisories/mfsa2023-29/

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2023-30

reference_id

mfsa2023-30

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2023-30

reference_url

https://www.mozilla.org/security/advisories/mfsa2023-30/

reference_id

mfsa2023-30

reference_type

scores

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-22T15:29:47Z/

url

https://www.mozilla.org/security/advisories/mfsa2023-30/

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2023-31

reference_id

mfsa2023-31

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2023-31

reference_url

https://www.mozilla.org/security/advisories/mfsa2023-31/

reference_id

mfsa2023-31

reference_type

scores

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-22T15:29:47Z/

url

https://www.mozilla.org/security/advisories/mfsa2023-31/

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2023-32

reference_id

mfsa2023-32

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2023-32

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2023-33

reference_id

mfsa2023-33

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2023-33

reference_url

https://lists.debian.org/debian-lts-announce/2023/08/msg00008.html

reference_id

msg00008.html

reference_type

scores

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-22T15:29:47Z/

url

https://lists.debian.org/debian-lts-announce/2023/08/msg00008.html

reference_url

https://lists.debian.org/debian-lts-announce/2023/08/msg00010.html

reference_id

msg00010.html

reference_type

scores

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-22T15:29:47Z/

url

https://lists.debian.org/debian-lts-announce/2023/08/msg00010.html

reference_url	https://access.redhat.com/errata/RHSA-2023:4460
reference_id	RHSA-2023:4460
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:4460

reference_url	https://access.redhat.com/errata/RHSA-2023:4461
reference_id	RHSA-2023:4461
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:4461

reference_url	https://access.redhat.com/errata/RHSA-2023:4462
reference_id	RHSA-2023:4462
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:4462

reference_url	https://access.redhat.com/errata/RHSA-2023:4463
reference_id	RHSA-2023:4463
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:4463

reference_url	https://access.redhat.com/errata/RHSA-2023:4464
reference_id	RHSA-2023:4464
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:4464

reference_url	https://access.redhat.com/errata/RHSA-2023:4465
reference_id	RHSA-2023:4465
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:4465

reference_url	https://access.redhat.com/errata/RHSA-2023:4468
reference_id	RHSA-2023:4468
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:4468

reference_url	https://access.redhat.com/errata/RHSA-2023:4469
reference_id	RHSA-2023:4469
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:4469

reference_url	https://access.redhat.com/errata/RHSA-2023:4492
reference_id	RHSA-2023:4492
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:4492

reference_url	https://access.redhat.com/errata/RHSA-2023:4493
reference_id	RHSA-2023:4493
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:4493

reference_url	https://access.redhat.com/errata/RHSA-2023:4494
reference_id	RHSA-2023:4494
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:4494

reference_url	https://access.redhat.com/errata/RHSA-2023:4495
reference_id	RHSA-2023:4495
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:4495

reference_url	https://access.redhat.com/errata/RHSA-2023:4496
reference_id	RHSA-2023:4496
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:4496

reference_url	https://access.redhat.com/errata/RHSA-2023:4497
reference_id	RHSA-2023:4497
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:4497

reference_url	https://access.redhat.com/errata/RHSA-2023:4499
reference_id	RHSA-2023:4499
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:4499

reference_url	https://access.redhat.com/errata/RHSA-2023:4500
reference_id	RHSA-2023:4500
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:4500

reference_url

https://bugzilla.mozilla.org/show_bug.cgi?id=1833876

reference_id

show_bug.cgi?id=1833876

reference_type

scores

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-22T15:29:47Z/

url

https://bugzilla.mozilla.org/show_bug.cgi?id=1833876

reference_url	https://usn.ubuntu.com/6267-1/
reference_id	USN-6267-1
reference_type
scores
url	https://usn.ubuntu.com/6267-1/

reference_url	https://usn.ubuntu.com/6333-1/
reference_id	USN-6333-1
reference_type
scores
url	https://usn.ubuntu.com/6333-1/

fixed_packages

url	pkg:ebuild/mail-client/thunderbird-bin@115.7.0
purl	pkg:ebuild/mail-client/thunderbird-bin@115.7.0
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:ebuild/mail-client/thunderbird-bin@115.7.0

aliases CVE-2023-4045

risk_score 4.0

exploitability 0.5

weighted_severity 8.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-h6nv-ygrv-kyen

url VCID-jcek-pgfg-g3b2

vulnerability_id VCID-jcek-pgfg-g3b2

summary

The Firefox updater created a directory writable by non-privileged users. When uninstalling Firefox, any files in that directory would be recursively deleted with the permissions of the uninstalling user account. This could be combined with creation of a junction (a form of symbolic link) to allow arbitrary file deletion controlled by the non-privileged user. 
*This bug only affects Firefox on Windows. Other operating systems are unaffected.* This vulnerability affects Firefox < 116, Firefox ESR < 115.1, and Thunderbird < 115.1.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-4052.json

reference_id

reference_type

scores

value	6.1
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-4052.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2023-4052

reference_id

reference_type

scores

value	0.00191
scoring_system	epss
scoring_elements	0.41008
published_at	2026-06-12T12:55:00Z

value	0.00191
scoring_system	epss
scoring_elements	0.40841
published_at	2026-06-11T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2023-4052

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2228369
reference_id	2228369
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2228369

reference_url	https://security.gentoo.org/glsa/202402-25
reference_id	GLSA-202402-25
reference_type
scores
url	https://security.gentoo.org/glsa/202402-25

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2023-29

reference_id

mfsa2023-29

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2023-29

reference_url

https://www.mozilla.org/security/advisories/mfsa2023-29/

reference_id

mfsa2023-29

reference_type

scores

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-22T14:38:55Z/

url

https://www.mozilla.org/security/advisories/mfsa2023-29/

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2023-31

reference_id

mfsa2023-31

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2023-31

reference_url

https://www.mozilla.org/security/advisories/mfsa2023-31/

reference_id

mfsa2023-31

reference_type

scores

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-22T14:38:55Z/

url

https://www.mozilla.org/security/advisories/mfsa2023-31/

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2023-33

reference_id

mfsa2023-33

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2023-33

reference_url

https://www.mozilla.org/security/advisories/mfsa2023-33/

reference_id

mfsa2023-33

reference_type

scores

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-22T14:38:55Z/

url

https://www.mozilla.org/security/advisories/mfsa2023-33/

reference_url

https://bugzilla.mozilla.org/show_bug.cgi?id=1824420

reference_id

show_bug.cgi?id=1824420

reference_type

scores

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-22T14:38:55Z/

url

https://bugzilla.mozilla.org/show_bug.cgi?id=1824420

fixed_packages

url	pkg:ebuild/mail-client/thunderbird-bin@115.7.0
purl	pkg:ebuild/mail-client/thunderbird-bin@115.7.0
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:ebuild/mail-client/thunderbird-bin@115.7.0

aliases CVE-2023-4052

risk_score null

exploitability null

weighted_severity null

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-jcek-pgfg-g3b2

url VCID-k7md-ezhm-c7hv

vulnerability_id VCID-k7md-ezhm-c7hv

summary Multiple vulnerabilities have been discovered in Mozilla Thunderbird, the worst of which could lead to remote code execution.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-6861.json

reference_id

reference_type

scores

value	8.8
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-6861.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2023-6861

reference_id

reference_type

scores

value	0.00499
scoring_system	epss
scoring_elements	0.6639
published_at	2026-06-11T12:55:00Z

value	0.00499
scoring_system	epss
scoring_elements	0.66483
published_at	2026-06-12T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2023-6861

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-50761
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-50761

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-50762
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-50762

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6856
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6856

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6857
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6857

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6858
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6858

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6859
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6859

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6860
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6860

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6861
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6861

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6862
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6862

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6863
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6863

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6864
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6864

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6865
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6865

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6867
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6867

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6873
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6873

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2255367
reference_id	2255367
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2255367

reference_url	https://security.gentoo.org/glsa/202402-25
reference_id	GLSA-202402-25
reference_type
scores
url	https://security.gentoo.org/glsa/202402-25

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2023-54

reference_id

mfsa2023-54

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2023-54

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2023-55

reference_id

mfsa2023-55

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2023-55

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2023-56

reference_id

mfsa2023-56

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2023-56

reference_url	https://access.redhat.com/errata/RHSA-2024:0001
reference_id	RHSA-2024:0001
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0001

reference_url	https://access.redhat.com/errata/RHSA-2024:0002
reference_id	RHSA-2024:0002
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0002

reference_url	https://access.redhat.com/errata/RHSA-2024:0003
reference_id	RHSA-2024:0003
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0003

reference_url	https://access.redhat.com/errata/RHSA-2024:0004
reference_id	RHSA-2024:0004
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0004

reference_url	https://access.redhat.com/errata/RHSA-2024:0005
reference_id	RHSA-2024:0005
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0005

reference_url	https://access.redhat.com/errata/RHSA-2024:0011
reference_id	RHSA-2024:0011
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0011

reference_url	https://access.redhat.com/errata/RHSA-2024:0012
reference_id	RHSA-2024:0012
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0012

reference_url	https://access.redhat.com/errata/RHSA-2024:0019
reference_id	RHSA-2024:0019
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0019

reference_url	https://access.redhat.com/errata/RHSA-2024:0021
reference_id	RHSA-2024:0021
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0021

reference_url	https://access.redhat.com/errata/RHSA-2024:0022
reference_id	RHSA-2024:0022
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0022

reference_url	https://access.redhat.com/errata/RHSA-2024:0023
reference_id	RHSA-2024:0023
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0023

reference_url	https://access.redhat.com/errata/RHSA-2024:0024
reference_id	RHSA-2024:0024
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0024

reference_url	https://access.redhat.com/errata/RHSA-2024:0025
reference_id	RHSA-2024:0025
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0025

reference_url	https://access.redhat.com/errata/RHSA-2024:0026
reference_id	RHSA-2024:0026
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0026

reference_url	https://access.redhat.com/errata/RHSA-2024:0027
reference_id	RHSA-2024:0027
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0027

reference_url	https://access.redhat.com/errata/RHSA-2024:0028
reference_id	RHSA-2024:0028
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0028

reference_url	https://access.redhat.com/errata/RHSA-2024:0029
reference_id	RHSA-2024:0029
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0029

reference_url	https://access.redhat.com/errata/RHSA-2024:0030
reference_id	RHSA-2024:0030
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0030

reference_url	https://usn.ubuntu.com/6562-1/
reference_id	USN-6562-1
reference_type
scores
url	https://usn.ubuntu.com/6562-1/

reference_url	https://usn.ubuntu.com/6563-1/
reference_id	USN-6563-1
reference_type
scores
url	https://usn.ubuntu.com/6563-1/

fixed_packages

url	pkg:ebuild/mail-client/thunderbird-bin@115.7.0
purl	pkg:ebuild/mail-client/thunderbird-bin@115.7.0
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:ebuild/mail-client/thunderbird-bin@115.7.0

aliases CVE-2023-6861

risk_score 4.0

exploitability 0.5

weighted_severity 8.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-k7md-ezhm-c7hv

url VCID-kc2c-tznm-wffb

vulnerability_id VCID-kc2c-tznm-wffb

summary

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-5732.json

reference_id

reference_type

scores

value	6.1
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-5732.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2023-5732

reference_id

reference_type

scores

value	0.00289
scoring_system	epss
scoring_elements	0.52739
published_at	2026-06-11T12:55:00Z

value	0.00289
scoring_system	epss
scoring_elements	0.52868
published_at	2026-06-12T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2023-5732

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-5721
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-5721

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-5724
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-5724

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-5725
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-5725

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-5728
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-5728

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-5730
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-5730

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-5732
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-5732

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	6.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2245898
reference_id	2245898
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2245898

reference_url

reference_id

dsa-5535

reference_type

scores

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-11T18:24:34Z/

url

reference_url

reference_id

dsa-5538

reference_type

scores

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-11T18:24:34Z/

url

https://www.mozilla.org/en-US/security/advisories/mfsa2023-34

reference_url	https://security.gentoo.org/glsa/202402-25
reference_id	GLSA-202402-25
reference_type
scores
url	https://security.gentoo.org/glsa/202402-25

reference_url

reference_id

mfsa2023-34

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2023-34

reference_url

https://www.mozilla.org/security/advisories/mfsa2023-34/

reference_id

mfsa2023-34

reference_type

scores

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-11T18:24:34Z/

url

https://www.mozilla.org/security/advisories/mfsa2023-34/

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2023-46

reference_id

mfsa2023-46

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2023-46

reference_url

https://www.mozilla.org/security/advisories/mfsa2023-46/

reference_id

mfsa2023-46

reference_type

scores

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-11T18:24:34Z/

url

https://www.mozilla.org/security/advisories/mfsa2023-46/

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2023-47

reference_id

mfsa2023-47

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2023-47

reference_url

https://www.mozilla.org/security/advisories/mfsa2023-47/

reference_id

mfsa2023-47

reference_type

scores

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-11T18:24:34Z/

url

https://www.mozilla.org/security/advisories/mfsa2023-47/

reference_url

https://lists.debian.org/debian-lts-announce/2023/10/msg00037.html

reference_id

msg00037.html

reference_type

scores

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-11T18:24:34Z/

url

https://lists.debian.org/debian-lts-announce/2023/10/msg00037.html

reference_url

https://lists.debian.org/debian-lts-announce/2023/10/msg00042.html

reference_id

msg00042.html

reference_type

scores

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-11T18:24:34Z/

url

https://lists.debian.org/debian-lts-announce/2023/10/msg00042.html

reference_url	https://access.redhat.com/errata/RHSA-2023:6162
reference_id	RHSA-2023:6162
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:6162

reference_url	https://access.redhat.com/errata/RHSA-2023:6185
reference_id	RHSA-2023:6185
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:6185

reference_url	https://access.redhat.com/errata/RHSA-2023:6186
reference_id	RHSA-2023:6186
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:6186

reference_url	https://access.redhat.com/errata/RHSA-2023:6187
reference_id	RHSA-2023:6187
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:6187

reference_url	https://access.redhat.com/errata/RHSA-2023:6188
reference_id	RHSA-2023:6188
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:6188

reference_url	https://access.redhat.com/errata/RHSA-2023:6189
reference_id	RHSA-2023:6189
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:6189

reference_url	https://access.redhat.com/errata/RHSA-2023:6191
reference_id	RHSA-2023:6191
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:6191

reference_url	https://access.redhat.com/errata/RHSA-2023:6194
reference_id	RHSA-2023:6194
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:6194

reference_url	https://access.redhat.com/errata/RHSA-2023:6195
reference_id	RHSA-2023:6195
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:6195

reference_url	https://access.redhat.com/errata/RHSA-2023:6196
reference_id	RHSA-2023:6196
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:6196

reference_url	https://access.redhat.com/errata/RHSA-2023:6197
reference_id	RHSA-2023:6197
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:6197

reference_url	https://access.redhat.com/errata/RHSA-2023:6198
reference_id	RHSA-2023:6198
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:6198

reference_url	https://access.redhat.com/errata/RHSA-2023:6199
reference_id	RHSA-2023:6199
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:6199

reference_url

https://bugzilla.mozilla.org/show_bug.cgi?id=1690979

reference_id

show_bug.cgi?id=1690979

reference_type

scores

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-11T18:24:34Z/

url

https://bugzilla.mozilla.org/show_bug.cgi?id=1690979

reference_url

https://bugzilla.mozilla.org/show_bug.cgi?id=1836962

reference_id

show_bug.cgi?id=1836962

reference_type

scores

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-11T18:24:34Z/

url

https://bugzilla.mozilla.org/show_bug.cgi?id=1836962

reference_url	https://usn.ubuntu.com/6468-1/
reference_id	USN-6468-1
reference_type
scores
url	https://usn.ubuntu.com/6468-1/

fixed_packages

url	pkg:ebuild/mail-client/thunderbird-bin@115.7.0
purl	pkg:ebuild/mail-client/thunderbird-bin@115.7.0
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:ebuild/mail-client/thunderbird-bin@115.7.0

aliases CVE-2023-5732

risk_score 4.0

exploitability 0.5

weighted_severity 8.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-kc2c-tznm-wffb

url VCID-kfbc-sdkf-jfgx

vulnerability_id VCID-kfbc-sdkf-jfgx

summary When calling `JS::CheckRegExpSyntax` a Syntax Error could have been set which would end in calling `convertToRuntimeErrorAndClear`. A path in the function could attempt to allocate memory when none is available which would have caused a newly created Out of Memory exception to be mishandled as a Syntax Error. This vulnerability affects Firefox < 117, Firefox ESR < 115.2, and Thunderbird < 115.2.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-4578.json

reference_id

reference_type

scores

value	6.1
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-4578.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2023-4578

reference_id

reference_type

scores

value	0.0011
scoring_system	epss
scoring_elements	0.29085
published_at	2026-06-12T12:55:00Z

value	0.0011
scoring_system	epss
scoring_elements	0.28883
published_at	2026-06-11T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2023-4578

