Django REST framework

Lookup for vulnerable packages by Package URL.

Purl pkg:deb/debian/firefox-esr@60.6.0esr-1?distro=trixie

Type deb

Namespace debian

Name firefox-esr

Version 60.6.0esr-1

Qualifiers

distro	trixie

Subpath

Is_vulnerable false

Next_non_vulnerable_version 60.6.1esr-1

Latest_non_vulnerable_version 140.10.1esr-1~deb13u1

Affected_by_vulnerabilities

Fixing_vulnerabilities

url VCID-7yw2-2r4n-rugg

vulnerability_id VCID-7yw2-2r4n-rugg

summary

Multiple vulnerabilities have been found in Mozilla Thunderbird and
    Firefox, the worst of which could lead to the execution of arbitrary code.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-9790.json

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-9790.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2019-9790

reference_id

reference_type

scores

value	0.00714
scoring_system	epss
scoring_elements	0.72408
published_at	2026-04-29T12:55:00Z

value	0.00714
scoring_system	epss
scoring_elements	0.72363
published_at	2026-04-16T12:55:00Z

value	0.00714
scoring_system	epss
scoring_elements	0.72372
published_at	2026-04-18T12:55:00Z

value	0.00714
scoring_system	epss
scoring_elements	0.7236
published_at	2026-04-21T12:55:00Z

value	0.00714
scoring_system	epss
scoring_elements	0.72403
published_at	2026-04-24T12:55:00Z

value	0.00714
scoring_system	epss
scoring_elements	0.72412
published_at	2026-04-26T12:55:00Z

value	0.00714
scoring_system	epss
scoring_elements	0.72274
published_at	2026-04-01T12:55:00Z

value	0.00714
scoring_system	epss
scoring_elements	0.7228
published_at	2026-04-02T12:55:00Z

value	0.00714
scoring_system	epss
scoring_elements	0.72299
published_at	2026-04-04T12:55:00Z

value	0.00714
scoring_system	epss
scoring_elements	0.72276
published_at	2026-04-07T12:55:00Z

value	0.00714
scoring_system	epss
scoring_elements	0.72315
published_at	2026-04-08T12:55:00Z

value	0.00714
scoring_system	epss
scoring_elements	0.72327
published_at	2026-04-09T12:55:00Z

value	0.00714
scoring_system	epss
scoring_elements	0.7235
published_at	2026-04-11T12:55:00Z

value	0.00714
scoring_system	epss
scoring_elements	0.72333
published_at	2026-04-12T12:55:00Z

value	0.00714
scoring_system	epss
scoring_elements	0.72321
published_at	2026-04-13T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2019-9790

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-18506
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-18506

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9788
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9788

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9790
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9790

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9791
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9791

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9792
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9792

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9793
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9793

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9795
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9795

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9796
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9796

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1690675
reference_id	1690675
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1690675

reference_url	https://security.archlinux.org/ASA-201903-11
reference_id	ASA-201903-11
reference_type
scores
url	https://security.archlinux.org/ASA-201903-11

reference_url

https://security.archlinux.org/AVG-925

reference_id

AVG-925

reference_type

scores

value	Critical
scoring_system	archlinux
scoring_elements

url

https://security.archlinux.org/AVG-925

reference_url	https://security.gentoo.org/glsa/201904-07
reference_id	GLSA-201904-07
reference_type
scores
url	https://security.gentoo.org/glsa/201904-07

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2019-07

reference_id

mfsa2019-07

reference_type

scores

value	critical
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2019-07

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2019-08

reference_id

mfsa2019-08

reference_type

scores

value	critical
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2019-08

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2019-11

reference_id

mfsa2019-11

reference_type

scores

value	critical
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2019-11

reference_url	https://access.redhat.com/errata/RHSA-2019:0622
reference_id	RHSA-2019:0622
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2019:0622

reference_url	https://access.redhat.com/errata/RHSA-2019:0623
reference_id	RHSA-2019:0623
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2019:0623

reference_url	https://access.redhat.com/errata/RHSA-2019:0680
reference_id	RHSA-2019:0680
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2019:0680

reference_url	https://access.redhat.com/errata/RHSA-2019:0681
reference_id	RHSA-2019:0681
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2019:0681

reference_url	https://access.redhat.com/errata/RHSA-2019:0966
reference_id	RHSA-2019:0966
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2019:0966

reference_url	https://access.redhat.com/errata/RHSA-2019:1144
reference_id	RHSA-2019:1144
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2019:1144

reference_url	https://usn.ubuntu.com/3918-1/
reference_id	USN-3918-1
reference_type
scores
url	https://usn.ubuntu.com/3918-1/

reference_url	https://usn.ubuntu.com/3918-2/
reference_id	USN-3918-2
reference_type
scores
url	https://usn.ubuntu.com/3918-2/

reference_url	https://usn.ubuntu.com/3927-1/
reference_id	USN-3927-1
reference_type
scores
url	https://usn.ubuntu.com/3927-1/

fixed_packages

url	pkg:deb/debian/firefox-esr@60.6.0esr-1?distro=trixie
purl	pkg:deb/debian/firefox-esr@60.6.0esr-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@60.6.0esr-1%3Fdistro=trixie

url pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1?distro=trixie

purl pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2fqb-r5zb-a7dp

vulnerability	VCID-3kv6-c148-nkhq

vulnerability	VCID-59d3-343b-e3aw

vulnerability	VCID-5dw5-vpt8-zqbz

vulnerability	VCID-61r1-arbe-dke4

vulnerability	VCID-7jt2-zr49-7ye5

vulnerability	VCID-95et-ezmb-buau

vulnerability	VCID-9ag7-z86d-nba9

vulnerability	VCID-9nbw-7c9e-13af

vulnerability	VCID-av7u-3g4m-mugm

vulnerability	VCID-bwth-uepr-z7a3

vulnerability	VCID-cjsm-7gxr-8ygw

vulnerability	VCID-d16s-p141-qbft

vulnerability	VCID-fxjm-ywug-f3d5

vulnerability	VCID-hk2m-rbdy-nqhc

vulnerability	VCID-ma29-qa7e-9qb4

vulnerability	VCID-nge1-4cvg-zqb2

vulnerability	VCID-nyum-jpbc-abew

vulnerability	VCID-p6yz-xs58-u3gm

vulnerability	VCID-pfmd-zv8f-8bfc

vulnerability	VCID-q689-wneh-hbdq

vulnerability	VCID-q8qp-5szp-mfe8

vulnerability	VCID-qbzp-euvv-q7c7

vulnerability	VCID-ruqn-mk9t-57hb

vulnerability	VCID-tv7r-qf2c-dqbm

vulnerability	VCID-w98r-yagc-kkec

vulnerability	VCID-z6tm-b352-5uhk

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1%3Fdistro=trixie

url pkg:deb/debian/firefox-esr@128.14.0esr-1~deb12u1?distro=trixie

purl pkg:deb/debian/firefox-esr@128.14.0esr-1~deb12u1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-f81v-9fv8-93cd

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@128.14.0esr-1~deb12u1%3Fdistro=trixie

url pkg:deb/debian/firefox-esr@140.8.0esr-1~deb13u1?distro=trixie

purl pkg:deb/debian/firefox-esr@140.8.0esr-1~deb13u1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-f81v-9fv8-93cd

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.8.0esr-1~deb13u1%3Fdistro=trixie

url pkg:deb/debian/firefox-esr@140.9.0esr-1?distro=trixie

purl pkg:deb/debian/firefox-esr@140.9.0esr-1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-5dw5-vpt8-zqbz

vulnerability	VCID-9ag7-z86d-nba9

vulnerability	VCID-f81v-9fv8-93cd

vulnerability	VCID-qbzp-euvv-q7c7

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.9.0esr-1%3Fdistro=trixie

url pkg:deb/debian/firefox-esr@140.9.1esr-1?distro=trixie

purl pkg:deb/debian/firefox-esr@140.9.1esr-1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2fqb-r5zb-a7dp

