{"url":"http://public2.vulnerablecode.io/api/packages/86170?format=json","purl":"pkg:mozilla/Firefox%20ESR@115.2.0","type":"mozilla","namespace":"","name":"Firefox ESR","version":"115.2.0","qualifiers":{},"subpath":"","is_vulnerable":false,"next_non_vulnerable_version":"115.2.1","latest_non_vulnerable_version":"140.10.1","affected_by_vulnerabilities":[],"fixing_vulnerabilities":[{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/51399?format=json","vulnerability_id":"VCID-75sb-xb3r-3fa8","summary":"Multiple vulnerabilities have been discovered in Mozilla Thunderbird, the worst of which could lead to remote code execution.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-4573.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-4573.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2023-4573","reference_id":"","reference_type":"","scores":[{"value":"0.00137","scoring_system":"epss","scoring_elements":"0.331","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00137","scoring_system":"epss","scoring_elements":"0.33472","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00137","scoring_system":"epss","scoring_elements":"0.33212","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00137","scoring_system":"epss","scoring_elements":"0.33293","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00137","scoring_system":"epss","scoring_elements":"0.33312","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00189","scoring_system":"epss","scoring_elements":"0.40804","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00189","scoring_system":"epss","scoring_elements":"0.40777","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00189","scoring_system":"epss","scoring_elements":"0.40729","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00189","scoring_system":"epss","scoring_elements":"0.40779","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00189","scoring_system":"epss","scoring_elements":"0.40787","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00189","scoring_system":"epss","scoring_elements":"0.40805","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00189","scoring_system":"epss","scoring_elements":"0.40771","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00189","scoring_system":"epss","scoring_elements":"0.40752","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00189","scoring_system":"epss","scoring_elements":"0.40796","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00189","scoring_system":"epss","scoring_elements":"0.40765","published_at":"2026-04-18T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2023-4573"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-4573","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-4573"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-4574","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-4574"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-4575","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-4575"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-4581","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-4581"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-4584","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-4584"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2236071","reference_id":"2236071","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2236071"},{"reference_url":"https://security.gentoo.org/glsa/202402-25","reference_id":"GLSA-202402-25","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202402-25"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2023-34","reference_id":"mfsa2023-34","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2023-34"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2023-34/","reference_id":"mfsa2023-34","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-09-26T15:08:18Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2023-34/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2023-35","reference_id":"mfsa2023-35","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2023-35"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2023-35/","reference_id":"mfsa2023-35","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-09-26T15:08:18Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2023-35/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2023-36","reference_id":"mfsa2023-36","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2023-36"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2023-36/","reference_id":"mfsa2023-36","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-09-26T15:08:18Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2023-36/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2023-37","reference_id":"mfsa2023-37","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2023-37"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2023-37/","reference_id":"mfsa2023-37","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-09-26T15:08:18Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2023-37/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2023-38","reference_id":"mfsa2023-38","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2023-38"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2023-38/","reference_id":"mfsa2023-38","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-09-26T15:08:18Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2023-38/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4945","reference_id":"RHSA-2023:4945","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4945"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4946","reference_id":"RHSA-2023:4946","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4946"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4947","reference_id":"RHSA-2023:4947","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4947"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4948","reference_id":"RHSA-2023:4948","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4948"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4949","reference_id":"RHSA-2023:4949","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4949"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4950","reference_id":"RHSA-2023:4950","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4950"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4951","reference_id":"RHSA-2023:4951","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4951"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4952","reference_id":"RHSA-2023:4952","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4952"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4954","reference_id":"RHSA-2023:4954","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4954"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4955","reference_id":"RHSA-2023:4955","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4955"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4956","reference_id":"RHSA-2023:4956","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4956"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4957","reference_id":"RHSA-2023:4957","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4957"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4958","reference_id":"RHSA-2023:4958","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4958"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4959","reference_id":"RHSA-2023:4959","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4959"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:5019","reference_id":"RHSA-2023:5019","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:5019"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1846687","reference_id":"show_bug.cgi?id=1846687","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-09-26T15:08:18Z/"}],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1846687"},{"reference_url":"https://usn.ubuntu.com/6320-1/","reference_id":"USN-6320-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6320-1/"},{"reference_url":"https://usn.ubuntu.com/6368-1/","reference_id":"USN-6368-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6368-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/86209?format=json","purl":"pkg:mozilla/Firefox%20ESR@102.15.0","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:mozilla/Firefox%2520ESR@102.15.0"},{"url":"http://public2.vulnerablecode.io/api/packages/86170?format=json","purl":"pkg:mozilla/Firefox%20ESR@115.2.0","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:mozilla/Firefox%2520ESR@115.2.0"}],"aliases":["CVE-2023-4573"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-75sb-xb3r-3fa8"}],"risk_score":null,"resource_url":"http://public2.vulnerablecode.io/packages/pkg:mozilla/Firefox%2520ESR@115.2.0"}