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2236077
reference_id	2236077
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2236077

reference_url	https://security.gentoo.org/glsa/202402-25
reference_id	GLSA-202402-25
reference_type
scores
url	https://security.gentoo.org/glsa/202402-25

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2023-34

reference_id

mfsa2023-34

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2023-34

reference_url

https://www.mozilla.org/security/advisories/mfsa2023-34/

reference_id

mfsa2023-34

reference_type

scores

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-19T20:02:09Z/

url

https://www.mozilla.org/security/advisories/mfsa2023-34/

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2023-36

reference_id

mfsa2023-36

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2023-36

reference_url

https://www.mozilla.org/security/advisories/mfsa2023-36/

reference_id

mfsa2023-36

reference_type

scores

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-19T20:02:09Z/

url

https://www.mozilla.org/security/advisories/mfsa2023-36/

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2023-38

reference_id

mfsa2023-38

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2023-38

reference_url

https://www.mozilla.org/security/advisories/mfsa2023-38/

reference_id

mfsa2023-38

reference_type

scores

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-19T20:02:09Z/

url

https://www.mozilla.org/security/advisories/mfsa2023-38/

reference_url	https://access.redhat.com/errata/RHSA-2023:4945
reference_id	RHSA-2023:4945
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:4945

reference_url	https://access.redhat.com/errata/RHSA-2023:4946
reference_id	RHSA-2023:4946
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:4946

reference_url	https://access.redhat.com/errata/RHSA-2023:4947
reference_id	RHSA-2023:4947
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:4947

reference_url	https://access.redhat.com/errata/RHSA-2023:4948
reference_id	RHSA-2023:4948
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:4948

reference_url	https://access.redhat.com/errata/RHSA-2023:4949
reference_id	RHSA-2023:4949
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:4949

reference_url	https://access.redhat.com/errata/RHSA-2023:4950
reference_id	RHSA-2023:4950
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:4950

reference_url	https://access.redhat.com/errata/RHSA-2023:4951
reference_id	RHSA-2023:4951
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:4951

reference_url	https://access.redhat.com/errata/RHSA-2023:4952
reference_id	RHSA-2023:4952
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:4952

reference_url	https://access.redhat.com/errata/RHSA-2023:4954
reference_id	RHSA-2023:4954
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:4954

reference_url	https://access.redhat.com/errata/RHSA-2023:4955
reference_id	RHSA-2023:4955
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:4955

reference_url	https://access.redhat.com/errata/RHSA-2023:4956
reference_id	RHSA-2023:4956
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:4956

reference_url	https://access.redhat.com/errata/RHSA-2023:4957
reference_id	RHSA-2023:4957
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:4957

reference_url	https://access.redhat.com/errata/RHSA-2023:4958
reference_id	RHSA-2023:4958
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:4958

reference_url	https://access.redhat.com/errata/RHSA-2023:4959
reference_id	RHSA-2023:4959
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:4959

reference_url	https://access.redhat.com/errata/RHSA-2023:5019
reference_id	RHSA-2023:5019
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:5019

reference_url

https://bugzilla.mozilla.org/show_bug.cgi?id=1839007

reference_id

show_bug.cgi?id=1839007

reference_type

scores

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-19T20:02:09Z/

url

https://bugzilla.mozilla.org/show_bug.cgi?id=1839007

reference_url	https://usn.ubuntu.com/6320-1/
reference_id	USN-6320-1
reference_type
scores
url	https://usn.ubuntu.com/6320-1/

reference_url	https://usn.ubuntu.com/6405-1/
reference_id	USN-6405-1
reference_type
scores
url	https://usn.ubuntu.com/6405-1/

fixed_packages

url	pkg:ebuild/mail-client/thunderbird-bin@115.7.0
purl	pkg:ebuild/mail-client/thunderbird-bin@115.7.0
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:ebuild/mail-client/thunderbird-bin@115.7.0

aliases CVE-2023-4578

risk_score 4.0

exploitability 0.5

weighted_severity 8.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-kfbc-sdkf-jfgx

url VCID-km5q-hvb6-huct

vulnerability_id VCID-km5q-hvb6-huct

summary Memory safety bugs present in Firefox 117, Firefox ESR 115.2, and Thunderbird 115.2. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 118, Firefox ESR < 115.3, and Thunderbird < 115.3.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-5176.json

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-5176.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2023-5176

reference_id

reference_type

scores

value	0.00704
scoring_system	epss
scoring_elements	0.72635
published_at	2026-06-12T12:55:00Z

value	0.00704
scoring_system	epss
scoring_elements	0.72557
published_at	2026-06-11T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2023-5176

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-5169
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-5169

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-5171
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-5171

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-5176
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-5176

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-5217
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-5217

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2240896
reference_id	2240896
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2240896

reference_url

https://bugzilla.mozilla.org/buglist.cgi?bug_id=1836353%2C1842674%2C1843824%2C1843962%2C1848890%2C1850180%2C1850983%2C1851195

reference_id

buglist.cgi?bug_id=1836353%2C1842674%2C1843824%2C1843962%2C1848890%2C1850180%2C1850983%2C1851195

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-04-23T13:27:06Z/

url

https://bugzilla.mozilla.org/buglist.cgi?bug_id=1836353%2C1842674%2C1843824%2C1843962%2C1848890%2C1850180%2C1850983%2C1851195

reference_url

reference_id

dsa-5506

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-04-23T13:27:06Z/

url

reference_url

reference_id

dsa-5513

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-04-23T13:27:06Z/

url

https://www.mozilla.org/en-US/security/advisories/mfsa2023-41

reference_url	https://security.gentoo.org/glsa/202402-25
reference_id	GLSA-202402-25
reference_type
scores
url	https://security.gentoo.org/glsa/202402-25

reference_url

reference_id

mfsa2023-41

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2023-41

reference_url

https://www.mozilla.org/security/advisories/mfsa2023-41/

reference_id

mfsa2023-41

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-04-23T13:27:06Z/

url

https://www.mozilla.org/security/advisories/mfsa2023-41/

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2023-42

reference_id

mfsa2023-42

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2023-42

reference_url

https://www.mozilla.org/security/advisories/mfsa2023-42/

reference_id

mfsa2023-42

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-04-23T13:27:06Z/

url

https://www.mozilla.org/security/advisories/mfsa2023-42/

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2023-43

reference_id

mfsa2023-43

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2023-43

reference_url

https://www.mozilla.org/security/advisories/mfsa2023-43/

reference_id

mfsa2023-43

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-04-23T13:27:06Z/

url

https://www.mozilla.org/security/advisories/mfsa2023-43/

reference_url

https://lists.debian.org/debian-lts-announce/2023/10/msg00015.html

reference_id

msg00015.html

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-04-23T13:27:06Z/

url

https://lists.debian.org/debian-lts-announce/2023/10/msg00015.html

reference_url

https://lists.debian.org/debian-lts-announce/2023/09/msg00034.html

reference_id

msg00034.html

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-04-23T13:27:06Z/

url

https://lists.debian.org/debian-lts-announce/2023/09/msg00034.html

reference_url	https://access.redhat.com/errata/RHSA-2023:5426
reference_id	RHSA-2023:5426
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:5426

reference_url	https://access.redhat.com/errata/RHSA-2023:5427
reference_id	RHSA-2023:5427
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:5427

reference_url	https://access.redhat.com/errata/RHSA-2023:5428
reference_id	RHSA-2023:5428
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:5428

reference_url	https://access.redhat.com/errata/RHSA-2023:5429
reference_id	RHSA-2023:5429
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:5429

reference_url	https://access.redhat.com/errata/RHSA-2023:5430
reference_id	RHSA-2023:5430
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:5430

reference_url	https://access.redhat.com/errata/RHSA-2023:5432
reference_id	RHSA-2023:5432
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:5432

reference_url	https://access.redhat.com/errata/RHSA-2023:5433
reference_id	RHSA-2023:5433
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:5433

reference_url	https://access.redhat.com/errata/RHSA-2023:5434
reference_id	RHSA-2023:5434
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:5434

reference_url	https://access.redhat.com/errata/RHSA-2023:5435
reference_id	RHSA-2023:5435
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:5435

reference_url	https://access.redhat.com/errata/RHSA-2023:5436
reference_id	RHSA-2023:5436
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:5436

reference_url	https://access.redhat.com/errata/RHSA-2023:5437
reference_id	RHSA-2023:5437
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:5437

reference_url	https://access.redhat.com/errata/RHSA-2023:5438
reference_id	RHSA-2023:5438
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:5438

reference_url	https://access.redhat.com/errata/RHSA-2023:5439
reference_id	RHSA-2023:5439
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:5439

reference_url	https://access.redhat.com/errata/RHSA-2023:5440
reference_id	RHSA-2023:5440
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:5440

reference_url	https://access.redhat.com/errata/RHSA-2023:5475
reference_id	RHSA-2023:5475
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:5475

reference_url	https://access.redhat.com/errata/RHSA-2023:5477
reference_id	RHSA-2023:5477
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:5477

reference_url	https://usn.ubuntu.com/6404-1/
reference_id	USN-6404-1
reference_type
scores
url	https://usn.ubuntu.com/6404-1/

reference_url	https://usn.ubuntu.com/6405-1/
reference_id	USN-6405-1
reference_type
scores
url	https://usn.ubuntu.com/6405-1/

fixed_packages

url	pkg:ebuild/mail-client/thunderbird-bin@115.7.0
purl	pkg:ebuild/mail-client/thunderbird-bin@115.7.0
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:ebuild/mail-client/thunderbird-bin@115.7.0

aliases CVE-2023-5176

risk_score 4.4

exploitability 0.5

weighted_severity 8.8

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-km5q-hvb6-huct

url VCID-kptt-wx11-6fem

vulnerability_id VCID-kptt-wx11-6fem

summary When a parent page loaded a child in an iframe with `unsafe-inline`, the parent Content Security Policy could have overridden the child Content Security Policy. This vulnerability affects Firefox < 122, Firefox ESR < 115.7, and Thunderbird < 115.7.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-0747.json

reference_id

reference_type

scores

value	6.1
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-0747.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2024-0747

reference_id

reference_type

scores

value	0.00462
scoring_system	epss
scoring_elements	0.64624
published_at	2026-06-11T12:55:00Z

value	0.00462
scoring_system	epss
scoring_elements	0.64727
published_at	2026-06-12T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2024-0747

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-0741
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-0741

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-0742
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-0742

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-0746
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-0746

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-0747
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-0747

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-0749
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-0749

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-0750
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-0750

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-0751
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-0751

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-0753
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-0753

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-0755
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-0755

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2259929
reference_id	2259929
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2259929

reference_url	https://security.gentoo.org/glsa/202402-25
reference_id	GLSA-202402-25
reference_type
scores
url	https://security.gentoo.org/glsa/202402-25

reference_url	https://security.gentoo.org/glsa/202402-26
reference_id	GLSA-202402-26
reference_type
scores
url	https://security.gentoo.org/glsa/202402-26

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2024-01

reference_id

mfsa2024-01

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2024-01

reference_url

https://www.mozilla.org/security/advisories/mfsa2024-01/

reference_id

mfsa2024-01

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-01-23T20:11:17Z/

url

https://www.mozilla.org/security/advisories/mfsa2024-01/

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2024-02

reference_id

mfsa2024-02

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2024-02

reference_url

https://www.mozilla.org/security/advisories/mfsa2024-02/

reference_id

mfsa2024-02

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-01-23T20:11:17Z/

url

https://www.mozilla.org/security/advisories/mfsa2024-02/

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2024-04

reference_id

mfsa2024-04

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2024-04

reference_url

https://www.mozilla.org/security/advisories/mfsa2024-04/

reference_id

mfsa2024-04

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-01-23T20:11:17Z/

url

https://www.mozilla.org/security/advisories/mfsa2024-04/

reference_url

https://lists.debian.org/debian-lts-announce/2024/01/msg00015.html

reference_id

msg00015.html

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-01-23T20:11:17Z/

url

https://lists.debian.org/debian-lts-announce/2024/01/msg00015.html

reference_url

https://lists.debian.org/debian-lts-announce/2024/01/msg00022.html

reference_id

msg00022.html

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-01-23T20:11:17Z/

url

https://lists.debian.org/debian-lts-announce/2024/01/msg00022.html

reference_url	https://access.redhat.com/errata/RHSA-2024:0559
reference_id	RHSA-2024:0559
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0559

reference_url	https://access.redhat.com/errata/RHSA-2024:0565
reference_id	RHSA-2024:0565
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0565

reference_url	https://access.redhat.com/errata/RHSA-2024:0596
reference_id	RHSA-2024:0596
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0596

reference_url	https://access.redhat.com/errata/RHSA-2024:0598
reference_id	RHSA-2024:0598
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0598

reference_url	https://access.redhat.com/errata/RHSA-2024:0600
reference_id	RHSA-2024:0600
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0600

reference_url	https://access.redhat.com/errata/RHSA-2024:0601
reference_id	RHSA-2024:0601
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0601

reference_url	https://access.redhat.com/errata/RHSA-2024:0602
reference_id	RHSA-2024:0602
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0602

reference_url	https://access.redhat.com/errata/RHSA-2024:0603
reference_id	RHSA-2024:0603
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0603

reference_url	https://access.redhat.com/errata/RHSA-2024:0604
reference_id	RHSA-2024:0604
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0604

reference_url	https://access.redhat.com/errata/RHSA-2024:0605
reference_id	RHSA-2024:0605
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0605

reference_url	https://access.redhat.com/errata/RHSA-2024:0608
reference_id	RHSA-2024:0608
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0608

reference_url	https://access.redhat.com/errata/RHSA-2024:0609
reference_id	RHSA-2024:0609
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0609

reference_url	https://access.redhat.com/errata/RHSA-2024:0615
reference_id	RHSA-2024:0615
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0615

reference_url	https://access.redhat.com/errata/RHSA-2024:0616
reference_id	RHSA-2024:0616
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0616

reference_url	https://access.redhat.com/errata/RHSA-2024:0618
reference_id	RHSA-2024:0618
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0618

reference_url	https://access.redhat.com/errata/RHSA-2024:0619
reference_id	RHSA-2024:0619
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0619

reference_url	https://access.redhat.com/errata/RHSA-2024:0622
reference_id	RHSA-2024:0622
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0622

reference_url	https://access.redhat.com/errata/RHSA-2024:0623
reference_id	RHSA-2024:0623
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0623

reference_url

https://bugzilla.mozilla.org/show_bug.cgi?id=1764343

reference_id

show_bug.cgi?id=1764343

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-01-23T20:11:17Z/

url

https://bugzilla.mozilla.org/show_bug.cgi?id=1764343

reference_url	https://usn.ubuntu.com/6610-1/
reference_id	USN-6610-1
reference_type
scores
url	https://usn.ubuntu.com/6610-1/

reference_url	https://usn.ubuntu.com/6669-1/
reference_id	USN-6669-1
reference_type
scores
url	https://usn.ubuntu.com/6669-1/

fixed_packages

url	pkg:ebuild/mail-client/thunderbird-bin@115.7.0
purl	pkg:ebuild/mail-client/thunderbird-bin@115.7.0
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:ebuild/mail-client/thunderbird-bin@115.7.0

aliases CVE-2024-0747

risk_score 4.0

exploitability 0.5

weighted_severity 8.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-kptt-wx11-6fem

url VCID-mpdb-gsfy-43dr

vulnerability_id VCID-mpdb-gsfy-43dr

summary A website could have obscured the fullscreen notification by using a URL with a scheme handled by an external program, such as a mailto URL. This could have led to user confusion and possible spoofing attacks. This vulnerability affects Firefox < 115, Firefox ESR < 102.13, and Thunderbird < 102.13.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-37207.json

reference_id

reference_type

scores

value	6.1
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-37207.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2023-37207

reference_id

reference_type

scores

value	0.00417
scoring_system	epss
scoring_elements	0.62207
published_at	2026-06-11T12:55:00Z

value	0.00417
scoring_system	epss
scoring_elements	0.62309
published_at	2026-06-12T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2023-37207

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-37201
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-37201

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-37202
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-37202

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-37207
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-37207

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-37208
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-37208

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-37211
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-37211