vulnerability	VCID-3kv6-c148-nkhq

vulnerability	VCID-59d3-343b-e3aw

vulnerability	VCID-61r1-arbe-dke4

vulnerability	VCID-7jt2-zr49-7ye5

vulnerability	VCID-95et-ezmb-buau

vulnerability	VCID-9nbw-7c9e-13af

vulnerability	VCID-av7u-3g4m-mugm

vulnerability	VCID-bwth-uepr-z7a3

vulnerability	VCID-cjsm-7gxr-8ygw

vulnerability	VCID-d16s-p141-qbft

vulnerability	VCID-f81v-9fv8-93cd

vulnerability	VCID-fxjm-ywug-f3d5

vulnerability	VCID-hk2m-rbdy-nqhc

vulnerability	VCID-ma29-qa7e-9qb4

vulnerability	VCID-nge1-4cvg-zqb2

vulnerability	VCID-nyum-jpbc-abew

vulnerability	VCID-p6yz-xs58-u3gm

vulnerability	VCID-pfmd-zv8f-8bfc

vulnerability	VCID-q689-wneh-hbdq

vulnerability	VCID-q8qp-5szp-mfe8

vulnerability	VCID-ruqn-mk9t-57hb

vulnerability	VCID-tv7r-qf2c-dqbm

vulnerability	VCID-w98r-yagc-kkec

vulnerability	VCID-z6tm-b352-5uhk

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.9.1esr-1%3Fdistro=trixie

url pkg:deb/debian/firefox-esr@140.10.0esr-1?distro=trixie

purl pkg:deb/debian/firefox-esr@140.10.0esr-1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1y9d-wx59-fyh2

vulnerability	VCID-9uk1-zvat-5qc9

vulnerability	VCID-f81v-9fv8-93cd

vulnerability	VCID-ndwm-svz7-5uen

vulnerability	VCID-zkbj-717t-j3hw

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.0esr-1%3Fdistro=trixie

url pkg:deb/debian/firefox-esr@140.10.1esr-1?distro=trixie

purl pkg:deb/debian/firefox-esr@140.10.1esr-1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-f81v-9fv8-93cd

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.1esr-1%3Fdistro=trixie

aliases CVE-2019-9790

risk_score 4.5

exploitability 0.5

weighted_severity 9.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-7yw2-2r4n-rugg

url VCID-a2k9-85qx-u7cy

vulnerability_id VCID-a2k9-85qx-u7cy

summary

Multiple vulnerabilities have been found in Mozilla Thunderbird and
    Firefox, the worst of which could lead to the execution of arbitrary code.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-9788.json

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-9788.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2019-9788

reference_id

reference_type

scores

value	0.02068
scoring_system	epss
scoring_elements	0.83998
published_at	2026-04-29T12:55:00Z

value	0.02068
scoring_system	epss
scoring_elements	0.83935
published_at	2026-04-13T12:55:00Z

value	0.02068
scoring_system	epss
scoring_elements	0.83959
published_at	2026-04-18T12:55:00Z

value	0.02068
scoring_system	epss
scoring_elements	0.83961
published_at	2026-04-21T12:55:00Z

value	0.02068
scoring_system	epss
scoring_elements	0.83986
published_at	2026-04-24T12:55:00Z

value	0.02068
scoring_system	epss
scoring_elements	0.83994
published_at	2026-04-26T12:55:00Z

value	0.02068
scoring_system	epss
scoring_elements	0.83867
published_at	2026-04-01T12:55:00Z

value	0.02068
scoring_system	epss
scoring_elements	0.83881
published_at	2026-04-02T12:55:00Z

value	0.02068
scoring_system	epss
scoring_elements	0.83897
published_at	2026-04-04T12:55:00Z

value	0.02068
scoring_system	epss
scoring_elements	0.83899
published_at	2026-04-07T12:55:00Z

value	0.02068
scoring_system	epss
scoring_elements	0.83922
published_at	2026-04-08T12:55:00Z

value	0.02068
scoring_system	epss
scoring_elements	0.83929
published_at	2026-04-09T12:55:00Z

value	0.02068
scoring_system	epss
scoring_elements	0.83945
published_at	2026-04-11T12:55:00Z

value	0.02068
scoring_system	epss
scoring_elements	0.83939
published_at	2026-04-12T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2019-9788

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-18506
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-18506

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9788
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9788

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9790
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9790

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9791
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9791

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9792
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9792

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9793
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9793

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9795
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9795

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9796
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9796

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	8.8
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1690674
reference_id	1690674
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1690674

reference_url	https://security.archlinux.org/ASA-201903-11
reference_id	ASA-201903-11
reference_type
scores
url	https://security.archlinux.org/ASA-201903-11

reference_url

https://security.archlinux.org/AVG-925

reference_id

AVG-925

reference_type

scores

value	Critical
scoring_system	archlinux
scoring_elements

url

https://security.archlinux.org/AVG-925

reference_url	https://security.gentoo.org/glsa/201904-07
reference_id	GLSA-201904-07
reference_type
scores
url	https://security.gentoo.org/glsa/201904-07

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2019-07

reference_id

mfsa2019-07

reference_type

scores

value	critical
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2019-07

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2019-08

reference_id

mfsa2019-08

reference_type

scores

value	critical
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2019-08

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2019-11

reference_id

mfsa2019-11

reference_type

scores

value	critical
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2019-11

reference_url	https://access.redhat.com/errata/RHSA-2019:0622
reference_id	RHSA-2019:0622
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2019:0622

reference_url	https://access.redhat.com/errata/RHSA-2019:0623
reference_id	RHSA-2019:0623
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2019:0623

reference_url	https://access.redhat.com/errata/RHSA-2019:0680
reference_id	RHSA-2019:0680
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2019:0680

reference_url	https://access.redhat.com/errata/RHSA-2019:0681
reference_id	RHSA-2019:0681
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2019:0681

reference_url	https://access.redhat.com/errata/RHSA-2019:0966
reference_id	RHSA-2019:0966
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2019:0966

reference_url	https://access.redhat.com/errata/RHSA-2019:1144
reference_id	RHSA-2019:1144
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2019:1144

reference_url	https://usn.ubuntu.com/3918-1/
reference_id	USN-3918-1
reference_type
scores
url	https://usn.ubuntu.com/3918-1/

reference_url	https://usn.ubuntu.com/3918-2/
reference_id	USN-3918-2
reference_type
scores
url	https://usn.ubuntu.com/3918-2/

reference_url	https://usn.ubuntu.com/3927-1/
reference_id	USN-3927-1
reference_type
scores
url	https://usn.ubuntu.com/3927-1/

fixed_packages

url	pkg:deb/debian/firefox-esr@60.6.0esr-1?distro=trixie
purl	pkg:deb/debian/firefox-esr@60.6.0esr-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@60.6.0esr-1%3Fdistro=trixie

url pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1?distro=trixie

purl pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2fqb-r5zb-a7dp

vulnerability	VCID-3kv6-c148-nkhq

vulnerability	VCID-59d3-343b-e3aw

vulnerability	VCID-5dw5-vpt8-zqbz

vulnerability	VCID-61r1-arbe-dke4

vulnerability	VCID-7jt2-zr49-7ye5

vulnerability	VCID-95et-ezmb-buau

vulnerability	VCID-9ag7-z86d-nba9

vulnerability	VCID-9nbw-7c9e-13af

vulnerability	VCID-av7u-3g4m-mugm

vulnerability	VCID-bwth-uepr-z7a3

vulnerability	VCID-cjsm-7gxr-8ygw

vulnerability	VCID-d16s-p141-qbft

vulnerability	VCID-fxjm-ywug-f3d5

vulnerability	VCID-hk2m-rbdy-nqhc

vulnerability	VCID-ma29-qa7e-9qb4

vulnerability	VCID-nge1-4cvg-zqb2

vulnerability	VCID-nyum-jpbc-abew

vulnerability	VCID-p6yz-xs58-u3gm

vulnerability	VCID-pfmd-zv8f-8bfc

vulnerability	VCID-q689-wneh-hbdq

vulnerability	VCID-q8qp-5szp-mfe8

vulnerability	VCID-qbzp-euvv-q7c7

vulnerability	VCID-ruqn-mk9t-57hb

vulnerability	VCID-tv7r-qf2c-dqbm

vulnerability	VCID-w98r-yagc-kkec

vulnerability	VCID-z6tm-b352-5uhk

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1%3Fdistro=trixie

url pkg:deb/debian/firefox-esr@128.14.0esr-1~deb12u1?distro=trixie

purl pkg:deb/debian/firefox-esr@128.14.0esr-1~deb12u1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-f81v-9fv8-93cd

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@128.14.0esr-1~deb12u1%3Fdistro=trixie

url pkg:deb/debian/firefox-esr@140.8.0esr-1~deb13u1?distro=trixie

purl pkg:deb/debian/firefox-esr@140.8.0esr-1~deb13u1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-f81v-9fv8-93cd