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2219749
reference_id	2219749
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2219749

reference_url

reference_id

dsa-5450

reference_type

scores

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-11-20T21:36:31Z/

url

reference_url

reference_id

dsa-5451

reference_type

scores

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-11-20T21:36:31Z/

url

https://www.mozilla.org/en-US/security/advisories/mfsa2023-22

reference_url	https://security.gentoo.org/glsa/202402-25
reference_id	GLSA-202402-25
reference_type
scores
url	https://security.gentoo.org/glsa/202402-25

reference_url

reference_id

mfsa2023-22

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2023-22

reference_url

https://www.mozilla.org/security/advisories/mfsa2023-22/

reference_id

mfsa2023-22

reference_type

scores

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-11-20T21:36:31Z/

url

https://www.mozilla.org/security/advisories/mfsa2023-22/

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2023-23

reference_id

mfsa2023-23

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2023-23

reference_url

https://www.mozilla.org/security/advisories/mfsa2023-23/

reference_id

mfsa2023-23

reference_type

scores

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-11-20T21:36:31Z/

url

https://www.mozilla.org/security/advisories/mfsa2023-23/

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2023-24

reference_id

mfsa2023-24

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2023-24

reference_url

https://www.mozilla.org/security/advisories/mfsa2023-24/

reference_id

mfsa2023-24

reference_type

scores

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-11-20T21:36:31Z/

url

https://www.mozilla.org/security/advisories/mfsa2023-24/

reference_url

https://lists.debian.org/debian-lts-announce/2023/07/msg00006.html

reference_id

msg00006.html

reference_type

scores

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-11-20T21:36:31Z/

url

https://lists.debian.org/debian-lts-announce/2023/07/msg00006.html

reference_url

https://lists.debian.org/debian-lts-announce/2023/07/msg00015.html

reference_id

msg00015.html

reference_type

scores

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-11-20T21:36:31Z/

url

https://lists.debian.org/debian-lts-announce/2023/07/msg00015.html

reference_url	https://access.redhat.com/errata/RHSA-2023:4062
reference_id	RHSA-2023:4062
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:4062

reference_url	https://access.redhat.com/errata/RHSA-2023:4063
reference_id	RHSA-2023:4063
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:4063

reference_url	https://access.redhat.com/errata/RHSA-2023:4064
reference_id	RHSA-2023:4064
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:4064

reference_url	https://access.redhat.com/errata/RHSA-2023:4065
reference_id	RHSA-2023:4065
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:4065

reference_url	https://access.redhat.com/errata/RHSA-2023:4066
reference_id	RHSA-2023:4066
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:4066

reference_url	https://access.redhat.com/errata/RHSA-2023:4067
reference_id	RHSA-2023:4067
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:4067

reference_url	https://access.redhat.com/errata/RHSA-2023:4068
reference_id	RHSA-2023:4068
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:4068

reference_url	https://access.redhat.com/errata/RHSA-2023:4069
reference_id	RHSA-2023:4069
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:4069

reference_url	https://access.redhat.com/errata/RHSA-2023:4070
reference_id	RHSA-2023:4070
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:4070

reference_url	https://access.redhat.com/errata/RHSA-2023:4071
reference_id	RHSA-2023:4071
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:4071

reference_url	https://access.redhat.com/errata/RHSA-2023:4072
reference_id	RHSA-2023:4072
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:4072

reference_url	https://access.redhat.com/errata/RHSA-2023:4073
reference_id	RHSA-2023:4073
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:4073

reference_url	https://access.redhat.com/errata/RHSA-2023:4074
reference_id	RHSA-2023:4074
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:4074

reference_url	https://access.redhat.com/errata/RHSA-2023:4075
reference_id	RHSA-2023:4075
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:4075

reference_url	https://access.redhat.com/errata/RHSA-2023:4076
reference_id	RHSA-2023:4076
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:4076

reference_url	https://access.redhat.com/errata/RHSA-2023:4079
reference_id	RHSA-2023:4079
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:4079

reference_url

https://bugzilla.mozilla.org/show_bug.cgi?id=1816287

reference_id

show_bug.cgi?id=1816287

reference_type

scores

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-11-20T21:36:31Z/

url

https://bugzilla.mozilla.org/show_bug.cgi?id=1816287

reference_url	https://usn.ubuntu.com/6201-1/
reference_id	USN-6201-1
reference_type
scores
url	https://usn.ubuntu.com/6201-1/

reference_url	https://usn.ubuntu.com/6214-1/
reference_id	USN-6214-1
reference_type
scores
url	https://usn.ubuntu.com/6214-1/

fixed_packages

url	pkg:ebuild/mail-client/thunderbird-bin@115.7.0
purl	pkg:ebuild/mail-client/thunderbird-bin@115.7.0
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:ebuild/mail-client/thunderbird-bin@115.7.0

aliases CVE-2023-37207

risk_score 4.0

exploitability 0.5

weighted_severity 8.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-mpdb-gsfy-43dr

url VCID-nppc-1va3-fbc3

vulnerability_id VCID-nppc-1va3-fbc3

summary Race conditions in reference counting code were found through code inspection. These could have resulted in potentially exploitable use-after-free vulnerabilities. This vulnerability affects Firefox < 116, Firefox ESR < 102.14, and Firefox ESR < 115.1.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-4049.json

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-4049.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2023-4049

reference_id

reference_type

scores

value	0.00229
scoring_system	epss
scoring_elements	0.45961
published_at	2026-06-12T12:55:00Z

value	0.00229
scoring_system	epss
scoring_elements	0.45816
published_at	2026-06-11T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2023-4049

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-4045
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-4045

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-4046
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-4046

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-4047
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-4047

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-4048
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-4048

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-4049
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-4049

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-4050
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-4050

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-4055
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-4055

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-4056
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-4056

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2228364
reference_id	2228364
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2228364

reference_url

reference_id

dsa-5464

reference_type

scores

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-22T15:10:50Z/

url

reference_url

reference_id

dsa-5469

reference_type

scores

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-22T15:10:50Z/

url

https://www.mozilla.org/en-US/security/advisories/mfsa2023-29

reference_url	https://security.gentoo.org/glsa/202402-25
reference_id	GLSA-202402-25
reference_type
scores
url	https://security.gentoo.org/glsa/202402-25

reference_url

reference_id

mfsa2023-29

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2023-29

reference_url

https://www.mozilla.org/security/advisories/mfsa2023-29/

reference_id

mfsa2023-29

reference_type

scores

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-22T15:10:50Z/

url

https://www.mozilla.org/security/advisories/mfsa2023-29/

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2023-30

reference_id

mfsa2023-30

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2023-30

reference_url

https://www.mozilla.org/security/advisories/mfsa2023-30/

reference_id

mfsa2023-30

reference_type

scores

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-22T15:10:50Z/

url

https://www.mozilla.org/security/advisories/mfsa2023-30/

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2023-31

reference_id

mfsa2023-31

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2023-31

reference_url

https://www.mozilla.org/security/advisories/mfsa2023-31/

reference_id

mfsa2023-31

reference_type

scores

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-22T15:10:50Z/

url

https://www.mozilla.org/security/advisories/mfsa2023-31/

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2023-32

reference_id

mfsa2023-32

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2023-32

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2023-33

reference_id

mfsa2023-33

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2023-33

reference_url

https://lists.debian.org/debian-lts-announce/2023/08/msg00008.html

reference_id

msg00008.html

reference_type

scores

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-22T15:10:50Z/

url

https://lists.debian.org/debian-lts-announce/2023/08/msg00008.html

reference_url

https://lists.debian.org/debian-lts-announce/2023/08/msg00010.html

reference_id

msg00010.html

reference_type

scores

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-22T15:10:50Z/

url

https://lists.debian.org/debian-lts-announce/2023/08/msg00010.html

reference_url	https://access.redhat.com/errata/RHSA-2023:4460
reference_id	RHSA-2023:4460
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:4460

reference_url	https://access.redhat.com/errata/RHSA-2023:4461
reference_id	RHSA-2023:4461
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:4461

reference_url	https://access.redhat.com/errata/RHSA-2023:4462
reference_id	RHSA-2023:4462
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:4462

reference_url	https://access.redhat.com/errata/RHSA-2023:4463
reference_id	RHSA-2023:4463
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:4463

reference_url	https://access.redhat.com/errata/RHSA-2023:4464
reference_id	RHSA-2023:4464
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:4464

reference_url	https://access.redhat.com/errata/RHSA-2023:4465
reference_id	RHSA-2023:4465
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:4465

reference_url	https://access.redhat.com/errata/RHSA-2023:4468
reference_id	RHSA-2023:4468
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:4468

reference_url	https://access.redhat.com/errata/RHSA-2023:4469
reference_id	RHSA-2023:4469
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:4469

reference_url	https://access.redhat.com/errata/RHSA-2023:4492
reference_id	RHSA-2023:4492
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:4492

reference_url	https://access.redhat.com/errata/RHSA-2023:4493
reference_id	RHSA-2023:4493
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:4493

reference_url	https://access.redhat.com/errata/RHSA-2023:4494
reference_id	RHSA-2023:4494
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:4494

reference_url	https://access.redhat.com/errata/RHSA-2023:4495
reference_id	RHSA-2023:4495
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:4495

reference_url	https://access.redhat.com/errata/RHSA-2023:4496
reference_id	RHSA-2023:4496
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:4496

reference_url	https://access.redhat.com/errata/RHSA-2023:4497
reference_id	RHSA-2023:4497
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:4497

reference_url	https://access.redhat.com/errata/RHSA-2023:4499
reference_id	RHSA-2023:4499
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:4499

reference_url	https://access.redhat.com/errata/RHSA-2023:4500
reference_id	RHSA-2023:4500
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:4500

reference_url

https://bugzilla.mozilla.org/show_bug.cgi?id=1842658

reference_id

show_bug.cgi?id=1842658

reference_type

scores

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-22T15:10:50Z/

url

https://bugzilla.mozilla.org/show_bug.cgi?id=1842658

reference_url	https://usn.ubuntu.com/6267-1/
reference_id	USN-6267-1
reference_type
scores
url	https://usn.ubuntu.com/6267-1/

reference_url	https://usn.ubuntu.com/6333-1/
reference_id	USN-6333-1
reference_type
scores
url	https://usn.ubuntu.com/6333-1/

fixed_packages

url	pkg:ebuild/mail-client/thunderbird-bin@115.7.0
purl	pkg:ebuild/mail-client/thunderbird-bin@115.7.0
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:ebuild/mail-client/thunderbird-bin@115.7.0

aliases CVE-2023-4049

risk_score 4.0

exploitability 0.5

weighted_severity 8.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-nppc-1va3-fbc3

url VCID-nqhf-g3y1-6kag

vulnerability_id VCID-nqhf-g3y1-6kag

summary When checking if the Browsing Context had been discarded in `HttpBaseChannel`, if the load group was not available then it was assumed to have already been discarded which was not always the case for private channels after the private session had ended. This vulnerability affects Firefox < 117, Firefox ESR < 115.2, and Thunderbird < 115.2.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-4583.json

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-4583.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2023-4583

reference_id

reference_type

scores

value	0.00146
scoring_system	epss
scoring_elements	0.34748
published_at	2026-06-11T12:55:00Z

value	0.00146
scoring_system	epss
scoring_elements	0.34926
published_at	2026-06-12T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2023-4583

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2236082
reference_id	2236082
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2236082

reference_url	https://security.gentoo.org/glsa/202402-25
reference_id	GLSA-202402-25
reference_type
scores
url	https://security.gentoo.org/glsa/202402-25

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2023-34

reference_id

mfsa2023-34

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2023-34

reference_url

https://www.mozilla.org/security/advisories/mfsa2023-34/

reference_id

mfsa2023-34

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-09-19T19:09:13Z/

url

https://www.mozilla.org/security/advisories/mfsa2023-34/

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2023-36

reference_id

mfsa2023-36

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2023-36

reference_url

https://www.mozilla.org/security/advisories/mfsa2023-36/

reference_id

mfsa2023-36

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-09-19T19:09:13Z/

url

https://www.mozilla.org/security/advisories/mfsa2023-36/

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2023-38

reference_id

mfsa2023-38

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2023-38

reference_url

https://www.mozilla.org/security/advisories/mfsa2023-38/

reference_id

mfsa2023-38

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-09-19T19:09:13Z/

url

https://www.mozilla.org/security/advisories/mfsa2023-38/

reference_url	https://access.redhat.com/errata/RHSA-2023:4945
reference_id	RHSA-2023:4945
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:4945

reference_url	https://access.redhat.com/errata/RHSA-2023:4946
reference_id	RHSA-2023:4946
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:4946

reference_url	https://access.redhat.com/errata/RHSA-2023:4947
reference_id	RHSA-2023:4947
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:4947

reference_url	https://access.redhat.com/errata/RHSA-2023:4948
reference_id	RHSA-2023:4948
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:4948

reference_url	https://access.redhat.com/errata/RHSA-2023:4949
reference_id	RHSA-2023:4949
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:4949

reference_url	https://access.redhat.com/errata/RHSA-2023:4950
reference_id	RHSA-2023:4950
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:4950

reference_url	https://access.redhat.com/errata/RHSA-2023:4951
reference_id	RHSA-2023:4951
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:4951

reference_url	https://access.redhat.com/errata/RHSA-2023:4952
reference_id	RHSA-2023:4952
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:4952

reference_url	https://access.redhat.com/errata/RHSA-2023:4954
reference_id	RHSA-2023:4954
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:4954

reference_url	https://access.redhat.com/errata/RHSA-2023:4955
reference_id	RHSA-2023:4955
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:4955

reference_url	https://access.redhat.com/errata/RHSA-2023:4956
reference_id	RHSA-2023:4956
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:4956

reference_url	https://access.redhat.com/errata/RHSA-2023:4957
reference_id	RHSA-2023:4957
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:4957

reference_url	https://access.redhat.com/errata/RHSA-2023:4958
reference_id	RHSA-2023:4958
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:4958

reference_url	https://access.redhat.com/errata/RHSA-2023:4959
reference_id	RHSA-2023:4959
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:4959

reference_url	https://access.redhat.com/errata/RHSA-2023:5019
reference_id	RHSA-2023:5019
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:5019

reference_url

https://bugzilla.mozilla.org/show_bug.cgi?id=1842030

reference_id

show_bug.cgi?id=1842030

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-09-19T19:09:13Z/

url

https://bugzilla.mozilla.org/show_bug.cgi?id=1842030

reference_url	https://usn.ubuntu.com/6320-1/
reference_id	USN-6320-1
reference_type
scores
url	https://usn.ubuntu.com/6320-1/

reference_url	https://usn.ubuntu.com/6405-1/
reference_id	USN-6405-1
reference_type
scores
url	https://usn.ubuntu.com/6405-1/

fixed_packages

url	pkg:ebuild/mail-client/thunderbird-bin@115.7.0
purl	pkg:ebuild/mail-client/thunderbird-bin@115.7.0
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:ebuild/mail-client/thunderbird-bin@115.7.0

aliases CVE-2023-4583

risk_score 4.0

exploitability 0.5

weighted_severity 8.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-nqhf-g3y1-6kag

url VCID-nvxk-j4aw-9fcn

vulnerability_id VCID-nvxk-j4aw-9fcn

summary Multiple vulnerabilities have been discovered in Mozilla Thunderbird, the worst of which could lead to remote code execution.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-50762.json

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-50762.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2023-50762

reference_id

reference_type

scores

value	0.00288
scoring_system	epss
scoring_elements	0.52647
published_at	2026-06-11T12:55:00Z

value	0.00288
scoring_system	epss
scoring_elements	0.52776
published_at	2026-06-12T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2023-50762

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-50761
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-50761

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-50762
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-50762

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6856
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6856

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6857
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6857

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6858
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6858

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6859
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6859

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6860
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6860

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6861
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6861

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6862
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6862

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6864
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6864

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6873
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6873

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2255379
reference_id	2255379
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2255379

reference_url	https://security.gentoo.org/glsa/202402-25
reference_id	GLSA-202402-25
reference_type
scores
url	https://security.gentoo.org/glsa/202402-25

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2023-55

reference_id

mfsa2023-55

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2023-55

reference_url	https://access.redhat.com/errata/RHSA-2024:0001
reference_id	RHSA-2024:0001
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0001

reference_url	https://access.redhat.com/errata/RHSA-2024:0002
reference_id	RHSA-2024:0002
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0002

reference_url	https://access.redhat.com/errata/RHSA-2024:0003
reference_id	RHSA-2024:0003
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0003

reference_url	https://access.redhat.com/errata/RHSA-2024:0004
reference_id	RHSA-2024:0004
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0004

reference_url	https://access.redhat.com/errata/RHSA-2024:0005
reference_id	RHSA-2024:0005
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0005

reference_url	https://access.redhat.com/errata/RHSA-2024:0027
reference_id	RHSA-2024:0027
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0027

reference_url	https://access.redhat.com/errata/RHSA-2024:0028
reference_id	RHSA-2024:0028
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0028

reference_url	https://access.redhat.com/errata/RHSA-2024:0029
reference_id	RHSA-2024:0029
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0029

reference_url	https://access.redhat.com/errata/RHSA-2024:0030
reference_id	RHSA-2024:0030
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0030

reference_url	https://usn.ubuntu.com/6563-1/
reference_id	USN-6563-1
reference_type
scores
url	https://usn.ubuntu.com/6563-1/

fixed_packages

url	pkg:ebuild/mail-client/thunderbird-bin@115.7.0
purl	pkg:ebuild/mail-client/thunderbird-bin@115.7.0
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:ebuild/mail-client/thunderbird-bin@115.7.0

aliases CVE-2023-50762

risk_score 4.0

exploitability 0.5

weighted_severity 8.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-nvxk-j4aw-9fcn

url VCID-p4f1-pshk-t7eq

vulnerability_id VCID-p4f1-pshk-t7eq

summary In some circumstances, a stale value could have been used for a global variable in WASM JIT analysis. This resulted in incorrect compilation and a potentially exploitable crash in the content process. This vulnerability affects Firefox < 116, Firefox ESR < 102.14, and Firefox ESR < 115.1.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-4046.json

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-4046.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2023-4046

reference_id

reference_type

scores

value	0.00229
scoring_system	epss
scoring_elements	0.45916
published_at	2026-06-12T12:55:00Z

value	0.00229
scoring_system	epss
scoring_elements	0.45771
published_at	2026-06-11T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2023-4046

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-4045
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-4045

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-4046
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-4046

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-4047
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-4047

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-4048
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-4048

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-4049
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-4049

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-4050
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-4050

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-4055
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-4055

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-4056
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-4056

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2228361
reference_id	2228361
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2228361

reference_url

reference_id

dsa-5464

reference_type

scores

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-22T15:25:12Z/

url

reference_url

reference_id

dsa-5469

reference_type

scores

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-22T15:25:12Z/

url

https://www.mozilla.org/en-US/security/advisories/mfsa2023-29

reference_url	https://security.gentoo.org/glsa/202402-25
reference_id	GLSA-202402-25
reference_type
scores
url	https://security.gentoo.org/glsa/202402-25

reference_url

reference_id

mfsa2023-29

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2023-29

reference_url

https://www.mozilla.org/security/advisories/mfsa2023-29/

reference_id

mfsa2023-29

reference_type

scores

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-22T15:25:12Z/

url

https://www.mozilla.org/security/advisories/mfsa2023-29/

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2023-30

reference_id

mfsa2023-30

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2023-30

reference_url

https://www.mozilla.org/security/advisories/mfsa2023-30/

reference_id

mfsa2023-30

reference_type

scores

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-22T15:25:12Z/

url

https://www.mozilla.org/security/advisories/mfsa2023-30/

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2023-31

reference_id

mfsa2023-31

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2023-31

reference_url

https://www.mozilla.org/security/advisories/mfsa2023-31/

reference_id

mfsa2023-31

reference_type

scores

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-22T15:25:12Z/

url

https://www.mozilla.org/security/advisories/mfsa2023-31/

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2023-32

reference_id

mfsa2023-32

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2023-32

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2023-33

reference_id

mfsa2023-33

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2023-33

reference_url

https://lists.debian.org/debian-lts-announce/2023/08/msg00008.html

reference_id

msg00008.html

reference_type

scores

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-22T15:25:12Z/

url

https://lists.debian.org/debian-lts-announce/2023/08/msg00008.html

reference_url

https://lists.debian.org/debian-lts-announce/2023/08/msg00010.html

reference_id

msg00010.html

reference_type

scores

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-22T15:25:12Z/

url

https://lists.debian.org/debian-lts-announce/2023/08/msg00010.html

reference_url	https://access.redhat.com/errata/RHSA-2023:4460
reference_id	RHSA-2023:4460
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:4460

reference_url	https://access.redhat.com/errata/RHSA-2023:4461
reference_id	RHSA-2023:4461
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:4461

reference_url	https://access.redhat.com/errata/RHSA-2023:4462
reference_id	RHSA-2023:4462
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:4462

reference_url	https://access.redhat.com/errata/RHSA-2023:4463
reference_id	RHSA-2023:4463
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:4463

reference_url	https://access.redhat.com/errata/RHSA-2023:4464
reference_id	RHSA-2023:4464
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:4464

reference_url	https://access.redhat.com/errata/RHSA-2023:4465
reference_id	RHSA-2023:4465
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:4465

reference_url	https://access.redhat.com/errata/RHSA-2023:4468
reference_id	RHSA-2023:4468
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:4468

reference_url	https://access.redhat.com/errata/RHSA-2023:4469
reference_id	RHSA-2023:4469
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:4469

reference_url	https://access.redhat.com/errata/RHSA-2023:4492
reference_id	RHSA-2023:4492
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:4492

reference_url	https://access.redhat.com/errata/RHSA-2023:4493
reference_id	RHSA-2023:4493
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:4493

reference_url	https://access.redhat.com/errata/RHSA-2023:4494
reference_id	RHSA-2023:4494
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:4494

reference_url	https://access.redhat.com/errata/RHSA-2023:4495
reference_id	RHSA-2023:4495
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:4495

reference_url	https://access.redhat.com/errata/RHSA-2023:4496
reference_id	RHSA-2023:4496
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:4496

reference_url	https://access.redhat.com/errata/RHSA-2023:4497
reference_id	RHSA-2023:4497
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:4497

reference_url	https://access.redhat.com/errata/RHSA-2023:4499
reference_id	RHSA-2023:4499
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:4499

reference_url	https://access.redhat.com/errata/RHSA-2023:4500
reference_id	RHSA-2023:4500
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:4500

reference_url

https://bugzilla.mozilla.org/show_bug.cgi?id=1837686

reference_id

show_bug.cgi?id=1837686

reference_type

scores

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-22T15:25:12Z/

url

https://bugzilla.mozilla.org/show_bug.cgi?id=1837686

reference_url	https://usn.ubuntu.com/6267-1/
reference_id	USN-6267-1
reference_type
scores
url	https://usn.ubuntu.com/6267-1/

reference_url	https://usn.ubuntu.com/6333-1/
reference_id	USN-6333-1
reference_type
scores
url	https://usn.ubuntu.com/6333-1/

reference_url	https://usn.ubuntu.com/6406-1/
reference_id	USN-6406-1
reference_type
scores
url	https://usn.ubuntu.com/6406-1/

fixed_packages

url	pkg:ebuild/mail-client/thunderbird-bin@115.7.0
purl	pkg:ebuild/mail-client/thunderbird-bin@115.7.0
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:ebuild/mail-client/thunderbird-bin@115.7.0

aliases CVE-2023-4046

risk_score 4.0

exploitability 0.5

weighted_severity 8.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-p4f1-pshk-t7eq

url VCID-pbn8-ysn7-xkgt

vulnerability_id VCID-pbn8-ysn7-xkgt

summary

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-5730.json

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-5730.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2023-5730

reference_id

reference_type

scores

value	0.00489
scoring_system	epss
scoring_elements	0.65992
published_at	2026-06-11T12:55:00Z

value	0.00489
scoring_system	epss
scoring_elements	0.66088
published_at	2026-06-12T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2023-5730

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-5721
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-5721

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-5724
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-5724

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-5725
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-5725

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-5728
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-5728

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-5730
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-5730

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-5732
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-5732

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2245906
reference_id	2245906
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2245906

reference_url

https://bugzilla.mozilla.org/buglist.cgi?bug_id=1836607%2C1840918%2C1848694%2C1848833%2C1850191%2C1850259%2C1852596%2C1853201%2C1854002%2C1855306%2C1855640%2C1856695

reference_id

buglist.cgi?bug_id=1836607%2C1840918%2C1848694%2C1848833%2C1850191%2C1850259%2C1852596%2C1853201%2C1854002%2C1855306%2C1855640%2C1856695

reference_type

scores

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-09-11T18:25:19Z/

url

https://bugzilla.mozilla.org/buglist.cgi?bug_id=1836607%2C1840918%2C1848694%2C1848833%2C1850191%2C1850259%2C1852596%2C1853201%2C1854002%2C1855306%2C1855640%2C1856695

reference_url

reference_id

dsa-5535

reference_type

scores

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-09-11T18:25:19Z/

url

reference_url

reference_id

dsa-5538

reference_type

scores

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-09-11T18:25:19Z/

url

https://www.mozilla.org/en-US/security/advisories/mfsa2023-45

reference_url	https://security.gentoo.org/glsa/202402-25
reference_id	GLSA-202402-25
reference_type
scores
url	https://security.gentoo.org/glsa/202402-25

reference_url

reference_id

mfsa2023-45

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2023-45

reference_url

https://www.mozilla.org/security/advisories/mfsa2023-45/

reference_id

mfsa2023-45

reference_type

scores

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-09-11T18:25:19Z/

url

https://www.mozilla.org/security/advisories/mfsa2023-45/

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2023-46

reference_id

mfsa2023-46

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2023-46

reference_url

https://www.mozilla.org/security/advisories/mfsa2023-46/

reference_id

mfsa2023-46

reference_type

scores

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-09-11T18:25:19Z/

url

https://www.mozilla.org/security/advisories/mfsa2023-46/

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2023-47

reference_id

mfsa2023-47

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2023-47

reference_url

https://www.mozilla.org/security/advisories/mfsa2023-47/

reference_id

mfsa2023-47

reference_type

scores

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-09-11T18:25:19Z/

url

https://www.mozilla.org/security/advisories/mfsa2023-47/

reference_url

https://lists.debian.org/debian-lts-announce/2023/10/msg00037.html

reference_id

msg00037.html

reference_type

scores

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-09-11T18:25:19Z/

url

https://lists.debian.org/debian-lts-announce/2023/10/msg00037.html

reference_url

https://lists.debian.org/debian-lts-announce/2023/10/msg00042.html

reference_id

msg00042.html

reference_type

scores

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-09-11T18:25:19Z/

url

https://lists.debian.org/debian-lts-announce/2023/10/msg00042.html

reference_url	https://access.redhat.com/errata/RHSA-2023:6162
reference_id	RHSA-2023:6162
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:6162

reference_url	https://access.redhat.com/errata/RHSA-2023:6185
reference_id	RHSA-2023:6185
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:6185

reference_url	https://access.redhat.com/errata/RHSA-2023:6186
reference_id	RHSA-2023:6186
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:6186

reference_url	https://access.redhat.com/errata/RHSA-2023:6187
reference_id	RHSA-2023:6187
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:6187

reference_url	https://access.redhat.com/errata/RHSA-2023:6188
reference_id	RHSA-2023:6188
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:6188

reference_url	https://access.redhat.com/errata/RHSA-2023:6189
reference_id	RHSA-2023:6189
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:6189

reference_url	https://access.redhat.com/errata/RHSA-2023:6191
reference_id	RHSA-2023:6191
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:6191

reference_url	https://access.redhat.com/errata/RHSA-2023:6194
reference_id	RHSA-2023:6194
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:6194

reference_url	https://access.redhat.com/errata/RHSA-2023:6195
reference_id	RHSA-2023:6195
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:6195

reference_url	https://access.redhat.com/errata/RHSA-2023:6196
reference_id	RHSA-2023:6196
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:6196

reference_url	https://access.redhat.com/errata/RHSA-2023:6197
reference_id	RHSA-2023:6197
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:6197

reference_url	https://access.redhat.com/errata/RHSA-2023:6198
reference_id	RHSA-2023:6198
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:6198

reference_url	https://access.redhat.com/errata/RHSA-2023:6199
reference_id	RHSA-2023:6199
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:6199

reference_url	https://usn.ubuntu.com/6456-1/
reference_id	USN-6456-1
reference_type
scores
url	https://usn.ubuntu.com/6456-1/

reference_url	https://usn.ubuntu.com/6468-1/
reference_id	USN-6468-1
reference_type
scores
url	https://usn.ubuntu.com/6468-1/

fixed_packages

url	pkg:ebuild/mail-client/thunderbird-bin@115.7.0
purl	pkg:ebuild/mail-client/thunderbird-bin@115.7.0
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:ebuild/mail-client/thunderbird-bin@115.7.0

aliases CVE-2023-5730

risk_score 4.4

exploitability 0.5

weighted_severity 8.8

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-pbn8-ysn7-xkgt

url VCID-r8g4-zz2s-sfh7

vulnerability_id VCID-r8g4-zz2s-sfh7

summary

A compromised content process could have provided malicious data to `FilterNodeD2D1` resulting in an out-of-bounds write, leading to a potentially exploitable crash in a privileged process.
*This bug only affects Firefox on Windows. Other operating systems are unaffected.* This vulnerability affects Firefox < 118, Firefox ESR < 115.3, and Thunderbird < 115.3.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-5168.json

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-5168.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2023-5168

reference_id

reference_type

scores

value	0.00256
scoring_system	epss
scoring_elements	0.49315
published_at	2026-06-11T12:55:00Z

value	0.00256
scoring_system	epss
scoring_elements	0.49452
published_at	2026-06-12T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2023-5168

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2240892
reference_id	2240892
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2240892

reference_url	https://security.gentoo.org/glsa/202402-25
reference_id	GLSA-202402-25
reference_type
scores
url	https://security.gentoo.org/glsa/202402-25

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2023-41

reference_id

mfsa2023-41

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2023-41

reference_url

https://www.mozilla.org/security/advisories/mfsa2023-41/

reference_id

mfsa2023-41

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-04-23T13:27:10Z/

url

https://www.mozilla.org/security/advisories/mfsa2023-41/

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2023-42

reference_id

mfsa2023-42

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2023-42

reference_url

https://www.mozilla.org/security/advisories/mfsa2023-42/

reference_id

mfsa2023-42

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-04-23T13:27:10Z/

url

https://www.mozilla.org/security/advisories/mfsa2023-42/

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2023-43

reference_id

mfsa2023-43

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2023-43

reference_url

https://www.mozilla.org/security/advisories/mfsa2023-43/

reference_id

mfsa2023-43

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-04-23T13:27:10Z/

url

https://www.mozilla.org/security/advisories/mfsa2023-43/

reference_url

https://bugzilla.mozilla.org/show_bug.cgi?id=1846683

reference_id

show_bug.cgi?id=1846683

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-04-23T13:27:10Z/

url

https://bugzilla.mozilla.org/show_bug.cgi?id=1846683

fixed_packages

url	pkg:ebuild/mail-client/thunderbird-bin@115.7.0
purl	pkg:ebuild/mail-client/thunderbird-bin@115.7.0
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:ebuild/mail-client/thunderbird-bin@115.7.0

aliases CVE-2023-5168

risk_score null

exploitability null

weighted_severity null

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-r8g4-zz2s-sfh7

url VCID-repv-chcv-4ff9

vulnerability_id VCID-repv-chcv-4ff9

summary Memory safety bugs present in Firefox 114, Firefox ESR 102.12, and Thunderbird 102.12. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 115, Firefox ESR < 102.13, and Thunderbird < 102.13.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-37211.json

reference_id

reference_type

scores

value	8.8
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-37211.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2023-37211

reference_id

reference_type

scores

value	0.00499
scoring_system	epss
scoring_elements	0.66364
published_at	2026-06-11T12:55:00Z

value	0.00499
scoring_system	epss
scoring_elements	0.66458
published_at	2026-06-12T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2023-37211

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-37201
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-37201

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-37202
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-37202

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-37207
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-37207

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-37208
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-37208

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-37211
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-37211