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.8.0esr-1~deb13u1%3Fdistro=trixie

url pkg:deb/debian/firefox-esr@140.9.0esr-1?distro=trixie

purl pkg:deb/debian/firefox-esr@140.9.0esr-1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-5dw5-vpt8-zqbz

vulnerability	VCID-9ag7-z86d-nba9

vulnerability	VCID-f81v-9fv8-93cd

vulnerability	VCID-qbzp-euvv-q7c7

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.9.0esr-1%3Fdistro=trixie

url pkg:deb/debian/firefox-esr@140.9.1esr-1?distro=trixie

purl pkg:deb/debian/firefox-esr@140.9.1esr-1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2fqb-r5zb-a7dp

vulnerability	VCID-3kv6-c148-nkhq

vulnerability	VCID-59d3-343b-e3aw

vulnerability	VCID-61r1-arbe-dke4

vulnerability	VCID-7jt2-zr49-7ye5

vulnerability	VCID-95et-ezmb-buau

vulnerability	VCID-9nbw-7c9e-13af

vulnerability	VCID-av7u-3g4m-mugm

vulnerability	VCID-bwth-uepr-z7a3

vulnerability	VCID-cjsm-7gxr-8ygw

vulnerability	VCID-d16s-p141-qbft

vulnerability	VCID-f81v-9fv8-93cd

vulnerability	VCID-fxjm-ywug-f3d5

vulnerability	VCID-hk2m-rbdy-nqhc

vulnerability	VCID-ma29-qa7e-9qb4

vulnerability	VCID-nge1-4cvg-zqb2

vulnerability	VCID-nyum-jpbc-abew

vulnerability	VCID-p6yz-xs58-u3gm

vulnerability	VCID-pfmd-zv8f-8bfc

vulnerability	VCID-q689-wneh-hbdq

vulnerability	VCID-q8qp-5szp-mfe8

vulnerability	VCID-ruqn-mk9t-57hb

vulnerability	VCID-tv7r-qf2c-dqbm

vulnerability	VCID-w98r-yagc-kkec

vulnerability	VCID-z6tm-b352-5uhk

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.9.1esr-1%3Fdistro=trixie

url pkg:deb/debian/firefox-esr@140.10.0esr-1?distro=trixie

purl pkg:deb/debian/firefox-esr@140.10.0esr-1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1y9d-wx59-fyh2

vulnerability	VCID-9uk1-zvat-5qc9

vulnerability	VCID-f81v-9fv8-93cd

vulnerability	VCID-ndwm-svz7-5uen

vulnerability	VCID-zkbj-717t-j3hw

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.0esr-1%3Fdistro=trixie

url pkg:deb/debian/firefox-esr@140.10.1esr-1?distro=trixie

purl pkg:deb/debian/firefox-esr@140.10.1esr-1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-f81v-9fv8-93cd

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.1esr-1%3Fdistro=trixie

aliases CVE-2019-9788

risk_score 4.5

exploitability 0.5

weighted_severity 9.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-a2k9-85qx-u7cy

url VCID-ce3x-bw1m-jyf4

vulnerability_id VCID-ce3x-bw1m-jyf4

summary

Multiple vulnerabilities have been found in Mozilla Thunderbird and
    Firefox, the worst of which could lead to the execution of arbitrary code.

references

reference_url	http://lists.opensuse.org/opensuse-security-announce/2019-03/msg00035.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2019-03/msg00035.html

reference_url	http://lists.opensuse.org/opensuse-security-announce/2019-03/msg00043.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2019-03/msg00043.html

reference_url	http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00023.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00023.html

reference_url	http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00043.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00043.html

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-18506.json

reference_id

reference_type

scores

value	6.1
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-18506.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2018-18506

reference_id

reference_type

scores

value	0.0236
scoring_system	epss
scoring_elements	0.8498
published_at	2026-04-29T12:55:00Z

value	0.0236
scoring_system	epss
scoring_elements	0.84934
published_at	2026-04-11T12:55:00Z

value	0.0236
scoring_system	epss
scoring_elements	0.84933
published_at	2026-04-12T12:55:00Z

value	0.0236
scoring_system	epss
scoring_elements	0.84928
published_at	2026-04-13T12:55:00Z

value	0.0236
scoring_system	epss
scoring_elements	0.8495
published_at	2026-04-18T12:55:00Z

value	0.0236
scoring_system	epss
scoring_elements	0.84947
published_at	2026-04-21T12:55:00Z

value	0.0236
scoring_system	epss
scoring_elements	0.84973
published_at	2026-04-24T12:55:00Z

value	0.0236
scoring_system	epss
scoring_elements	0.84982
published_at	2026-04-26T12:55:00Z

value	0.0236
scoring_system	epss
scoring_elements	0.84851
published_at	2026-04-01T12:55:00Z

value	0.0236
scoring_system	epss
scoring_elements	0.84866
published_at	2026-04-02T12:55:00Z

value	0.0236
scoring_system	epss
scoring_elements	0.84884
published_at	2026-04-04T12:55:00Z

value	0.0236
scoring_system	epss
scoring_elements	0.84886
published_at	2026-04-07T12:55:00Z

value	0.0236
scoring_system	epss
scoring_elements	0.84909
published_at	2026-04-08T12:55:00Z

value	0.0236
scoring_system	epss
scoring_elements	0.84917
published_at	2026-04-09T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2018-18506

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-18506
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-18506

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9788
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9788

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9790
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9790

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9791
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9791

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9792
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9792

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9793
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9793

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9795
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9795

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9796
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9796

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	5.9
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:H/PR:L/UI:R/S:U/C:H/I:L/A:L

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://lists.debian.org/debian-lts-announce/2019/03/msg00024.html
reference_id
reference_type
scores
url	https://lists.debian.org/debian-lts-announce/2019/03/msg00024.html

reference_url	https://lists.debian.org/debian-lts-announce/2019/04/msg00000.html
reference_id
reference_type
scores
url	https://lists.debian.org/debian-lts-announce/2019/04/msg00000.html

reference_url	https://seclists.org/bugtraq/2019/Apr/0
reference_id
reference_type
scores
url	https://seclists.org/bugtraq/2019/Apr/0

reference_url	https://seclists.org/bugtraq/2019/Mar/28
reference_id
reference_type
scores
url	https://seclists.org/bugtraq/2019/Mar/28

reference_url	https://www.debian.org/security/2019/dsa-4411
reference_id
reference_type
scores
url	https://www.debian.org/security/2019/dsa-4411

reference_url	https://www.debian.org/security/2019/dsa-4420
reference_id
reference_type
scores
url	https://www.debian.org/security/2019/dsa-4420

reference_url	https://www.mozilla.org/security/advisories/mfsa2019-01/
reference_id
reference_type
scores
url	https://www.mozilla.org/security/advisories/mfsa2019-01/

reference_url	http://www.securityfocus.com/bid/106773
reference_id
reference_type
scores
url	http://www.securityfocus.com/bid/106773

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1690673
reference_id	1690673
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1690673

reference_url	https://security.archlinux.org/ASA-201902-2
reference_id	ASA-201902-2
reference_type
scores
url	https://security.archlinux.org/ASA-201902-2

reference_url

https://security.archlinux.org/AVG-862

reference_id

AVG-862

reference_type

scores

value	Critical
scoring_system	archlinux
scoring_elements

url

https://security.archlinux.org/AVG-862

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox::::::::
reference_id	cpe:2.3:a:mozilla:firefox::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04::::lts:::
reference_id	cpe:2.3:o:canonical:ubuntu_linux:14.04::::lts:::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04::::lts:::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04::::lts:::
reference_id	cpe:2.3:o:canonical:ubuntu_linux:16.04::::lts:::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04::::lts:::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.04::::lts:::
reference_id	cpe:2.3:o:canonical:ubuntu_linux:18.04::::lts:::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.04::::lts:::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.10:::::::*
reference_id	cpe:2.3:o:canonical:ubuntu_linux:18.10:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.10:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:::::::*
reference_id	cpe:2.3:o:debian:debian_linux:8.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:::::::*
reference_id	cpe:2.3:o:debian:debian_linux:9.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:15.0:::::::*
reference_id	cpe:2.3:o:opensuse:leap:15.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:15.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:42.3:::::::*
reference_id	cpe:2.3:o:opensuse:leap:42.3:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:42.3:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:8.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux:8.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:8.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:8.1:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_eus:8.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:8.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:8.2:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_eus:8.2:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:8.2:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:8.4:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_eus:8.4:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:8.4:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:8.6:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_eus:8.6:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:8.6:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_server:6.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_server:7.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.6:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_server_aus:7.6:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.6:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:8.2:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_server_aus:8.2:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:8.2:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:8.4:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_server_aus:8.4:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:8.4:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:8.6:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_server_aus:8.6:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:8.6:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.6:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_server_eus:7.6:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.6:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_tus:7.6:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_server_tus:7.6:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_tus:7.6:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_tus:8.2:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_server_tus:8.2:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_tus:8.2:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_tus:8.4:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_server_tus:8.4:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_tus:8.4:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_tus:8.6:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_server_tus:8.6:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_tus:8.6:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:::::::*