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2219751
reference_id	2219751
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2219751

reference_url

https://bugzilla.mozilla.org/buglist.cgi?bug_id=1832306%2C1834862%2C1835886%2C1836550%2C1837450

reference_id

buglist.cgi?bug_id=1832306%2C1834862%2C1835886%2C1836550%2C1837450

reference_type

scores

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-11-20T21:32:28Z/

url

https://bugzilla.mozilla.org/buglist.cgi?bug_id=1832306%2C1834862%2C1835886%2C1836550%2C1837450

reference_url

reference_id

dsa-5450

reference_type

scores

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-11-20T21:32:28Z/

url

reference_url

reference_id

dsa-5451

reference_type

scores

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-11-20T21:32:28Z/

url

https://www.mozilla.org/en-US/security/advisories/mfsa2023-22

reference_url	https://security.gentoo.org/glsa/202402-25
reference_id	GLSA-202402-25
reference_type
scores
url	https://security.gentoo.org/glsa/202402-25

reference_url

reference_id

mfsa2023-22

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2023-22

reference_url

https://www.mozilla.org/security/advisories/mfsa2023-22/

reference_id

mfsa2023-22

reference_type

scores

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-11-20T21:32:28Z/

url

https://www.mozilla.org/security/advisories/mfsa2023-22/

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2023-23

reference_id

mfsa2023-23

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2023-23

reference_url

https://www.mozilla.org/security/advisories/mfsa2023-23/

reference_id

mfsa2023-23

reference_type

scores

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-11-20T21:32:28Z/

url

https://www.mozilla.org/security/advisories/mfsa2023-23/

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2023-24

reference_id

mfsa2023-24

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2023-24

reference_url

https://www.mozilla.org/security/advisories/mfsa2023-24/

reference_id

mfsa2023-24

reference_type

scores

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-11-20T21:32:28Z/

url

https://www.mozilla.org/security/advisories/mfsa2023-24/

reference_url

https://lists.debian.org/debian-lts-announce/2023/07/msg00006.html

reference_id

msg00006.html

reference_type

scores

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-11-20T21:32:28Z/

url

https://lists.debian.org/debian-lts-announce/2023/07/msg00006.html

reference_url

https://lists.debian.org/debian-lts-announce/2023/07/msg00015.html

reference_id

msg00015.html

reference_type

scores

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-11-20T21:32:28Z/

url

https://lists.debian.org/debian-lts-announce/2023/07/msg00015.html

reference_url	https://access.redhat.com/errata/RHSA-2023:4062
reference_id	RHSA-2023:4062
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:4062

reference_url	https://access.redhat.com/errata/RHSA-2023:4063
reference_id	RHSA-2023:4063
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:4063

reference_url	https://access.redhat.com/errata/RHSA-2023:4064
reference_id	RHSA-2023:4064
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:4064

reference_url	https://access.redhat.com/errata/RHSA-2023:4065
reference_id	RHSA-2023:4065
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:4065

reference_url	https://access.redhat.com/errata/RHSA-2023:4066
reference_id	RHSA-2023:4066
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:4066

reference_url	https://access.redhat.com/errata/RHSA-2023:4067
reference_id	RHSA-2023:4067
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:4067

reference_url	https://access.redhat.com/errata/RHSA-2023:4068
reference_id	RHSA-2023:4068
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:4068

reference_url	https://access.redhat.com/errata/RHSA-2023:4069
reference_id	RHSA-2023:4069
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:4069

reference_url	https://access.redhat.com/errata/RHSA-2023:4070
reference_id	RHSA-2023:4070
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:4070

reference_url	https://access.redhat.com/errata/RHSA-2023:4071
reference_id	RHSA-2023:4071
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:4071

reference_url	https://access.redhat.com/errata/RHSA-2023:4072
reference_id	RHSA-2023:4072
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:4072

reference_url	https://access.redhat.com/errata/RHSA-2023:4073
reference_id	RHSA-2023:4073
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:4073

reference_url	https://access.redhat.com/errata/RHSA-2023:4074
reference_id	RHSA-2023:4074
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:4074

reference_url	https://access.redhat.com/errata/RHSA-2023:4075
reference_id	RHSA-2023:4075
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:4075

reference_url	https://access.redhat.com/errata/RHSA-2023:4076
reference_id	RHSA-2023:4076
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:4076

reference_url	https://access.redhat.com/errata/RHSA-2023:4079
reference_id	RHSA-2023:4079
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:4079

reference_url	https://usn.ubuntu.com/6201-1/
reference_id	USN-6201-1
reference_type
scores
url	https://usn.ubuntu.com/6201-1/

reference_url	https://usn.ubuntu.com/6214-1/
reference_id	USN-6214-1
reference_type
scores
url	https://usn.ubuntu.com/6214-1/

reference_url	https://usn.ubuntu.com/6227-1/
reference_id	USN-6227-1
reference_type
scores
url	https://usn.ubuntu.com/6227-1/

fixed_packages

url	pkg:ebuild/mail-client/thunderbird-bin@115.7.0
purl	pkg:ebuild/mail-client/thunderbird-bin@115.7.0
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:ebuild/mail-client/thunderbird-bin@115.7.0

aliases CVE-2023-37211

risk_score 4.0

exploitability 0.5

weighted_severity 8.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-repv-chcv-4ff9

url VCID-rg51-rzun-u7aq

vulnerability_id VCID-rg51-rzun-u7aq

summary

If Windows failed to duplicate a handle during process creation, the sandbox code may have inadvertently freed a pointer twice, resulting in a use-after-free and a potentially exploitable crash.
*This bug only affects Firefox on Windows when run in non-standard configurations (such as using `runas`). Other operating systems are unaffected.* This vulnerability affects Firefox < 118, Firefox ESR < 115.3, and Thunderbird < 115.3.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-5174.json

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-5174.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2023-5174

reference_id

reference_type

scores

value	0.00445
scoring_system	epss
scoring_elements	0.63961
published_at	2026-06-12T12:55:00Z

value	0.00445
scoring_system	epss
scoring_elements	0.63858
published_at	2026-06-11T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2023-5174

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2240895
reference_id	2240895
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2240895

reference_url	https://security.gentoo.org/glsa/202402-25
reference_id	GLSA-202402-25
reference_type
scores
url	https://security.gentoo.org/glsa/202402-25

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2023-41

reference_id

mfsa2023-41

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2023-41

reference_url

https://www.mozilla.org/security/advisories/mfsa2023-41/

reference_id

mfsa2023-41

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-04-23T13:27:08Z/

url

https://www.mozilla.org/security/advisories/mfsa2023-41/

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2023-42

reference_id

mfsa2023-42

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2023-42

reference_url

https://www.mozilla.org/security/advisories/mfsa2023-42/

reference_id

mfsa2023-42

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-04-23T13:27:08Z/

url

https://www.mozilla.org/security/advisories/mfsa2023-42/

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2023-43

reference_id

mfsa2023-43

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2023-43

reference_url

https://www.mozilla.org/security/advisories/mfsa2023-43/

reference_id

mfsa2023-43

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-04-23T13:27:08Z/

url

https://www.mozilla.org/security/advisories/mfsa2023-43/

reference_url

https://bugzilla.mozilla.org/show_bug.cgi?id=1848454

reference_id

show_bug.cgi?id=1848454

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-04-23T13:27:08Z/

url

https://bugzilla.mozilla.org/show_bug.cgi?id=1848454

fixed_packages

url	pkg:ebuild/mail-client/thunderbird-bin@115.7.0
purl	pkg:ebuild/mail-client/thunderbird-bin@115.7.0
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:ebuild/mail-client/thunderbird-bin@115.7.0

aliases CVE-2023-5174

risk_score null

exploitability null

weighted_severity null

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-rg51-rzun-u7aq

url VCID-rqb9-n7mt-wkce

vulnerability_id VCID-rqb9-n7mt-wkce

summary

When opening appref-ms files, Firefox did not warn the user that these files may contain malicious code. 
*This bug only affects Firefox on Windows. Other operating systems are unaffected.* This vulnerability affects Firefox < 116, Firefox ESR < 102.14, Firefox ESR < 115.1, Thunderbird < 102.14, and Thunderbird < 115.1.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-4054.json

reference_id

reference_type

scores

value	6.1
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-4054.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2023-4054

reference_id

reference_type

scores

value	0.00034
scoring_system	epss
scoring_elements	0.10597
published_at	2026-06-12T12:55:00Z

value	0.00034
scoring_system	epss
scoring_elements	0.10539
published_at	2026-06-11T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2023-4054

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2228366
reference_id	2228366
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2228366

reference_url	https://security.gentoo.org/glsa/202402-25
reference_id	GLSA-202402-25
reference_type
scores
url	https://security.gentoo.org/glsa/202402-25

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2023-29

reference_id

mfsa2023-29

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2023-29

reference_url

https://www.mozilla.org/security/advisories/mfsa2023-29/

reference_id

mfsa2023-29

reference_type

scores

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-22T14:37:04Z/

url

https://www.mozilla.org/security/advisories/mfsa2023-29/

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2023-30

reference_id

mfsa2023-30

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2023-30

reference_url

https://www.mozilla.org/security/advisories/mfsa2023-30/

reference_id

mfsa2023-30

reference_type

scores

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-22T14:37:04Z/

url

https://www.mozilla.org/security/advisories/mfsa2023-30/

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2023-31

reference_id

mfsa2023-31

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2023-31

reference_url

https://www.mozilla.org/security/advisories/mfsa2023-31/

reference_id

mfsa2023-31

reference_type

scores

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-22T14:37:04Z/

url

https://www.mozilla.org/security/advisories/mfsa2023-31/

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2023-32

reference_id

mfsa2023-32

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2023-32

reference_url

https://www.mozilla.org/security/advisories/mfsa2023-32/

reference_id

mfsa2023-32

reference_type

scores

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-22T14:37:04Z/

url

https://www.mozilla.org/security/advisories/mfsa2023-32/

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2023-33

reference_id

mfsa2023-33

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2023-33

reference_url

https://www.mozilla.org/security/advisories/mfsa2023-33/

reference_id

mfsa2023-33

reference_type

scores

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-22T14:37:04Z/

url

https://www.mozilla.org/security/advisories/mfsa2023-33/

reference_url

https://bugzilla.mozilla.org/show_bug.cgi?id=1840777

reference_id

show_bug.cgi?id=1840777

reference_type

scores

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-22T14:37:04Z/

url

https://bugzilla.mozilla.org/show_bug.cgi?id=1840777

fixed_packages

url	pkg:ebuild/mail-client/thunderbird-bin@115.7.0
purl	pkg:ebuild/mail-client/thunderbird-bin@115.7.0
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:ebuild/mail-client/thunderbird-bin@115.7.0

aliases CVE-2023-4054

risk_score null

exploitability null

weighted_severity null

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-rqb9-n7mt-wkce

url VCID-rrdh-n6hv-h3er

vulnerability_id VCID-rrdh-n6hv-h3er

summary

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-5726.json

reference_id

reference_type

scores

value	6.1
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-5726.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2023-5726

reference_id

reference_type

scores

value	0.00173
scoring_system	epss
scoring_elements	0.3873
published_at	2026-06-12T12:55:00Z

value	0.00173
scoring_system	epss
scoring_elements	0.38558
published_at	2026-06-11T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2023-5726

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	6.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2245901
reference_id	2245901
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2245901

reference_url	https://security.gentoo.org/glsa/202402-25
reference_id	GLSA-202402-25
reference_type
scores
url	https://security.gentoo.org/glsa/202402-25

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2023-45

reference_id

mfsa2023-45

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2023-45

reference_url

https://www.mozilla.org/security/advisories/mfsa2023-45/

reference_id

mfsa2023-45

reference_type

scores

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-11T18:53:41Z/

url

https://www.mozilla.org/security/advisories/mfsa2023-45/

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2023-46

reference_id

mfsa2023-46

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2023-46

reference_url

https://www.mozilla.org/security/advisories/mfsa2023-46/

reference_id

mfsa2023-46

reference_type

scores

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-11T18:53:41Z/

url

https://www.mozilla.org/security/advisories/mfsa2023-46/

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2023-47

reference_id

mfsa2023-47

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2023-47

reference_url

https://www.mozilla.org/security/advisories/mfsa2023-47/

reference_id

mfsa2023-47

reference_type

scores

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-11T18:53:41Z/

url

https://www.mozilla.org/security/advisories/mfsa2023-47/

reference_url

https://bugzilla.mozilla.org/show_bug.cgi?id=1846205

reference_id

show_bug.cgi?id=1846205

reference_type

scores

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-11T18:53:41Z/

url

https://bugzilla.mozilla.org/show_bug.cgi?id=1846205

fixed_packages

url	pkg:ebuild/mail-client/thunderbird-bin@115.7.0
purl	pkg:ebuild/mail-client/thunderbird-bin@115.7.0
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:ebuild/mail-client/thunderbird-bin@115.7.0

aliases CVE-2023-5726

risk_score null

exploitability null

weighted_severity null

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-rrdh-n6hv-h3er

url VCID-sad1-y5ww-tbet

vulnerability_id VCID-sad1-y5ww-tbet

summary Multiple vulnerabilities have been discovered in Mozilla Thunderbird, the worst of which could lead to remote code execution.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-6856.json

reference_id

reference_type

scores

value	8.8
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-6856.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2023-6856

reference_id

reference_type

scores

value	0.10471
scoring_system	epss
scoring_elements	0.93408
published_at	2026-06-11T12:55:00Z

value	0.10471
scoring_system	epss
scoring_elements	0.9343
published_at	2026-06-12T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2023-6856

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-50761
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-50761

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-50762
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-50762

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6856
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6856

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6857
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6857

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6858
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6858

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6859
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6859

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6860
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6860

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6861
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6861

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6862
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6862

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6863
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6863

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6864
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6864

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6865
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6865

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6867
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6867

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6873
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6873

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2255360
reference_id	2255360
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2255360

reference_url	https://security.gentoo.org/glsa/202402-25
reference_id	GLSA-202402-25
reference_type
scores
url	https://security.gentoo.org/glsa/202402-25

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2023-54

reference_id

mfsa2023-54

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2023-54

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2023-55

reference_id

mfsa2023-55

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2023-55

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2023-56

reference_id

mfsa2023-56

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2023-56

reference_url	https://access.redhat.com/errata/RHSA-2024:0001
reference_id	RHSA-2024:0001
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0001

reference_url	https://access.redhat.com/errata/RHSA-2024:0002
reference_id	RHSA-2024:0002
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0002

reference_url	https://access.redhat.com/errata/RHSA-2024:0003
reference_id	RHSA-2024:0003
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0003

reference_url	https://access.redhat.com/errata/RHSA-2024:0004
reference_id	RHSA-2024:0004
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0004

reference_url	https://access.redhat.com/errata/RHSA-2024:0005
reference_id	RHSA-2024:0005
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0005

reference_url	https://access.redhat.com/errata/RHSA-2024:0011
reference_id	RHSA-2024:0011
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0011

reference_url	https://access.redhat.com/errata/RHSA-2024:0012
reference_id	RHSA-2024:0012
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0012

reference_url	https://access.redhat.com/errata/RHSA-2024:0019
reference_id	RHSA-2024:0019
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0019

reference_url	https://access.redhat.com/errata/RHSA-2024:0021
reference_id	RHSA-2024:0021
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0021

reference_url	https://access.redhat.com/errata/RHSA-2024:0022
reference_id	RHSA-2024:0022
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0022

reference_url	https://access.redhat.com/errata/RHSA-2024:0023
reference_id	RHSA-2024:0023
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0023

reference_url	https://access.redhat.com/errata/RHSA-2024:0024
reference_id	RHSA-2024:0024
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0024

reference_url	https://access.redhat.com/errata/RHSA-2024:0025
reference_id	RHSA-2024:0025
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0025

reference_url	https://access.redhat.com/errata/RHSA-2024:0026
reference_id	RHSA-2024:0026
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0026

reference_url	https://access.redhat.com/errata/RHSA-2024:0027
reference_id	RHSA-2024:0027
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0027

reference_url	https://access.redhat.com/errata/RHSA-2024:0028
reference_id	RHSA-2024:0028
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0028

reference_url	https://access.redhat.com/errata/RHSA-2024:0029
reference_id	RHSA-2024:0029
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0029

reference_url	https://access.redhat.com/errata/RHSA-2024:0030
reference_id	RHSA-2024:0030
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0030

reference_url	https://usn.ubuntu.com/6562-1/
reference_id	USN-6562-1
reference_type
scores
url	https://usn.ubuntu.com/6562-1/

reference_url	https://usn.ubuntu.com/6563-1/
reference_id	USN-6563-1
reference_type
scores
url	https://usn.ubuntu.com/6563-1/

fixed_packages

url	pkg:ebuild/mail-client/thunderbird-bin@115.7.0
purl	pkg:ebuild/mail-client/thunderbird-bin@115.7.0
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:ebuild/mail-client/thunderbird-bin@115.7.0

aliases CVE-2023-6856

risk_score 4.0

exploitability 0.5

weighted_severity 8.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-sad1-y5ww-tbet

url VCID-sjz7-uqrt-1ua8

vulnerability_id VCID-sjz7-uqrt-1ua8

summary Multiple vulnerabilities have been discovered in Mozilla Thunderbird, the worst of which could lead to remote code execution.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-6860.json

reference_id

reference_type

scores

value	6.1
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-6860.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2023-6860

reference_id

reference_type

scores

value	0.00434
scoring_system	epss
scoring_elements	0.63262
published_at	2026-06-11T12:55:00Z

value	0.00434
scoring_system	epss
scoring_elements	0.63364
published_at	2026-06-12T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2023-6860

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-50761
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-50761

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-50762
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-50762

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6856
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6856

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6857
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6857

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6858
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6858

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6859
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6859

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6860
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6860

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6861
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6861

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6862
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6862

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6863
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6863

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6864
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6864

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6865
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6865

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6867
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6867

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6873
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6873

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2255365
reference_id	2255365
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2255365

reference_url	https://security.gentoo.org/glsa/202402-25
reference_id	GLSA-202402-25
reference_type
scores
url	https://security.gentoo.org/glsa/202402-25

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2023-54

reference_id

mfsa2023-54

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2023-54

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2023-55

reference_id

mfsa2023-55

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2023-55

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2023-56

reference_id

mfsa2023-56

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2023-56

reference_url	https://access.redhat.com/errata/RHSA-2024:0001
reference_id	RHSA-2024:0001
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0001

reference_url	https://access.redhat.com/errata/RHSA-2024:0002
reference_id	RHSA-2024:0002
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0002

reference_url	https://access.redhat.com/errata/RHSA-2024:0003
reference_id	RHSA-2024:0003
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0003

reference_url	https://access.redhat.com/errata/RHSA-2024:0004
reference_id	RHSA-2024:0004
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0004

reference_url	https://access.redhat.com/errata/RHSA-2024:0005
reference_id	RHSA-2024:0005
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0005

reference_url	https://access.redhat.com/errata/RHSA-2024:0011
reference_id	RHSA-2024:0011
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0011

reference_url	https://access.redhat.com/errata/RHSA-2024:0012
reference_id	RHSA-2024:0012
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0012

reference_url	https://access.redhat.com/errata/RHSA-2024:0019
reference_id	RHSA-2024:0019
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0019

reference_url	https://access.redhat.com/errata/RHSA-2024:0021
reference_id	RHSA-2024:0021
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0021

reference_url	https://access.redhat.com/errata/RHSA-2024:0022
reference_id	RHSA-2024:0022
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0022

reference_url	https://access.redhat.com/errata/RHSA-2024:0023
reference_id	RHSA-2024:0023
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0023

reference_url	https://access.redhat.com/errata/RHSA-2024:0024
reference_id	RHSA-2024:0024
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0024

reference_url	https://access.redhat.com/errata/RHSA-2024:0025
reference_id	RHSA-2024:0025
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0025

reference_url	https://access.redhat.com/errata/RHSA-2024:0026
reference_id	RHSA-2024:0026
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0026

reference_url	https://access.redhat.com/errata/RHSA-2024:0027
reference_id	RHSA-2024:0027
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0027

reference_url	https://access.redhat.com/errata/RHSA-2024:0028
reference_id	RHSA-2024:0028
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0028

reference_url	https://access.redhat.com/errata/RHSA-2024:0029
reference_id	RHSA-2024:0029
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0029

reference_url	https://access.redhat.com/errata/RHSA-2024:0030
reference_id	RHSA-2024:0030
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0030

reference_url	https://usn.ubuntu.com/6562-1/
reference_id	USN-6562-1
reference_type
scores
url	https://usn.ubuntu.com/6562-1/

reference_url	https://usn.ubuntu.com/6563-1/
reference_id	USN-6563-1
reference_type
scores
url	https://usn.ubuntu.com/6563-1/

fixed_packages

url	pkg:ebuild/mail-client/thunderbird-bin@115.7.0
purl	pkg:ebuild/mail-client/thunderbird-bin@115.7.0
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:ebuild/mail-client/thunderbird-bin@115.7.0

aliases CVE-2023-6860

risk_score 4.0

exploitability 0.5

weighted_severity 8.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-sjz7-uqrt-1ua8

url VCID-stbg-nwyy-qqee

vulnerability_id VCID-stbg-nwyy-qqee

summary In some cases, an untrusted input stream was copied to a stack buffer without checking its size. This resulted in a potentially exploitable crash which could have led to a sandbox escape. This vulnerability affects Firefox < 116, Firefox ESR < 102.14, and Firefox ESR < 115.1.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-4050.json

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-4050.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2023-4050

reference_id

reference_type

scores

value	0.03618
scoring_system	epss
scoring_elements	0.88103
published_at	2026-06-12T12:55:00Z

value	0.03618
scoring_system	epss
scoring_elements	0.88063
published_at	2026-06-11T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2023-4050

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-4045
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-4045

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-4046
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-4046

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-4047
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-4047

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-4048
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-4048

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-4049
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-4049

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-4050
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-4050

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-4055
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-4055

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-4056
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-4056

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2228365
reference_id	2228365
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2228365

reference_url

reference_id

dsa-5464

reference_type

scores

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-22T14:46:27Z/

url

reference_url

reference_id

dsa-5469

reference_type

scores

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-22T14:46:27Z/

url

https://www.mozilla.org/en-US/security/advisories/mfsa2023-29

reference_url	https://security.gentoo.org/glsa/202402-25
reference_id	GLSA-202402-25
reference_type
scores
url	https://security.gentoo.org/glsa/202402-25

reference_url

reference_id

mfsa2023-29

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2023-29

reference_url

https://www.mozilla.org/security/advisories/mfsa2023-29/

reference_id

mfsa2023-29

reference_type

scores

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-22T14:46:27Z/

url

https://www.mozilla.org/security/advisories/mfsa2023-29/

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2023-30

reference_id

mfsa2023-30

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2023-30

reference_url

https://www.mozilla.org/security/advisories/mfsa2023-30/

reference_id

mfsa2023-30

reference_type

scores

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-22T14:46:27Z/

url

https://www.mozilla.org/security/advisories/mfsa2023-30/

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2023-31

reference_id

mfsa2023-31

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2023-31

reference_url

https://www.mozilla.org/security/advisories/mfsa2023-31/

reference_id

mfsa2023-31

reference_type

scores

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-22T14:46:27Z/

url

https://www.mozilla.org/security/advisories/mfsa2023-31/

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2023-32

reference_id

mfsa2023-32

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2023-32

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2023-33

reference_id

mfsa2023-33

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2023-33

reference_url

https://lists.debian.org/debian-lts-announce/2023/08/msg00008.html

reference_id

msg00008.html

reference_type

scores

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-22T14:46:27Z/

url

https://lists.debian.org/debian-lts-announce/2023/08/msg00008.html

reference_url

https://lists.debian.org/debian-lts-announce/2023/08/msg00010.html

reference_id

msg00010.html

reference_type

scores

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-22T14:46:27Z/

url

https://lists.debian.org/debian-lts-announce/2023/08/msg00010.html

reference_url	https://access.redhat.com/errata/RHSA-2023:4460
reference_id	RHSA-2023:4460
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:4460

reference_url	https://access.redhat.com/errata/RHSA-2023:4461
reference_id	RHSA-2023:4461
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:4461

reference_url	https://access.redhat.com/errata/RHSA-2023:4462
reference_id	RHSA-2023:4462
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:4462

reference_url	https://access.redhat.com/errata/RHSA-2023:4463
reference_id	RHSA-2023:4463
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:4463

reference_url	https://access.redhat.com/errata/RHSA-2023:4464
reference_id	RHSA-2023:4464
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:4464

reference_url	https://access.redhat.com/errata/RHSA-2023:4465
reference_id	RHSA-2023:4465
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:4465

reference_url	https://access.redhat.com/errata/RHSA-2023:4468
reference_id	RHSA-2023:4468
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:4468

reference_url	https://access.redhat.com/errata/RHSA-2023:4469
reference_id	RHSA-2023:4469
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:4469

reference_url	https://access.redhat.com/errata/RHSA-2023:4492
reference_id	RHSA-2023:4492
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:4492

reference_url	https://access.redhat.com/errata/RHSA-2023:4493
reference_id	RHSA-2023:4493
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:4493

reference_url	https://access.redhat.com/errata/RHSA-2023:4494
reference_id	RHSA-2023:4494
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:4494

reference_url	https://access.redhat.com/errata/RHSA-2023:4495
reference_id	RHSA-2023:4495
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:4495

reference_url	https://access.redhat.com/errata/RHSA-2023:4496
reference_id	RHSA-2023:4496
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:4496

reference_url	https://access.redhat.com/errata/RHSA-2023:4497
reference_id	RHSA-2023:4497
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:4497

reference_url	https://access.redhat.com/errata/RHSA-2023:4499
reference_id	RHSA-2023:4499
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:4499

reference_url	https://access.redhat.com/errata/RHSA-2023:4500
reference_id	RHSA-2023:4500
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:4500

reference_url

https://bugzilla.mozilla.org/show_bug.cgi?id=1843038

reference_id

show_bug.cgi?id=1843038

reference_type

scores

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-22T14:46:27Z/

url

https://bugzilla.mozilla.org/show_bug.cgi?id=1843038

reference_url	https://usn.ubuntu.com/6267-1/
reference_id	USN-6267-1
reference_type
scores
url	https://usn.ubuntu.com/6267-1/

reference_url	https://usn.ubuntu.com/6333-1/
reference_id	USN-6333-1
reference_type
scores
url	https://usn.ubuntu.com/6333-1/

fixed_packages

url	pkg:ebuild/mail-client/thunderbird-bin@115.7.0
purl	pkg:ebuild/mail-client/thunderbird-bin@115.7.0
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:ebuild/mail-client/thunderbird-bin@115.7.0

aliases CVE-2023-4050

risk_score 4.0

exploitability 0.5

weighted_severity 8.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-stbg-nwyy-qqee

url VCID-t47p-2dtq-q3ex

vulnerability_id VCID-t47p-2dtq-q3ex

summary Memory safety bugs present in Firefox 119, Firefox ESR 115.4, and Thunderbird 115.4. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 120, Firefox ESR < 115.5.0, and Thunderbird < 115.5.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-6212.json

reference_id

reference_type

scores

value	8.8
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-6212.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2023-6212

reference_id

reference_type

scores

value	0.00297
scoring_system	epss
scoring_elements	0.53533
published_at	2026-06-11T12:55:00Z

value	0.00297
scoring_system	epss
scoring_elements	0.53659
published_at	2026-06-12T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2023-6212

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6204
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6204

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6205
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6205

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6206
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6206

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6207
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6207

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6208
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6208

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6209
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6209

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6212
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6212

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2250902
reference_id	2250902
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2250902

reference_url

https://bugzilla.mozilla.org/buglist.cgi?bug_id=1658432%2C1820983%2C1829252%2C1856072%2C1856091%2C1859030%2C1860943%2C1862782

reference_id

buglist.cgi?bug_id=1658432%2C1820983%2C1829252%2C1856072%2C1856091%2C1859030%2C1860943%2C1862782

reference_type

scores

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2023-11-22T18:37:05Z/

url

https://bugzilla.mozilla.org/buglist.cgi?bug_id=1658432%2C1820983%2C1829252%2C1856072%2C1856091%2C1859030%2C1860943%2C1862782

reference_url

reference_id

dsa-5561

reference_type

scores

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2023-11-22T18:37:05Z/

url

https://www.mozilla.org/en-US/security/advisories/mfsa2023-49

reference_url	https://security.gentoo.org/glsa/202402-25
reference_id	GLSA-202402-25
reference_type
scores
url	https://security.gentoo.org/glsa/202402-25

reference_url

reference_id

mfsa2023-49

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2023-49

reference_url

https://www.mozilla.org/security/advisories/mfsa2023-49/

reference_id

mfsa2023-49

reference_type

scores

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2023-11-22T18:37:05Z/

url

https://www.mozilla.org/security/advisories/mfsa2023-49/

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2023-50

reference_id

mfsa2023-50

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2023-50

reference_url

https://www.mozilla.org/security/advisories/mfsa2023-50/

reference_id

mfsa2023-50

reference_type

scores

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2023-11-22T18:37:05Z/

url

https://www.mozilla.org/security/advisories/mfsa2023-50/

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2023-52

reference_id

mfsa2023-52

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2023-52

reference_url

https://www.mozilla.org/security/advisories/mfsa2023-52/

reference_id

mfsa2023-52

reference_type

scores

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2023-11-22T18:37:05Z/

url

https://www.mozilla.org/security/advisories/mfsa2023-52/

reference_url

https://lists.debian.org/debian-lts-announce/2023/11/msg00017.html

reference_id

msg00017.html

reference_type

scores

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2023-11-22T18:37:05Z/

url

https://lists.debian.org/debian-lts-announce/2023/11/msg00017.html

reference_url

https://lists.debian.org/debian-lts-announce/2023/11/msg00030.html

reference_id

msg00030.html

reference_type

scores

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2023-11-22T18:37:05Z/

url

https://lists.debian.org/debian-lts-announce/2023/11/msg00030.html

reference_url	https://access.redhat.com/errata/RHSA-2023:7499
reference_id	RHSA-2023:7499
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:7499

reference_url	https://access.redhat.com/errata/RHSA-2023:7500
reference_id	RHSA-2023:7500
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:7500

reference_url	https://access.redhat.com/errata/RHSA-2023:7501
reference_id	RHSA-2023:7501
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:7501

reference_url	https://access.redhat.com/errata/RHSA-2023:7502
reference_id	RHSA-2023:7502
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:7502

reference_url	https://access.redhat.com/errata/RHSA-2023:7503
reference_id	RHSA-2023:7503
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:7503

reference_url	https://access.redhat.com/errata/RHSA-2023:7504
reference_id	RHSA-2023:7504
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:7504

reference_url	https://access.redhat.com/errata/RHSA-2023:7505
reference_id	RHSA-2023:7505
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:7505

reference_url	https://access.redhat.com/errata/RHSA-2023:7506
reference_id	RHSA-2023:7506
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:7506

reference_url	https://access.redhat.com/errata/RHSA-2023:7507
reference_id	RHSA-2023:7507
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:7507

reference_url	https://access.redhat.com/errata/RHSA-2023:7508
reference_id	RHSA-2023:7508
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:7508

reference_url	https://access.redhat.com/errata/RHSA-2023:7509
reference_id	RHSA-2023:7509
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:7509

reference_url	https://access.redhat.com/errata/RHSA-2023:7510
reference_id	RHSA-2023:7510
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:7510

reference_url	https://access.redhat.com/errata/RHSA-2023:7511
reference_id	RHSA-2023:7511
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:7511

reference_url	https://access.redhat.com/errata/RHSA-2023:7512
reference_id	RHSA-2023:7512
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:7512

reference_url	https://access.redhat.com/errata/RHSA-2023:7547
reference_id	RHSA-2023:7547
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:7547

reference_url	https://access.redhat.com/errata/RHSA-2023:7569
reference_id	RHSA-2023:7569
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:7569

reference_url	https://access.redhat.com/errata/RHSA-2023:7570
reference_id	RHSA-2023:7570
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:7570

reference_url	https://access.redhat.com/errata/RHSA-2023:7573
reference_id	RHSA-2023:7573
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:7573

reference_url	https://access.redhat.com/errata/RHSA-2023:7574
reference_id	RHSA-2023:7574
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:7574

reference_url	https://access.redhat.com/errata/RHSA-2023:7577
reference_id	RHSA-2023:7577
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:7577

reference_url	https://usn.ubuntu.com/6509-1/
reference_id	USN-6509-1
reference_type
scores
url	https://usn.ubuntu.com/6509-1/

reference_url	https://usn.ubuntu.com/6515-1/
reference_id	USN-6515-1
reference_type
scores
url	https://usn.ubuntu.com/6515-1/

fixed_packages

url	pkg:ebuild/mail-client/thunderbird-bin@115.7.0
purl	pkg:ebuild/mail-client/thunderbird-bin@115.7.0
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:ebuild/mail-client/thunderbird-bin@115.7.0

aliases CVE-2023-6212

risk_score 4.0

exploitability 0.5

weighted_severity 8.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-t47p-2dtq-q3ex

url VCID-uzu6-54x4-b3f9

vulnerability_id VCID-uzu6-54x4-b3f9

summary A website could have obscured the full screen notification by using a URL with a scheme handled by an external program, such as a mailto URL. This could have led to user confusion and possible spoofing attacks. This vulnerability affects Firefox < 116, Firefox ESR < 115.2, and Thunderbird < 115.2.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-4053.json

reference_id

reference_type

scores

value	6.1
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-4053.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2023-4053

reference_id

reference_type

scores

value	0.00145
scoring_system	epss
scoring_elements	0.34802
published_at	2026-06-12T12:55:00Z

value	0.00145
scoring_system	epss
scoring_elements	0.34624
published_at	2026-06-11T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2023-4053

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2236078
reference_id	2236078
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2236078

reference_url	https://security.gentoo.org/glsa/202402-25
reference_id	GLSA-202402-25
reference_type
scores
url	https://security.gentoo.org/glsa/202402-25