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2018-18506

reference_id

CVE-2018-18506

reference_type

scores

value	4.3
scoring_system	cvssv2
scoring_elements	AV:N/AC:M/Au:N/C:N/I:P/A:N

value	5.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N

url

https://nvd.nist.gov/vuln/detail/CVE-2018-18506

reference_url	https://security.gentoo.org/glsa/201904-07
reference_id	GLSA-201904-07
reference_type
scores
url	https://security.gentoo.org/glsa/201904-07

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2019-01

reference_id

mfsa2019-01

reference_type

scores

value	critical
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2019-01

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2019-08

reference_id

mfsa2019-08

reference_type

scores

value	critical
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2019-08

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2019-11

reference_id

mfsa2019-11

reference_type

scores

value	critical
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2019-11

reference_url	https://access.redhat.com/errata/RHSA-2019:0622
reference_id	RHSA-2019:0622
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2019:0622

reference_url	https://access.redhat.com/errata/RHSA-2019:0623
reference_id	RHSA-2019:0623
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2019:0623

reference_url	https://access.redhat.com/errata/RHSA-2019:0680
reference_id	RHSA-2019:0680
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2019:0680

reference_url	https://access.redhat.com/errata/RHSA-2019:0681
reference_id	RHSA-2019:0681
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2019:0681

reference_url	https://access.redhat.com/errata/RHSA-2019:0966
reference_id	RHSA-2019:0966
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2019:0966

reference_url	https://access.redhat.com/errata/RHSA-2019:1144
reference_id	RHSA-2019:1144
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2019:1144

reference_url	https://usn.ubuntu.com/3874-1/
reference_id	USN-3874-1
reference_type
scores
url	https://usn.ubuntu.com/3874-1/

reference_url	https://usn.ubuntu.com/3927-1/
reference_id	USN-3927-1
reference_type
scores
url	https://usn.ubuntu.com/3927-1/

fixed_packages

url	pkg:deb/debian/firefox-esr@60.6.0esr-1?distro=trixie
purl	pkg:deb/debian/firefox-esr@60.6.0esr-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@60.6.0esr-1%3Fdistro=trixie

url pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1?distro=trixie

purl pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2fqb-r5zb-a7dp

vulnerability	VCID-3kv6-c148-nkhq

vulnerability	VCID-59d3-343b-e3aw

vulnerability	VCID-5dw5-vpt8-zqbz

vulnerability	VCID-61r1-arbe-dke4

vulnerability	VCID-7jt2-zr49-7ye5

vulnerability	VCID-95et-ezmb-buau

vulnerability	VCID-9ag7-z86d-nba9

vulnerability	VCID-9nbw-7c9e-13af

vulnerability	VCID-av7u-3g4m-mugm

vulnerability	VCID-bwth-uepr-z7a3

vulnerability	VCID-cjsm-7gxr-8ygw

vulnerability	VCID-d16s-p141-qbft

vulnerability	VCID-fxjm-ywug-f3d5

vulnerability	VCID-hk2m-rbdy-nqhc

vulnerability	VCID-ma29-qa7e-9qb4

vulnerability	VCID-nge1-4cvg-zqb2

vulnerability	VCID-nyum-jpbc-abew

vulnerability	VCID-p6yz-xs58-u3gm

vulnerability	VCID-pfmd-zv8f-8bfc

vulnerability	VCID-q689-wneh-hbdq

vulnerability	VCID-q8qp-5szp-mfe8

vulnerability	VCID-qbzp-euvv-q7c7

vulnerability	VCID-ruqn-mk9t-57hb

vulnerability	VCID-tv7r-qf2c-dqbm

vulnerability	VCID-w98r-yagc-kkec

vulnerability	VCID-z6tm-b352-5uhk

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1%3Fdistro=trixie

url pkg:deb/debian/firefox-esr@128.14.0esr-1~deb12u1?distro=trixie

purl pkg:deb/debian/firefox-esr@128.14.0esr-1~deb12u1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-f81v-9fv8-93cd

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@128.14.0esr-1~deb12u1%3Fdistro=trixie

url pkg:deb/debian/firefox-esr@140.8.0esr-1~deb13u1?distro=trixie

purl pkg:deb/debian/firefox-esr@140.8.0esr-1~deb13u1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-f81v-9fv8-93cd

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.8.0esr-1~deb13u1%3Fdistro=trixie

url pkg:deb/debian/firefox-esr@140.9.0esr-1?distro=trixie

purl pkg:deb/debian/firefox-esr@140.9.0esr-1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-5dw5-vpt8-zqbz

vulnerability	VCID-9ag7-z86d-nba9

vulnerability	VCID-f81v-9fv8-93cd

vulnerability	VCID-qbzp-euvv-q7c7

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.9.0esr-1%3Fdistro=trixie

url pkg:deb/debian/firefox-esr@140.9.1esr-1?distro=trixie

purl pkg:deb/debian/firefox-esr@140.9.1esr-1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2fqb-r5zb-a7dp

vulnerability	VCID-3kv6-c148-nkhq

vulnerability	VCID-59d3-343b-e3aw

vulnerability	VCID-61r1-arbe-dke4

vulnerability	VCID-7jt2-zr49-7ye5

vulnerability	VCID-95et-ezmb-buau

vulnerability	VCID-9nbw-7c9e-13af

vulnerability	VCID-av7u-3g4m-mugm

vulnerability	VCID-bwth-uepr-z7a3

vulnerability	VCID-cjsm-7gxr-8ygw

vulnerability	VCID-d16s-p141-qbft

vulnerability	VCID-f81v-9fv8-93cd

vulnerability	VCID-fxjm-ywug-f3d5

vulnerability	VCID-hk2m-rbdy-nqhc

vulnerability	VCID-ma29-qa7e-9qb4

vulnerability	VCID-nge1-4cvg-zqb2

vulnerability	VCID-nyum-jpbc-abew

vulnerability	VCID-p6yz-xs58-u3gm

vulnerability	VCID-pfmd-zv8f-8bfc

vulnerability	VCID-q689-wneh-hbdq

vulnerability	VCID-q8qp-5szp-mfe8

vulnerability	VCID-ruqn-mk9t-57hb

vulnerability	VCID-tv7r-qf2c-dqbm

vulnerability	VCID-w98r-yagc-kkec

vulnerability	VCID-z6tm-b352-5uhk

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.9.1esr-1%3Fdistro=trixie

url pkg:deb/debian/firefox-esr@140.10.0esr-1?distro=trixie

purl pkg:deb/debian/firefox-esr@140.10.0esr-1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1y9d-wx59-fyh2

vulnerability	VCID-9uk1-zvat-5qc9

vulnerability	VCID-f81v-9fv8-93cd

vulnerability	VCID-ndwm-svz7-5uen

vulnerability	VCID-zkbj-717t-j3hw

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.0esr-1%3Fdistro=trixie

url pkg:deb/debian/firefox-esr@140.10.1esr-1?distro=trixie

purl pkg:deb/debian/firefox-esr@140.10.1esr-1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-f81v-9fv8-93cd

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.1esr-1%3Fdistro=trixie

aliases CVE-2018-18506

risk_score 4.5

exploitability 0.5

weighted_severity 9.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-ce3x-bw1m-jyf4

url VCID-drcd-xhd2-27hn

vulnerability_id VCID-drcd-xhd2-27hn

summary

Multiple vulnerabilities have been found in Mozilla Thunderbird and
    Firefox, the worst of which could lead to the execution of arbitrary code.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-9793.json

reference_id

reference_type

scores

value	5.9
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-9793.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2019-9793

reference_id

reference_type

scores

value	0.00402
scoring_system	epss
scoring_elements	0.60858
published_at	2026-04-29T12:55:00Z

value	0.00402
scoring_system	epss
scoring_elements	0.60875
published_at	2026-04-16T12:55:00Z

value	0.00402
scoring_system	epss
scoring_elements	0.6088
published_at	2026-04-18T12:55:00Z

value	0.00402
scoring_system	epss
scoring_elements	0.60864
published_at	2026-04-21T12:55:00Z

value	0.00402
scoring_system	epss
scoring_elements	0.60853
published_at	2026-04-24T12:55:00Z

value	0.00402
scoring_system	epss
scoring_elements	0.60866
published_at	2026-04-26T12:55:00Z

value	0.00402
scoring_system	epss
scoring_elements	0.60713
published_at	2026-04-01T12:55:00Z

value	0.00402
scoring_system	epss
scoring_elements	0.60785
published_at	2026-04-02T12:55:00Z

value	0.00402
scoring_system	epss
scoring_elements	0.60814
published_at	2026-04-04T12:55:00Z

value	0.00402
scoring_system	epss
scoring_elements	0.60778
published_at	2026-04-07T12:55:00Z

value	0.00402
scoring_system	epss
scoring_elements	0.60827
published_at	2026-04-08T12:55:00Z

value	0.00402
scoring_system	epss
scoring_elements	0.60844
published_at	2026-04-09T12:55:00Z

value	0.00402
scoring_system	epss
scoring_elements	0.60865
published_at	2026-04-11T12:55:00Z

value	0.00402
scoring_system	epss
scoring_elements	0.60851
published_at	2026-04-12T12:55:00Z

value	0.00402
scoring_system	epss
scoring_elements	0.60833
published_at	2026-04-13T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2019-9793

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-18506
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-18506

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9788
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9788

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9790
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9790

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9791
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9791

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9792
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9792

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9793
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9793

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9795
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9795

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9796
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9796

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1690678
reference_id	1690678
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1690678

reference_url	https://security.archlinux.org/ASA-201903-11
reference_id	ASA-201903-11
reference_type
scores
url	https://security.archlinux.org/ASA-201903-11

reference_url

https://security.archlinux.org/AVG-925

reference_id

AVG-925

reference_type

scores

value	Critical
scoring_system	archlinux
scoring_elements

url

https://security.archlinux.org/AVG-925

reference_url	https://security.gentoo.org/glsa/201904-07
reference_id	GLSA-201904-07
reference_type
scores
url	https://security.gentoo.org/glsa/201904-07

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2019-07

reference_id

mfsa2019-07

reference_type

scores

value	critical
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2019-07

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2019-08

reference_id

mfsa2019-08

reference_type

scores

value	critical
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2019-08

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2019-11

reference_id

mfsa2019-11

reference_type

scores

value	critical
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2019-11

reference_url	https://access.redhat.com/errata/RHSA-2019:0622
reference_id	RHSA-2019:0622
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2019:0622

reference_url	https://access.redhat.com/errata/RHSA-2019:0623
reference_id	RHSA-2019:0623
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2019:0623

reference_url	https://access.redhat.com/errata/RHSA-2019:0680
reference_id	RHSA-2019:0680
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2019:0680

reference_url	https://access.redhat.com/errata/RHSA-2019:0681
reference_id	RHSA-2019:0681
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2019:0681

reference_url	https://access.redhat.com/errata/RHSA-2019:0966
reference_id	RHSA-2019:0966
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2019:0966

reference_url	https://access.redhat.com/errata/RHSA-2019:1144
reference_id	RHSA-2019:1144
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2019:1144

reference_url	https://usn.ubuntu.com/3918-1/
reference_id	USN-3918-1
reference_type
scores
url	https://usn.ubuntu.com/3918-1/

reference_url	https://usn.ubuntu.com/3918-2/
reference_id	USN-3918-2
reference_type
scores
url	https://usn.ubuntu.com/3918-2/

reference_url	https://usn.ubuntu.com/3927-1/
reference_id	USN-3927-1
reference_type
scores
url	https://usn.ubuntu.com/3927-1/

fixed_packages

url	pkg:deb/debian/firefox-esr@60.6.0esr-1?distro=trixie
purl	pkg:deb/debian/firefox-esr@60.6.0esr-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@60.6.0esr-1%3Fdistro=trixie

url pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1?distro=trixie

purl pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2fqb-r5zb-a7dp

vulnerability	VCID-3kv6-c148-nkhq

vulnerability	VCID-59d3-343b-e3aw

vulnerability	VCID-5dw5-vpt8-zqbz

vulnerability	VCID-61r1-arbe-dke4

vulnerability	VCID-7jt2-zr49-7ye5

vulnerability	VCID-95et-ezmb-buau

vulnerability	VCID-9ag7-z86d-nba9

vulnerability	VCID-9nbw-7c9e-13af

vulnerability	VCID-av7u-3g4m-mugm

vulnerability	VCID-bwth-uepr-z7a3

vulnerability	VCID-cjsm-7gxr-8ygw

vulnerability	VCID-d16s-p141-qbft

vulnerability	VCID-fxjm-ywug-f3d5

vulnerability	VCID-hk2m-rbdy-nqhc

vulnerability	VCID-ma29-qa7e-9qb4

vulnerability	VCID-nge1-4cvg-zqb2

vulnerability	VCID-nyum-jpbc-abew

vulnerability	VCID-p6yz-xs58-u3gm

vulnerability	VCID-pfmd-zv8f-8bfc

vulnerability	VCID-q689-wneh-hbdq

vulnerability	VCID-q8qp-5szp-mfe8

vulnerability	VCID-qbzp-euvv-q7c7

vulnerability	VCID-ruqn-mk9t-57hb

vulnerability	VCID-tv7r-qf2c-dqbm

vulnerability	VCID-w98r-yagc-kkec

vulnerability	VCID-z6tm-b352-5uhk

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1%3Fdistro=trixie

url pkg:deb/debian/firefox-esr@128.14.0esr-1~deb12u1?distro=trixie

purl pkg:deb/debian/firefox-esr@128.14.0esr-1~deb12u1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-f81v-9fv8-93cd

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@128.14.0esr-1~deb12u1%3Fdistro=trixie

url pkg:deb/debian/firefox-esr@140.8.0esr-1~deb13u1?distro=trixie

purl pkg:deb/debian/firefox-esr@140.8.0esr-1~deb13u1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-f81v-9fv8-93cd

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.8.0esr-1~deb13u1%3Fdistro=trixie

url pkg:deb/debian/firefox-esr@140.9.0esr-1?distro=trixie

purl pkg:deb/debian/firefox-esr@140.9.0esr-1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-5dw5-vpt8-zqbz

vulnerability	VCID-9ag7-z86d-nba9

vulnerability	VCID-f81v-9fv8-93cd

vulnerability	VCID-qbzp-euvv-q7c7

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.9.0esr-1%3Fdistro=trixie

url pkg:deb/debian/firefox-esr@140.9.1esr-1?distro=trixie

purl pkg:deb/debian/firefox-esr@140.9.1esr-1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2fqb-r5zb-a7dp

vulnerability	VCID-3kv6-c148-nkhq

vulnerability	VCID-59d3-343b-e3aw

vulnerability	VCID-61r1-arbe-dke4

vulnerability	VCID-7jt2-zr49-7ye5

vulnerability	VCID-95et-ezmb-buau

vulnerability	VCID-9nbw-7c9e-13af

vulnerability	VCID-av7u-3g4m-mugm

vulnerability	VCID-bwth-uepr-z7a3

vulnerability	VCID-cjsm-7gxr-8ygw

vulnerability	VCID-d16s-p141-qbft

vulnerability	VCID-f81v-9fv8-93cd

vulnerability	VCID-fxjm-ywug-f3d5

vulnerability	VCID-hk2m-rbdy-nqhc

vulnerability	VCID-ma29-qa7e-9qb4

vulnerability	VCID-nge1-4cvg-zqb2

vulnerability	VCID-nyum-jpbc-abew

vulnerability	VCID-p6yz-xs58-u3gm

vulnerability	VCID-pfmd-zv8f-8bfc

vulnerability	VCID-q689-wneh-hbdq

vulnerability	VCID-q8qp-5szp-mfe8

vulnerability	VCID-ruqn-mk9t-57hb

vulnerability	VCID-tv7r-qf2c-dqbm

vulnerability	VCID-w98r-yagc-kkec

vulnerability	VCID-z6tm-b352-5uhk

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.9.1esr-1%3Fdistro=trixie

url pkg:deb/debian/firefox-esr@140.10.0esr-1?distro=trixie

purl pkg:deb/debian/firefox-esr@140.10.0esr-1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1y9d-wx59-fyh2

vulnerability	VCID-9uk1-zvat-5qc9

vulnerability	VCID-f81v-9fv8-93cd

vulnerability	VCID-ndwm-svz7-5uen

vulnerability	VCID-zkbj-717t-j3hw

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.0esr-1%3Fdistro=trixie

url pkg:deb/debian/firefox-esr@140.10.1esr-1?distro=trixie

purl pkg:deb/debian/firefox-esr@140.10.1esr-1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-f81v-9fv8-93cd

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.1esr-1%3Fdistro=trixie

aliases CVE-2019-9793

risk_score 4.5

exploitability 0.5

weighted_severity 9.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-drcd-xhd2-27hn

url VCID-rhzx-ha7x-dfew

vulnerability_id VCID-rhzx-ha7x-dfew

summary

Multiple vulnerabilities have been found in Mozilla Thunderbird and
    Firefox, the worst of which could lead to the execution of arbitrary code.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-9791.json