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2023-29

reference_id

mfsa2023-29

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2023-29

reference_url

https://www.mozilla.org/security/advisories/mfsa2023-29/

reference_id

mfsa2023-29

reference_type

scores

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-22T14:37:53Z/

url

https://www.mozilla.org/security/advisories/mfsa2023-29/

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2023-36

reference_id

mfsa2023-36

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2023-36

reference_url

https://www.mozilla.org/security/advisories/mfsa2023-36/

reference_id

mfsa2023-36

reference_type

scores

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-22T14:37:53Z/

url

https://www.mozilla.org/security/advisories/mfsa2023-36/

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2023-38

reference_id

mfsa2023-38

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2023-38

reference_url

https://www.mozilla.org/security/advisories/mfsa2023-38/

reference_id

mfsa2023-38

reference_type

scores

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-22T14:37:53Z/

url

https://www.mozilla.org/security/advisories/mfsa2023-38/

reference_url	https://access.redhat.com/errata/RHSA-2023:4945
reference_id	RHSA-2023:4945
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:4945

reference_url	https://access.redhat.com/errata/RHSA-2023:4946
reference_id	RHSA-2023:4946
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:4946

reference_url	https://access.redhat.com/errata/RHSA-2023:4947
reference_id	RHSA-2023:4947
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:4947

reference_url	https://access.redhat.com/errata/RHSA-2023:4948
reference_id	RHSA-2023:4948
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:4948

reference_url	https://access.redhat.com/errata/RHSA-2023:4949
reference_id	RHSA-2023:4949
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:4949

reference_url	https://access.redhat.com/errata/RHSA-2023:4950
reference_id	RHSA-2023:4950
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:4950

reference_url	https://access.redhat.com/errata/RHSA-2023:4951
reference_id	RHSA-2023:4951
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:4951

reference_url	https://access.redhat.com/errata/RHSA-2023:4952
reference_id	RHSA-2023:4952
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:4952

reference_url	https://access.redhat.com/errata/RHSA-2023:4954
reference_id	RHSA-2023:4954
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:4954

reference_url	https://access.redhat.com/errata/RHSA-2023:4955
reference_id	RHSA-2023:4955
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:4955

reference_url	https://access.redhat.com/errata/RHSA-2023:4956
reference_id	RHSA-2023:4956
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:4956

reference_url	https://access.redhat.com/errata/RHSA-2023:4957
reference_id	RHSA-2023:4957
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:4957

reference_url	https://access.redhat.com/errata/RHSA-2023:4958
reference_id	RHSA-2023:4958
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:4958

reference_url	https://access.redhat.com/errata/RHSA-2023:4959
reference_id	RHSA-2023:4959
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:4959

reference_url	https://access.redhat.com/errata/RHSA-2023:5019
reference_id	RHSA-2023:5019
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:5019

reference_url

https://bugzilla.mozilla.org/show_bug.cgi?id=1839079

reference_id

show_bug.cgi?id=1839079

reference_type

scores

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-22T14:37:53Z/

url

https://bugzilla.mozilla.org/show_bug.cgi?id=1839079

reference_url	https://usn.ubuntu.com/6267-1/
reference_id	USN-6267-1
reference_type
scores
url	https://usn.ubuntu.com/6267-1/

fixed_packages

url	pkg:ebuild/mail-client/thunderbird-bin@115.7.0
purl	pkg:ebuild/mail-client/thunderbird-bin@115.7.0
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:ebuild/mail-client/thunderbird-bin@115.7.0

aliases CVE-2023-4053

risk_score 4.0

exploitability 0.5

weighted_severity 8.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-uzu6-54x4-b3f9

url VCID-vfur-z7pc-kuf3

vulnerability_id VCID-vfur-z7pc-kuf3

summary When opening Diagcab files, Firefox did not warn the user that these files may contain malicious code. This vulnerability affects Firefox < 115, Firefox ESR < 102.13, and Thunderbird < 102.13.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-37208.json

reference_id

reference_type

scores

value	7.8
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-37208.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2023-37208

reference_id

reference_type

scores

value	0.00048
scoring_system	epss
scoring_elements	0.15374
published_at	2026-06-11T12:55:00Z

value	0.00048
scoring_system	epss
scoring_elements	0.15509
published_at	2026-06-12T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2023-37208

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-37201
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-37201

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-37202
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-37202

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-37207
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-37207

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-37208
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-37208

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-37211
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-37211

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2219750
reference_id	2219750
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2219750

reference_url

reference_id

dsa-5450

reference_type

scores

value	Track*
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2024-11-20T21:34:29Z/

url

reference_url

reference_id

dsa-5451

reference_type

scores

value	Track*
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2024-11-20T21:34:29Z/

url

https://www.mozilla.org/en-US/security/advisories/mfsa2023-22

reference_url	https://security.gentoo.org/glsa/202402-25
reference_id	GLSA-202402-25
reference_type
scores
url	https://security.gentoo.org/glsa/202402-25

reference_url

reference_id

mfsa2023-22

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2023-22

reference_url

https://www.mozilla.org/security/advisories/mfsa2023-22/

reference_id

mfsa2023-22

reference_type

scores

value	Track*
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2024-11-20T21:34:29Z/

url

https://www.mozilla.org/security/advisories/mfsa2023-22/

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2023-23

reference_id

mfsa2023-23

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2023-23

reference_url

https://www.mozilla.org/security/advisories/mfsa2023-23/

reference_id

mfsa2023-23

reference_type

scores

value	Track*
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2024-11-20T21:34:29Z/

url

https://www.mozilla.org/security/advisories/mfsa2023-23/

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2023-24

reference_id

mfsa2023-24

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2023-24

reference_url

https://www.mozilla.org/security/advisories/mfsa2023-24/

reference_id

mfsa2023-24

reference_type

scores

value	Track*
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2024-11-20T21:34:29Z/

url

https://www.mozilla.org/security/advisories/mfsa2023-24/

reference_url

https://lists.debian.org/debian-lts-announce/2023/07/msg00006.html

reference_id

msg00006.html

reference_type

scores

value	Track*
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2024-11-20T21:34:29Z/

url

https://lists.debian.org/debian-lts-announce/2023/07/msg00006.html

reference_url

https://lists.debian.org/debian-lts-announce/2023/07/msg00015.html

reference_id

msg00015.html

reference_type

scores

value	Track*
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2024-11-20T21:34:29Z/

url

https://lists.debian.org/debian-lts-announce/2023/07/msg00015.html

reference_url	https://access.redhat.com/errata/RHSA-2023:4062
reference_id	RHSA-2023:4062
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:4062

reference_url	https://access.redhat.com/errata/RHSA-2023:4063
reference_id	RHSA-2023:4063
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:4063

reference_url	https://access.redhat.com/errata/RHSA-2023:4064
reference_id	RHSA-2023:4064
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:4064

reference_url	https://access.redhat.com/errata/RHSA-2023:4065
reference_id	RHSA-2023:4065
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:4065

reference_url	https://access.redhat.com/errata/RHSA-2023:4066
reference_id	RHSA-2023:4066
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:4066

reference_url	https://access.redhat.com/errata/RHSA-2023:4067
reference_id	RHSA-2023:4067
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:4067

reference_url	https://access.redhat.com/errata/RHSA-2023:4068
reference_id	RHSA-2023:4068
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:4068

reference_url	https://access.redhat.com/errata/RHSA-2023:4069
reference_id	RHSA-2023:4069
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:4069

reference_url	https://access.redhat.com/errata/RHSA-2023:4070
reference_id	RHSA-2023:4070
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:4070

reference_url	https://access.redhat.com/errata/RHSA-2023:4071
reference_id	RHSA-2023:4071
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:4071

reference_url	https://access.redhat.com/errata/RHSA-2023:4072
reference_id	RHSA-2023:4072
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:4072

reference_url	https://access.redhat.com/errata/RHSA-2023:4073
reference_id	RHSA-2023:4073
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:4073

reference_url	https://access.redhat.com/errata/RHSA-2023:4074
reference_id	RHSA-2023:4074
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:4074

reference_url	https://access.redhat.com/errata/RHSA-2023:4075
reference_id	RHSA-2023:4075
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:4075

reference_url	https://access.redhat.com/errata/RHSA-2023:4076
reference_id	RHSA-2023:4076
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:4076

reference_url	https://access.redhat.com/errata/RHSA-2023:4079
reference_id	RHSA-2023:4079
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:4079

reference_url

https://bugzilla.mozilla.org/show_bug.cgi?id=1837675

reference_id

show_bug.cgi?id=1837675

reference_type

scores

value	Track*
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2024-11-20T21:34:29Z/

url

https://bugzilla.mozilla.org/show_bug.cgi?id=1837675

reference_url	https://usn.ubuntu.com/6201-1/
reference_id	USN-6201-1
reference_type
scores
url	https://usn.ubuntu.com/6201-1/

reference_url	https://usn.ubuntu.com/6214-1/
reference_id	USN-6214-1
reference_type
scores
url	https://usn.ubuntu.com/6214-1/

fixed_packages

url	pkg:ebuild/mail-client/thunderbird-bin@115.7.0
purl	pkg:ebuild/mail-client/thunderbird-bin@115.7.0
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:ebuild/mail-client/thunderbird-bin@115.7.0

aliases CVE-2023-37208

risk_score 4.0

exploitability 0.5

weighted_severity 8.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-vfur-z7pc-kuf3

url VCID-vqq5-t48g-z3ap

vulnerability_id VCID-vqq5-t48g-z3ap

summary

On Windows, an integer overflow could occur in `RecordedSourceSurfaceCreation` which resulted in a heap buffer overflow potentially leaking sensitive data that could have led to a sandbox escape.
*This bug only affects Firefox on Windows. Other operating systems are unaffected.* This vulnerability affects Firefox < 117, Firefox ESR < 102.15, Firefox ESR < 115.2, Thunderbird < 102.15, and Thunderbird < 115.2.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-4576.json

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-4576.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2023-4576

reference_id

reference_type

scores

value	0.00235
scoring_system	epss
scoring_elements	0.46841
published_at	2026-06-12T12:55:00Z

value	0.00235
scoring_system	epss
scoring_elements	0.46698
published_at	2026-06-11T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2023-4576

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2236074
reference_id	2236074
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2236074

reference_url	https://security.gentoo.org/glsa/202402-25
reference_id	GLSA-202402-25
reference_type
scores
url	https://security.gentoo.org/glsa/202402-25

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2023-34

reference_id

mfsa2023-34

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2023-34

reference_url

https://www.mozilla.org/security/advisories/mfsa2023-34/

reference_id

mfsa2023-34

reference_type

scores

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-09-26T14:57:46Z/

url

https://www.mozilla.org/security/advisories/mfsa2023-34/

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2023-35

reference_id

mfsa2023-35

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2023-35

reference_url

https://www.mozilla.org/security/advisories/mfsa2023-35/

reference_id

mfsa2023-35

reference_type

scores

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-09-26T14:57:46Z/

url

https://www.mozilla.org/security/advisories/mfsa2023-35/

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2023-36

reference_id

mfsa2023-36

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2023-36

reference_url

https://www.mozilla.org/security/advisories/mfsa2023-36/

reference_id

mfsa2023-36

reference_type

scores

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-09-26T14:57:46Z/

url

https://www.mozilla.org/security/advisories/mfsa2023-36/

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2023-37

reference_id

mfsa2023-37

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2023-37

reference_url

https://www.mozilla.org/security/advisories/mfsa2023-37/

reference_id

mfsa2023-37

reference_type

scores

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-09-26T14:57:46Z/

url

https://www.mozilla.org/security/advisories/mfsa2023-37/

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2023-38

reference_id

mfsa2023-38

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2023-38

reference_url

https://www.mozilla.org/security/advisories/mfsa2023-38/

reference_id

mfsa2023-38

reference_type

scores

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-09-26T14:57:46Z/

url

https://www.mozilla.org/security/advisories/mfsa2023-38/

reference_url

https://bugzilla.mozilla.org/show_bug.cgi?id=1846694

reference_id

show_bug.cgi?id=1846694

reference_type

scores

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-09-26T14:57:46Z/

url

https://bugzilla.mozilla.org/show_bug.cgi?id=1846694

fixed_packages

url	pkg:ebuild/mail-client/thunderbird-bin@115.7.0
purl	pkg:ebuild/mail-client/thunderbird-bin@115.7.0
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:ebuild/mail-client/thunderbird-bin@115.7.0

aliases CVE-2023-4576

risk_score null

exploitability null

weighted_severity null

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-vqq5-t48g-z3ap

url VCID-w2ww-tdyv-ryay

vulnerability_id VCID-w2ww-tdyv-ryay

summary An out-of-bounds read could have led to an exploitable crash when parsing HTML with DOMParser in low memory situations. This vulnerability affects Firefox < 116, Firefox ESR < 102.14, and Firefox ESR < 115.1.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-4048.json

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-4048.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2023-4048

reference_id

reference_type

scores

value	0.00328
scoring_system	epss
scoring_elements	0.56323
published_at	2026-06-12T12:55:00Z

value	0.00328
scoring_system	epss
scoring_elements	0.56203
published_at	2026-06-11T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2023-4048

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-4045
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-4045

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-4046
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-4046

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-4047
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-4047

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-4048
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-4048

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-4049
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-4049

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-4050
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-4050

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-4055
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-4055

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-4056
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-4056

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2228363
reference_id	2228363
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2228363

reference_url

reference_id

dsa-5464

reference_type

scores

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-22T15:12:49Z/

url

reference_url

reference_id

dsa-5469

reference_type

scores

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-22T15:12:49Z/

url

https://www.mozilla.org/en-US/security/advisories/mfsa2023-29

reference_url	https://security.gentoo.org/glsa/202402-25
reference_id	GLSA-202402-25
reference_type
scores
url	https://security.gentoo.org/glsa/202402-25

reference_url

reference_id

mfsa2023-29

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2023-29

reference_url

https://www.mozilla.org/security/advisories/mfsa2023-29/

reference_id

mfsa2023-29

reference_type

scores

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-22T15:12:49Z/

url

https://www.mozilla.org/security/advisories/mfsa2023-29/

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2023-30

reference_id

mfsa2023-30

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2023-30

reference_url

https://www.mozilla.org/security/advisories/mfsa2023-30/

reference_id

mfsa2023-30

reference_type

scores

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-22T15:12:49Z/

url

https://www.mozilla.org/security/advisories/mfsa2023-30/

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2023-31

reference_id

mfsa2023-31

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2023-31

reference_url

https://www.mozilla.org/security/advisories/mfsa2023-31/

reference_id

mfsa2023-31

reference_type

scores

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-22T15:12:49Z/

url

https://www.mozilla.org/security/advisories/mfsa2023-31/

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2023-32

reference_id

mfsa2023-32

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2023-32

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2023-33

reference_id

mfsa2023-33

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2023-33

reference_url

https://lists.debian.org/debian-lts-announce/2023/08/msg00008.html

reference_id

msg00008.html

reference_type

scores

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-22T15:12:49Z/

url

https://lists.debian.org/debian-lts-announce/2023/08/msg00008.html

reference_url

https://lists.debian.org/debian-lts-announce/2023/08/msg00010.html

reference_id

msg00010.html

reference_type

scores

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-22T15:12:49Z/

url

https://lists.debian.org/debian-lts-announce/2023/08/msg00010.html

reference_url	https://access.redhat.com/errata/RHSA-2023:4460
reference_id	RHSA-2023:4460
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:4460

reference_url	https://access.redhat.com/errata/RHSA-2023:4461
reference_id	RHSA-2023:4461
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:4461

reference_url	https://access.redhat.com/errata/RHSA-2023:4462
reference_id	RHSA-2023:4462
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:4462

reference_url	https://access.redhat.com/errata/RHSA-2023:4463
reference_id	RHSA-2023:4463
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:4463

reference_url	https://access.redhat.com/errata/RHSA-2023:4464
reference_id	RHSA-2023:4464
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:4464

reference_url	https://access.redhat.com/errata/RHSA-2023:4465
reference_id	RHSA-2023:4465
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:4465

reference_url	https://access.redhat.com/errata/RHSA-2023:4468
reference_id	RHSA-2023:4468
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:4468

reference_url	https://access.redhat.com/errata/RHSA-2023:4469
reference_id	RHSA-2023:4469
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:4469

reference_url	https://access.redhat.com/errata/RHSA-2023:4492
reference_id	RHSA-2023:4492
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:4492

reference_url	https://access.redhat.com/errata/RHSA-2023:4493
reference_id	RHSA-2023:4493
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:4493

reference_url	https://access.redhat.com/errata/RHSA-2023:4494
reference_id	RHSA-2023:4494
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:4494

reference_url	https://access.redhat.com/errata/RHSA-2023:4495
reference_id	RHSA-2023:4495
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:4495

reference_url	https://access.redhat.com/errata/RHSA-2023:4496
reference_id	RHSA-2023:4496
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:4496

reference_url	https://access.redhat.com/errata/RHSA-2023:4497
reference_id	RHSA-2023:4497
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:4497

reference_url	https://access.redhat.com/errata/RHSA-2023:4499
reference_id	RHSA-2023:4499
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:4499

reference_url	https://access.redhat.com/errata/RHSA-2023:4500
reference_id	RHSA-2023:4500
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:4500

reference_url

https://bugzilla.mozilla.org/show_bug.cgi?id=1841368

reference_id

show_bug.cgi?id=1841368

reference_type

scores

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-22T15:12:49Z/

url

https://bugzilla.mozilla.org/show_bug.cgi?id=1841368

reference_url	https://usn.ubuntu.com/6267-1/
reference_id	USN-6267-1
reference_type
scores
url	https://usn.ubuntu.com/6267-1/

reference_url	https://usn.ubuntu.com/6333-1/
reference_id	USN-6333-1
reference_type
scores
url	https://usn.ubuntu.com/6333-1/

fixed_packages

url	pkg:ebuild/mail-client/thunderbird-bin@115.7.0
purl	pkg:ebuild/mail-client/thunderbird-bin@115.7.0
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:ebuild/mail-client/thunderbird-bin@115.7.0

aliases CVE-2023-4048

risk_score 4.0

exploitability 0.5

weighted_severity 8.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-w2ww-tdyv-ryay

url VCID-wcae-q15e-pufm

vulnerability_id VCID-wcae-q15e-pufm

summary Multiple vulnerabilities have been discovered in Mozilla Thunderbird, the worst of which could lead to remote code execution.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-6864.json

reference_id

reference_type

scores

value	8.8
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-6864.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2023-6864

reference_id

reference_type

scores

value	0.00493
scoring_system	epss
scoring_elements	0.66126
published_at	2026-06-11T12:55:00Z

value	0.00493
scoring_system	epss
scoring_elements	0.66219
published_at	2026-06-12T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2023-6864