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-9791.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2019-9791

reference_id

reference_type

scores

value	0.38066
scoring_system	epss
scoring_elements	0.97233
published_at	2026-04-29T12:55:00Z

value	0.38066
scoring_system	epss
scoring_elements	0.97217
published_at	2026-04-13T12:55:00Z

value	0.38066
scoring_system	epss
scoring_elements	0.97225
published_at	2026-04-16T12:55:00Z

value	0.38066
scoring_system	epss
scoring_elements	0.97228
published_at	2026-04-18T12:55:00Z

value	0.38066
scoring_system	epss
scoring_elements	0.97231
published_at	2026-04-24T12:55:00Z

value	0.38066
scoring_system	epss
scoring_elements	0.97232
published_at	2026-04-26T12:55:00Z

value	0.38066
scoring_system	epss
scoring_elements	0.97188
published_at	2026-04-01T12:55:00Z

value	0.38066
scoring_system	epss
scoring_elements	0.97194
published_at	2026-04-02T12:55:00Z

value	0.38066
scoring_system	epss
scoring_elements	0.972
published_at	2026-04-04T12:55:00Z

value	0.38066
scoring_system	epss
scoring_elements	0.97201
published_at	2026-04-07T12:55:00Z

value	0.38066
scoring_system	epss
scoring_elements	0.97211
published_at	2026-04-08T12:55:00Z

value	0.38066
scoring_system	epss
scoring_elements	0.97212
published_at	2026-04-09T12:55:00Z

value	0.38066
scoring_system	epss
scoring_elements	0.97216
published_at	2026-04-11T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2019-9791

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-18506
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-18506

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9788
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9788

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9790
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9790

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9791
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9791

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9792
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9792

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9793
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9793

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9795
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9795

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9796
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9796

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1690676
reference_id	1690676
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1690676

reference_url	https://security.archlinux.org/ASA-201903-11
reference_id	ASA-201903-11
reference_type
scores
url	https://security.archlinux.org/ASA-201903-11

reference_url

https://security.archlinux.org/AVG-925

reference_id

AVG-925

reference_type

scores

value	Critical
scoring_system	archlinux
scoring_elements

url

https://security.archlinux.org/AVG-925

reference_url	https://bugs.chromium.org/p/project-zero/issues/detail?id=1791
reference_id	CVE-2019-9791
reference_type	exploit
scores
url	https://bugs.chromium.org/p/project-zero/issues/detail?id=1791

reference_url	https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/dos/46613.js
reference_id	CVE-2019-9791
reference_type	exploit
scores
url	https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/dos/46613.js

reference_url	https://security.gentoo.org/glsa/201904-07
reference_id	GLSA-201904-07
reference_type
scores
url	https://security.gentoo.org/glsa/201904-07

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2019-07

reference_id

mfsa2019-07

reference_type

scores

value	critical
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2019-07

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2019-08

reference_id

mfsa2019-08

reference_type

scores

value	critical
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2019-08

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2019-11

reference_id

mfsa2019-11

reference_type

scores

value	critical
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2019-11

reference_url	https://access.redhat.com/errata/RHSA-2019:0622
reference_id	RHSA-2019:0622
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2019:0622

reference_url	https://access.redhat.com/errata/RHSA-2019:0623
reference_id	RHSA-2019:0623
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2019:0623

reference_url	https://access.redhat.com/errata/RHSA-2019:0680
reference_id	RHSA-2019:0680
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2019:0680

reference_url	https://access.redhat.com/errata/RHSA-2019:0681
reference_id	RHSA-2019:0681
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2019:0681

reference_url	https://access.redhat.com/errata/RHSA-2019:0966
reference_id	RHSA-2019:0966
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2019:0966

reference_url	https://access.redhat.com/errata/RHSA-2019:1144
reference_id	RHSA-2019:1144
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2019:1144

reference_url	https://usn.ubuntu.com/3918-1/
reference_id	USN-3918-1
reference_type
scores
url	https://usn.ubuntu.com/3918-1/

reference_url	https://usn.ubuntu.com/3918-2/
reference_id	USN-3918-2
reference_type
scores
url	https://usn.ubuntu.com/3918-2/

reference_url	https://usn.ubuntu.com/3927-1/
reference_id	USN-3927-1
reference_type
scores
url	https://usn.ubuntu.com/3927-1/

fixed_packages

url	pkg:deb/debian/firefox-esr@60.6.0esr-1?distro=trixie
purl	pkg:deb/debian/firefox-esr@60.6.0esr-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@60.6.0esr-1%3Fdistro=trixie

url pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1?distro=trixie

purl pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2fqb-r5zb-a7dp

vulnerability	VCID-3kv6-c148-nkhq

vulnerability	VCID-59d3-343b-e3aw

vulnerability	VCID-5dw5-vpt8-zqbz

vulnerability	VCID-61r1-arbe-dke4

vulnerability	VCID-7jt2-zr49-7ye5

vulnerability	VCID-95et-ezmb-buau

vulnerability	VCID-9ag7-z86d-nba9

vulnerability	VCID-9nbw-7c9e-13af

vulnerability	VCID-av7u-3g4m-mugm

vulnerability	VCID-bwth-uepr-z7a3

vulnerability	VCID-cjsm-7gxr-8ygw

vulnerability	VCID-d16s-p141-qbft

vulnerability	VCID-fxjm-ywug-f3d5

vulnerability	VCID-hk2m-rbdy-nqhc

vulnerability	VCID-ma29-qa7e-9qb4

vulnerability	VCID-nge1-4cvg-zqb2

vulnerability	VCID-nyum-jpbc-abew

vulnerability	VCID-p6yz-xs58-u3gm

vulnerability	VCID-pfmd-zv8f-8bfc

vulnerability	VCID-q689-wneh-hbdq

vulnerability	VCID-q8qp-5szp-mfe8

vulnerability	VCID-qbzp-euvv-q7c7

vulnerability	VCID-ruqn-mk9t-57hb

vulnerability	VCID-tv7r-qf2c-dqbm

vulnerability	VCID-w98r-yagc-kkec

vulnerability	VCID-z6tm-b352-5uhk

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1%3Fdistro=trixie

url pkg:deb/debian/firefox-esr@128.14.0esr-1~deb12u1?distro=trixie

purl pkg:deb/debian/firefox-esr@128.14.0esr-1~deb12u1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-f81v-9fv8-93cd

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@128.14.0esr-1~deb12u1%3Fdistro=trixie

url pkg:deb/debian/firefox-esr@140.8.0esr-1~deb13u1?distro=trixie

purl pkg:deb/debian/firefox-esr@140.8.0esr-1~deb13u1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-f81v-9fv8-93cd

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.8.0esr-1~deb13u1%3Fdistro=trixie

url pkg:deb/debian/firefox-esr@140.9.0esr-1?distro=trixie

purl pkg:deb/debian/firefox-esr@140.9.0esr-1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-5dw5-vpt8-zqbz

vulnerability	VCID-9ag7-z86d-nba9

vulnerability	VCID-f81v-9fv8-93cd

vulnerability	VCID-qbzp-euvv-q7c7

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.9.0esr-1%3Fdistro=trixie

url pkg:deb/debian/firefox-esr@140.9.1esr-1?distro=trixie

purl pkg:deb/debian/firefox-esr@140.9.1esr-1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2fqb-r5zb-a7dp

vulnerability	VCID-3kv6-c148-nkhq

vulnerability	VCID-59d3-343b-e3aw

vulnerability	VCID-61r1-arbe-dke4

vulnerability	VCID-7jt2-zr49-7ye5

vulnerability	VCID-95et-ezmb-buau

vulnerability	VCID-9nbw-7c9e-13af

vulnerability	VCID-av7u-3g4m-mugm

vulnerability	VCID-bwth-uepr-z7a3

vulnerability	VCID-cjsm-7gxr-8ygw

vulnerability	VCID-d16s-p141-qbft

vulnerability	VCID-f81v-9fv8-93cd

vulnerability	VCID-fxjm-ywug-f3d5

vulnerability	VCID-hk2m-rbdy-nqhc

vulnerability	VCID-ma29-qa7e-9qb4

vulnerability	VCID-nge1-4cvg-zqb2

vulnerability	VCID-nyum-jpbc-abew

vulnerability	VCID-p6yz-xs58-u3gm

vulnerability	VCID-pfmd-zv8f-8bfc

vulnerability	VCID-q689-wneh-hbdq

vulnerability	VCID-q8qp-5szp-mfe8

vulnerability	VCID-ruqn-mk9t-57hb

vulnerability	VCID-tv7r-qf2c-dqbm

vulnerability	VCID-w98r-yagc-kkec

vulnerability	VCID-z6tm-b352-5uhk

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.9.1esr-1%3Fdistro=trixie

url pkg:deb/debian/firefox-esr@140.10.0esr-1?distro=trixie

purl pkg:deb/debian/firefox-esr@140.10.0esr-1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1y9d-wx59-fyh2

vulnerability	VCID-9uk1-zvat-5qc9

vulnerability	VCID-f81v-9fv8-93cd

vulnerability	VCID-ndwm-svz7-5uen

vulnerability	VCID-zkbj-717t-j3hw

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.0esr-1%3Fdistro=trixie

url pkg:deb/debian/firefox-esr@140.10.1esr-1?distro=trixie

purl pkg:deb/debian/firefox-esr@140.10.1esr-1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-f81v-9fv8-93cd

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.1esr-1%3Fdistro=trixie

aliases CVE-2019-9791

risk_score 10.0

exploitability 2.0

weighted_severity 9.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-rhzx-ha7x-dfew

url VCID-vrvn-krwb-d3dr

vulnerability_id VCID-vrvn-krwb-d3dr

summary

Multiple vulnerabilities have been found in Mozilla Thunderbird and
    Firefox, the worst of which could lead to the execution of arbitrary code.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-9795.json

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-9795.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2019-9795

reference_id

reference_type

scores

value	0.00714
scoring_system	epss
scoring_elements	0.72408
published_at	2026-04-29T12:55:00Z

value	0.00714
scoring_system	epss
scoring_elements	0.72363
published_at	2026-04-16T12:55:00Z

value	0.00714
scoring_system	epss
scoring_elements	0.72372
published_at	2026-04-18T12:55:00Z

value	0.00714
scoring_system	epss
scoring_elements	0.7236
published_at	2026-04-21T12:55:00Z

value	0.00714
scoring_system	epss
scoring_elements	0.72403
published_at	2026-04-24T12:55:00Z

value	0.00714
scoring_system	epss
scoring_elements	0.72412
published_at	2026-04-26T12:55:00Z

value	0.00714
scoring_system	epss
scoring_elements	0.72274
published_at	2026-04-01T12:55:00Z

value	0.00714
scoring_system	epss
scoring_elements	0.7228
published_at	2026-04-02T12:55:00Z

value	0.00714
scoring_system	epss
scoring_elements	0.72299
published_at	2026-04-04T12:55:00Z

value	0.00714
scoring_system	epss
scoring_elements	0.72276
published_at	2026-04-07T12:55:00Z

value	0.00714
scoring_system	epss
scoring_elements	0.72315
published_at	2026-04-08T12:55:00Z

value	0.00714
scoring_system	epss
scoring_elements	0.72327
published_at	2026-04-09T12:55:00Z

value	0.00714
scoring_system	epss
scoring_elements	0.7235
published_at	2026-04-11T12:55:00Z

value	0.00714
scoring_system	epss
scoring_elements	0.72333
published_at	2026-04-12T12:55:00Z

value	0.00714
scoring_system	epss
scoring_elements	0.72321
published_at	2026-04-13T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2019-9795

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-18506
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-18506

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9788
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9788

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9790
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9790

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9791
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9791

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9792
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9792

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9793
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9793

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9795
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9795

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9796
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9796

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1690680
reference_id	1690680
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1690680

reference_url	https://security.archlinux.org/ASA-201903-11
reference_id	ASA-201903-11
reference_type
scores
url	https://security.archlinux.org/ASA-201903-11

reference_url

https://security.archlinux.org/AVG-925

reference_id

AVG-925

reference_type

scores

value	Critical
scoring_system	archlinux
scoring_elements

url

https://security.archlinux.org/AVG-925

reference_url	https://security.gentoo.org/glsa/201904-07
reference_id	GLSA-201904-07
reference_type
scores
url	https://security.gentoo.org/glsa/201904-07

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2019-07

reference_id

mfsa2019-07

reference_type

scores

value	critical
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2019-07

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2019-08

reference_id

mfsa2019-08

reference_type

scores

value	critical
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2019-08

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2019-11

reference_id

mfsa2019-11

reference_type

scores

value	critical
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2019-11

reference_url	https://access.redhat.com/errata/RHSA-2019:0622
reference_id	RHSA-2019:0622
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2019:0622

reference_url	https://access.redhat.com/errata/RHSA-2019:0623
reference_id	RHSA-2019:0623
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2019:0623

reference_url	https://access.redhat.com/errata/RHSA-2019:0680
reference_id	RHSA-2019:0680
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2019:0680

reference_url	https://access.redhat.com/errata/RHSA-2019:0681
reference_id	RHSA-2019:0681
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2019:0681

reference_url	https://access.redhat.com/errata/RHSA-2019:0966
reference_id	RHSA-2019:0966
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2019:0966

reference_url	https://access.redhat.com/errata/RHSA-2019:1144
reference_id	RHSA-2019:1144
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2019:1144

reference_url	https://usn.ubuntu.com/3918-1/
reference_id	USN-3918-1
reference_type
scores
url	https://usn.ubuntu.com/3918-1/

reference_url	https://usn.ubuntu.com/3918-2/
reference_id	USN-3918-2
reference_type
scores
url	https://usn.ubuntu.com/3918-2/

reference_url	https://usn.ubuntu.com/3927-1/
reference_id	USN-3927-1
reference_type
scores
url	https://usn.ubuntu.com/3927-1/

fixed_packages

url	pkg:deb/debian/firefox-esr@60.6.0esr-1?distro=trixie
purl	pkg:deb/debian/firefox-esr@60.6.0esr-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@60.6.0esr-1%3Fdistro=trixie

url pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1?distro=trixie

purl pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2fqb-r5zb-a7dp

vulnerability	VCID-3kv6-c148-nkhq

vulnerability	VCID-59d3-343b-e3aw

vulnerability	VCID-5dw5-vpt8-zqbz

vulnerability	VCID-61r1-arbe-dke4

vulnerability	VCID-7jt2-zr49-7ye5

vulnerability	VCID-95et-ezmb-buau

vulnerability	VCID-9ag7-z86d-nba9

vulnerability	VCID-9nbw-7c9e-13af

vulnerability	VCID-av7u-3g4m-mugm

vulnerability	VCID-bwth-uepr-z7a3

vulnerability	VCID-cjsm-7gxr-8ygw

vulnerability	VCID-d16s-p141-qbft

vulnerability	VCID-fxjm-ywug-f3d5

vulnerability	VCID-hk2m-rbdy-nqhc

vulnerability	VCID-ma29-qa7e-9qb4

vulnerability	VCID-nge1-4cvg-zqb2

vulnerability	VCID-nyum-jpbc-abew

vulnerability	VCID-p6yz-xs58-u3gm

vulnerability	VCID-pfmd-zv8f-8bfc

vulnerability	VCID-q689-wneh-hbdq

vulnerability	VCID-q8qp-5szp-mfe8

vulnerability	VCID-qbzp-euvv-q7c7

vulnerability	VCID-ruqn-mk9t-57hb

vulnerability	VCID-tv7r-qf2c-dqbm

vulnerability	VCID-w98r-yagc-kkec

vulnerability	VCID-z6tm-b352-5uhk

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1%3Fdistro=trixie

url pkg:deb/debian/firefox-esr@128.14.0esr-1~deb12u1?distro=trixie

purl pkg:deb/debian/firefox-esr@128.14.0esr-1~deb12u1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-f81v-9fv8-93cd

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@128.14.0esr-1~deb12u1%3Fdistro=trixie

url pkg:deb/debian/firefox-esr@140.8.0esr-1~deb13u1?distro=trixie

purl pkg:deb/debian/firefox-esr@140.8.0esr-1~deb13u1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-f81v-9fv8-93cd