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-50761
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-50761

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-50762
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-50762

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6856
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6856

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6857
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6857

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6858
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6858

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6859
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6859

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6860
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6860

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6861
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6861

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6862
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6862

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6863
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6863

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6864
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6864

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6865
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6865

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6867
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6867

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6873
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6873

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2255370
reference_id	2255370
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2255370

reference_url	https://security.gentoo.org/glsa/202402-25
reference_id	GLSA-202402-25
reference_type
scores
url	https://security.gentoo.org/glsa/202402-25

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2023-54

reference_id

mfsa2023-54

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2023-54

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2023-55

reference_id

mfsa2023-55

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2023-55

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2023-56

reference_id

mfsa2023-56

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2023-56

reference_url	https://access.redhat.com/errata/RHSA-2024:0001
reference_id	RHSA-2024:0001
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0001

reference_url	https://access.redhat.com/errata/RHSA-2024:0002
reference_id	RHSA-2024:0002
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0002

reference_url	https://access.redhat.com/errata/RHSA-2024:0003
reference_id	RHSA-2024:0003
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0003

reference_url	https://access.redhat.com/errata/RHSA-2024:0004
reference_id	RHSA-2024:0004
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0004

reference_url	https://access.redhat.com/errata/RHSA-2024:0005
reference_id	RHSA-2024:0005
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0005

reference_url	https://access.redhat.com/errata/RHSA-2024:0011
reference_id	RHSA-2024:0011
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0011

reference_url	https://access.redhat.com/errata/RHSA-2024:0012
reference_id	RHSA-2024:0012
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0012

reference_url	https://access.redhat.com/errata/RHSA-2024:0019
reference_id	RHSA-2024:0019
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0019

reference_url	https://access.redhat.com/errata/RHSA-2024:0021
reference_id	RHSA-2024:0021
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0021

reference_url	https://access.redhat.com/errata/RHSA-2024:0022
reference_id	RHSA-2024:0022
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0022

reference_url	https://access.redhat.com/errata/RHSA-2024:0023
reference_id	RHSA-2024:0023
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0023

reference_url	https://access.redhat.com/errata/RHSA-2024:0024
reference_id	RHSA-2024:0024
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0024

reference_url	https://access.redhat.com/errata/RHSA-2024:0025
reference_id	RHSA-2024:0025
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0025

reference_url	https://access.redhat.com/errata/RHSA-2024:0026
reference_id	RHSA-2024:0026
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0026

reference_url	https://access.redhat.com/errata/RHSA-2024:0027
reference_id	RHSA-2024:0027
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0027

reference_url	https://access.redhat.com/errata/RHSA-2024:0028
reference_id	RHSA-2024:0028
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0028

reference_url	https://access.redhat.com/errata/RHSA-2024:0029
reference_id	RHSA-2024:0029
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0029

reference_url	https://access.redhat.com/errata/RHSA-2024:0030
reference_id	RHSA-2024:0030
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0030

reference_url	https://usn.ubuntu.com/6562-1/
reference_id	USN-6562-1
reference_type
scores
url	https://usn.ubuntu.com/6562-1/

reference_url	https://usn.ubuntu.com/6563-1/
reference_id	USN-6563-1
reference_type
scores
url	https://usn.ubuntu.com/6563-1/

fixed_packages

url	pkg:ebuild/mail-client/thunderbird-bin@115.7.0
purl	pkg:ebuild/mail-client/thunderbird-bin@115.7.0
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:ebuild/mail-client/thunderbird-bin@115.7.0

aliases CVE-2023-6864

risk_score 4.0

exploitability 0.5

weighted_severity 8.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-wcae-q15e-pufm

url VCID-wxjd-ad2n-5ybf

vulnerability_id VCID-wxjd-ad2n-5ybf

summary Multiple vulnerabilities have been discovered in Mozilla Thunderbird, the worst of which could lead to remote code execution.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-6859.json

reference_id

reference_type

scores

value	8.8
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-6859.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2023-6859

reference_id

reference_type

scores

value	0.00414
scoring_system	epss
scoring_elements	0.61981
published_at	2026-06-11T12:55:00Z

value	0.00414
scoring_system	epss
scoring_elements	0.62082
published_at	2026-06-12T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2023-6859

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-50761
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-50761

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-50762
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-50762

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6856
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6856

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6857
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6857

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6858
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6858

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6859
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6859

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6860
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6860

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6861
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6861

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6862
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6862

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6863
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6863

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6864
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6864

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6865
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6865

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6867
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6867

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6873
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6873

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2255364
reference_id	2255364
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2255364

reference_url	https://security.gentoo.org/glsa/202402-25
reference_id	GLSA-202402-25
reference_type
scores
url	https://security.gentoo.org/glsa/202402-25

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2023-54

reference_id

mfsa2023-54

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2023-54

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2023-55

reference_id

mfsa2023-55

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2023-55

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2023-56

reference_id

mfsa2023-56

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2023-56

reference_url	https://access.redhat.com/errata/RHSA-2024:0001
reference_id	RHSA-2024:0001
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0001

reference_url	https://access.redhat.com/errata/RHSA-2024:0002
reference_id	RHSA-2024:0002
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0002

reference_url	https://access.redhat.com/errata/RHSA-2024:0003
reference_id	RHSA-2024:0003
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0003

reference_url	https://access.redhat.com/errata/RHSA-2024:0004
reference_id	RHSA-2024:0004
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0004

reference_url	https://access.redhat.com/errata/RHSA-2024:0005
reference_id	RHSA-2024:0005
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0005

reference_url	https://access.redhat.com/errata/RHSA-2024:0011
reference_id	RHSA-2024:0011
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0011

reference_url	https://access.redhat.com/errata/RHSA-2024:0012
reference_id	RHSA-2024:0012
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0012

reference_url	https://access.redhat.com/errata/RHSA-2024:0019
reference_id	RHSA-2024:0019
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0019

reference_url	https://access.redhat.com/errata/RHSA-2024:0021
reference_id	RHSA-2024:0021
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0021

reference_url	https://access.redhat.com/errata/RHSA-2024:0022
reference_id	RHSA-2024:0022
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0022

reference_url	https://access.redhat.com/errata/RHSA-2024:0023
reference_id	RHSA-2024:0023
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0023

reference_url	https://access.redhat.com/errata/RHSA-2024:0024
reference_id	RHSA-2024:0024
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0024

reference_url	https://access.redhat.com/errata/RHSA-2024:0025
reference_id	RHSA-2024:0025
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0025

reference_url	https://access.redhat.com/errata/RHSA-2024:0026
reference_id	RHSA-2024:0026
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0026

reference_url	https://access.redhat.com/errata/RHSA-2024:0027
reference_id	RHSA-2024:0027
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0027

reference_url	https://access.redhat.com/errata/RHSA-2024:0028
reference_id	RHSA-2024:0028
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0028

reference_url	https://access.redhat.com/errata/RHSA-2024:0029
reference_id	RHSA-2024:0029
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0029

reference_url	https://access.redhat.com/errata/RHSA-2024:0030
reference_id	RHSA-2024:0030
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0030

reference_url	https://usn.ubuntu.com/6562-1/
reference_id	USN-6562-1
reference_type
scores
url	https://usn.ubuntu.com/6562-1/

reference_url	https://usn.ubuntu.com/6563-1/
reference_id	USN-6563-1
reference_type
scores
url	https://usn.ubuntu.com/6563-1/

fixed_packages

url	pkg:ebuild/mail-client/thunderbird-bin@115.7.0
purl	pkg:ebuild/mail-client/thunderbird-bin@115.7.0
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:ebuild/mail-client/thunderbird-bin@115.7.0

aliases CVE-2023-6859

risk_score 4.0

exploitability 0.5

weighted_severity 8.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-wxjd-ad2n-5ybf

url VCID-xd5h-da4p-dfgh

vulnerability_id VCID-xd5h-da4p-dfgh

summary A use-after-free was identified in the `nsDNSService::Init`. This issue appears to manifest rarely during start-up. This vulnerability affects Firefox ESR < 115.6 and Thunderbird < 115.6.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-6862.json

reference_id

reference_type

scores

value	8.8
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-6862.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2023-6862

reference_id

reference_type

scores

value	0.00441
scoring_system	epss
scoring_elements	0.63669
published_at	2026-06-11T12:55:00Z

value	0.00441
scoring_system	epss
scoring_elements	0.63771
published_at	2026-06-12T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2023-6862

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-50761
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-50761

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-50762
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-50762

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6856
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6856

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6857
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6857

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6858
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6858

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6859
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6859

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6860
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6860

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6861
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6861

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6862
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6862

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6863
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6863

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6864
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6864

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6865
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6865

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6867
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6867

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6873
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6873

reference_url

reference_id

202401-10

reference_type

scores

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-01-12T20:20:08Z/

url

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2255368
reference_id	2255368
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2255368

reference_url

reference_id

dsa-5581

reference_type

scores

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-01-12T20:20:08Z/

url

reference_url

reference_id

dsa-5582

reference_type

scores

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-01-12T20:20:08Z/

url

https://www.mozilla.org/en-US/security/advisories/mfsa2023-54

reference_url	https://security.gentoo.org/glsa/202402-25
reference_id	GLSA-202402-25
reference_type
scores
url	https://security.gentoo.org/glsa/202402-25

reference_url

reference_id

mfsa2023-54

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2023-54

reference_url

https://www.mozilla.org/security/advisories/mfsa2023-54/

reference_id

mfsa2023-54

reference_type

scores

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-01-12T20:20:08Z/

url

https://www.mozilla.org/security/advisories/mfsa2023-54/

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2023-55

reference_id

mfsa2023-55

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2023-55

reference_url

https://www.mozilla.org/security/advisories/mfsa2023-55/

reference_id

mfsa2023-55

reference_type

scores

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-01-12T20:20:08Z/

url

https://www.mozilla.org/security/advisories/mfsa2023-55/

reference_url

https://lists.debian.org/debian-lts-announce/2023/12/msg00020.html

reference_id

msg00020.html

reference_type

scores

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-01-12T20:20:08Z/

url

https://lists.debian.org/debian-lts-announce/2023/12/msg00020.html

reference_url

https://lists.debian.org/debian-lts-announce/2023/12/msg00021.html

reference_id

msg00021.html

reference_type

scores

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-01-12T20:20:08Z/

url

https://lists.debian.org/debian-lts-announce/2023/12/msg00021.html

reference_url	https://access.redhat.com/errata/RHSA-2024:0001
reference_id	RHSA-2024:0001
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0001

reference_url	https://access.redhat.com/errata/RHSA-2024:0002
reference_id	RHSA-2024:0002
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0002

reference_url	https://access.redhat.com/errata/RHSA-2024:0003
reference_id	RHSA-2024:0003
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0003

reference_url	https://access.redhat.com/errata/RHSA-2024:0004
reference_id	RHSA-2024:0004
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0004

reference_url	https://access.redhat.com/errata/RHSA-2024:0005
reference_id	RHSA-2024:0005
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0005

reference_url	https://access.redhat.com/errata/RHSA-2024:0011
reference_id	RHSA-2024:0011
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0011

reference_url	https://access.redhat.com/errata/RHSA-2024:0012
reference_id	RHSA-2024:0012
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0012

reference_url	https://access.redhat.com/errata/RHSA-2024:0019
reference_id	RHSA-2024:0019
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0019

reference_url	https://access.redhat.com/errata/RHSA-2024:0021
reference_id	RHSA-2024:0021
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0021

reference_url	https://access.redhat.com/errata/RHSA-2024:0022
reference_id	RHSA-2024:0022
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0022

reference_url	https://access.redhat.com/errata/RHSA-2024:0023
reference_id	RHSA-2024:0023
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0023

reference_url	https://access.redhat.com/errata/RHSA-2024:0024
reference_id	RHSA-2024:0024
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0024

reference_url	https://access.redhat.com/errata/RHSA-2024:0025
reference_id	RHSA-2024:0025
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0025

reference_url	https://access.redhat.com/errata/RHSA-2024:0026
reference_id	RHSA-2024:0026
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0026

reference_url	https://access.redhat.com/errata/RHSA-2024:0027
reference_id	RHSA-2024:0027
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0027

reference_url	https://access.redhat.com/errata/RHSA-2024:0028
reference_id	RHSA-2024:0028
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0028

reference_url	https://access.redhat.com/errata/RHSA-2024:0029
reference_id	RHSA-2024:0029
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0029

reference_url	https://access.redhat.com/errata/RHSA-2024:0030
reference_id	RHSA-2024:0030
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0030

reference_url

https://bugzilla.mozilla.org/show_bug.cgi?id=1868042

reference_id

show_bug.cgi?id=1868042

reference_type

scores

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-01-12T20:20:08Z/

url

https://bugzilla.mozilla.org/show_bug.cgi?id=1868042

reference_url	https://usn.ubuntu.com/6563-1/
reference_id	USN-6563-1
reference_type
scores
url	https://usn.ubuntu.com/6563-1/

fixed_packages

url	pkg:ebuild/mail-client/thunderbird-bin@115.7.0
purl	pkg:ebuild/mail-client/thunderbird-bin@115.7.0
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:ebuild/mail-client/thunderbird-bin@115.7.0

aliases CVE-2023-6862

risk_score 4.0

exploitability 0.5

weighted_severity 8.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-xd5h-da4p-dfgh

url VCID-xsn1-xhbz-cbhr

vulnerability_id VCID-xsn1-xhbz-cbhr

summary Cross-compartment wrappers wrapping a scripted proxy could have caused objects from other compartments to be stored in the main compartment resulting in a use-after-free. This vulnerability affects Firefox < 115, Firefox ESR < 102.13, and Thunderbird < 102.13.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-37202.json

reference_id

reference_type

scores

value	8.8
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-37202.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2023-37202

reference_id

reference_type

scores

value	0.00651
scoring_system	epss
scoring_elements	0.71361
published_at	2026-06-11T12:55:00Z

value	0.00651
scoring_system	epss
scoring_elements	0.71449
published_at	2026-06-12T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2023-37202

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-37201
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-37201

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-37202
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-37202

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-37207
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-37207

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-37208
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-37208

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-37211
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-37211

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2219748
reference_id	2219748
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2219748

reference_url

reference_id

dsa-5450

reference_type

scores

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-11-21T14:17:49Z/

url

reference_url

reference_id

dsa-5451

reference_type

scores

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-11-21T14:17:49Z/

url