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.8.0esr-1~deb13u1%3Fdistro=trixie

url pkg:deb/debian/firefox-esr@140.9.0esr-1?distro=trixie

purl pkg:deb/debian/firefox-esr@140.9.0esr-1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-5dw5-vpt8-zqbz

vulnerability	VCID-9ag7-z86d-nba9

vulnerability	VCID-f81v-9fv8-93cd

vulnerability	VCID-qbzp-euvv-q7c7

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.9.0esr-1%3Fdistro=trixie

url pkg:deb/debian/firefox-esr@140.9.1esr-1?distro=trixie

purl pkg:deb/debian/firefox-esr@140.9.1esr-1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2fqb-r5zb-a7dp

vulnerability	VCID-3kv6-c148-nkhq

vulnerability	VCID-59d3-343b-e3aw

vulnerability	VCID-61r1-arbe-dke4

vulnerability	VCID-7jt2-zr49-7ye5

vulnerability	VCID-95et-ezmb-buau

vulnerability	VCID-9nbw-7c9e-13af

vulnerability	VCID-av7u-3g4m-mugm

vulnerability	VCID-bwth-uepr-z7a3

vulnerability	VCID-cjsm-7gxr-8ygw

vulnerability	VCID-d16s-p141-qbft

vulnerability	VCID-f81v-9fv8-93cd

vulnerability	VCID-fxjm-ywug-f3d5

vulnerability	VCID-hk2m-rbdy-nqhc

vulnerability	VCID-ma29-qa7e-9qb4

vulnerability	VCID-nge1-4cvg-zqb2

vulnerability	VCID-nyum-jpbc-abew

vulnerability	VCID-p6yz-xs58-u3gm

vulnerability	VCID-pfmd-zv8f-8bfc

vulnerability	VCID-q689-wneh-hbdq

vulnerability	VCID-q8qp-5szp-mfe8

vulnerability	VCID-ruqn-mk9t-57hb

vulnerability	VCID-tv7r-qf2c-dqbm

vulnerability	VCID-w98r-yagc-kkec

vulnerability	VCID-z6tm-b352-5uhk

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.9.1esr-1%3Fdistro=trixie

url pkg:deb/debian/firefox-esr@140.10.0esr-1?distro=trixie

purl pkg:deb/debian/firefox-esr@140.10.0esr-1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1y9d-wx59-fyh2

vulnerability	VCID-9uk1-zvat-5qc9

vulnerability	VCID-f81v-9fv8-93cd

vulnerability	VCID-ndwm-svz7-5uen

vulnerability	VCID-zkbj-717t-j3hw

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.0esr-1%3Fdistro=trixie

url pkg:deb/debian/firefox-esr@140.10.1esr-1?distro=trixie

purl pkg:deb/debian/firefox-esr@140.10.1esr-1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-f81v-9fv8-93cd

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.1esr-1%3Fdistro=trixie

aliases CVE-2019-9795

risk_score 4.5

exploitability 0.5

weighted_severity 9.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-vrvn-krwb-d3dr

url VCID-wwck-cpa8-y3c5

vulnerability_id VCID-wwck-cpa8-y3c5

summary

Multiple vulnerabilities have been found in Mozilla Thunderbird and
    Firefox, the worst of which could lead to the execution of arbitrary code.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-9792.json

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-9792.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2019-9792

reference_id

reference_type

scores

value	0.18866
scoring_system	epss
scoring_elements	0.95322
published_at	2026-04-29T12:55:00Z

value	0.18866
scoring_system	epss
scoring_elements	0.95309
published_at	2026-04-16T12:55:00Z

value	0.18866
scoring_system	epss
scoring_elements	0.95313
published_at	2026-04-18T12:55:00Z

value	0.18866
scoring_system	epss
scoring_elements	0.95317
published_at	2026-04-21T12:55:00Z

value	0.18866
scoring_system	epss
scoring_elements	0.95318
published_at	2026-04-24T12:55:00Z

value	0.18866
scoring_system	epss
scoring_elements	0.9532
published_at	2026-04-26T12:55:00Z

value	0.18866
scoring_system	epss
scoring_elements	0.95263
published_at	2026-04-01T12:55:00Z

value	0.18866
scoring_system	epss
scoring_elements	0.95274
published_at	2026-04-02T12:55:00Z

value	0.18866
scoring_system	epss
scoring_elements	0.95279
published_at	2026-04-04T12:55:00Z

value	0.18866
scoring_system	epss
scoring_elements	0.95284
published_at	2026-04-07T12:55:00Z

value	0.18866
scoring_system	epss
scoring_elements	0.95292
published_at	2026-04-08T12:55:00Z

value	0.18866
scoring_system	epss
scoring_elements	0.95295
published_at	2026-04-09T12:55:00Z

value	0.18866
scoring_system	epss
scoring_elements	0.953
published_at	2026-04-12T12:55:00Z

value	0.18866
scoring_system	epss
scoring_elements	0.95302
published_at	2026-04-13T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2019-9792

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-18506
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-18506

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9788
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9788

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9790
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9790

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9791
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9791

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9792
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9792

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9793
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9793

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9795
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9795

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9796
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9796

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	5.3
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:N

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1690677
reference_id	1690677
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1690677

reference_url	https://security.archlinux.org/ASA-201903-11
reference_id	ASA-201903-11
reference_type
scores
url	https://security.archlinux.org/ASA-201903-11

reference_url

https://security.archlinux.org/AVG-925

reference_id

AVG-925

reference_type

scores

value	Critical
scoring_system	archlinux
scoring_elements

url

https://security.archlinux.org/AVG-925

reference_url	https://bugs.chromium.org/p/project-zero/issues/detail?id=1794
reference_id	CVE-2019-9792
reference_type	exploit
scores
url	https://bugs.chromium.org/p/project-zero/issues/detail?id=1794

reference_url	https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/dos/46939.txt
reference_id	CVE-2019-9792
reference_type	exploit
scores
url	https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/dos/46939.txt

reference_url	https://security.gentoo.org/glsa/201904-07
reference_id	GLSA-201904-07
reference_type
scores
url	https://security.gentoo.org/glsa/201904-07

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2019-07

reference_id

mfsa2019-07

reference_type

scores

value	critical
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2019-07

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2019-08

reference_id

mfsa2019-08

reference_type

scores

value	critical
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2019-08

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2019-11

reference_id

mfsa2019-11

reference_type

scores

value	critical
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2019-11

reference_url	https://access.redhat.com/errata/RHSA-2019:0622
reference_id	RHSA-2019:0622
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2019:0622

reference_url	https://access.redhat.com/errata/RHSA-2019:0623
reference_id	RHSA-2019:0623
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2019:0623

reference_url	https://access.redhat.com/errata/RHSA-2019:0680
reference_id	RHSA-2019:0680
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2019:0680

reference_url	https://access.redhat.com/errata/RHSA-2019:0681
reference_id	RHSA-2019:0681
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2019:0681

reference_url	https://access.redhat.com/errata/RHSA-2019:0966
reference_id	RHSA-2019:0966
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2019:0966

reference_url	https://access.redhat.com/errata/RHSA-2019:1144
reference_id	RHSA-2019:1144
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2019:1144

reference_url	https://usn.ubuntu.com/3918-1/
reference_id	USN-3918-1
reference_type
scores
url	https://usn.ubuntu.com/3918-1/

reference_url	https://usn.ubuntu.com/3918-2/
reference_id	USN-3918-2
reference_type
scores
url	https://usn.ubuntu.com/3918-2/

reference_url	https://usn.ubuntu.com/3927-1/
reference_id	USN-3927-1
reference_type
scores
url	https://usn.ubuntu.com/3927-1/

fixed_packages

url	pkg:deb/debian/firefox-esr@60.6.0esr-1?distro=trixie
purl	pkg:deb/debian/firefox-esr@60.6.0esr-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@60.6.0esr-1%3Fdistro=trixie

url pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1?distro=trixie

purl pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2fqb-r5zb-a7dp

vulnerability	VCID-3kv6-c148-nkhq

vulnerability	VCID-59d3-343b-e3aw

vulnerability	VCID-5dw5-vpt8-zqbz

vulnerability	VCID-61r1-arbe-dke4

vulnerability	VCID-7jt2-zr49-7ye5

vulnerability	VCID-95et-ezmb-buau

vulnerability	VCID-9ag7-z86d-nba9

vulnerability	VCID-9nbw-7c9e-13af

vulnerability	VCID-av7u-3g4m-mugm

vulnerability	VCID-bwth-uepr-z7a3

vulnerability	VCID-cjsm-7gxr-8ygw

vulnerability	VCID-d16s-p141-qbft

vulnerability	VCID-fxjm-ywug-f3d5

vulnerability	VCID-hk2m-rbdy-nqhc

vulnerability	VCID-ma29-qa7e-9qb4

vulnerability	VCID-nge1-4cvg-zqb2

vulnerability	VCID-nyum-jpbc-abew

vulnerability	VCID-p6yz-xs58-u3gm

vulnerability	VCID-pfmd-zv8f-8bfc

vulnerability	VCID-q689-wneh-hbdq

vulnerability	VCID-q8qp-5szp-mfe8

vulnerability	VCID-qbzp-euvv-q7c7

vulnerability	VCID-ruqn-mk9t-57hb

vulnerability	VCID-tv7r-qf2c-dqbm

vulnerability	VCID-w98r-yagc-kkec

vulnerability	VCID-z6tm-b352-5uhk

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1%3Fdistro=trixie

url pkg:deb/debian/firefox-esr@128.14.0esr-1~deb12u1?distro=trixie

purl pkg:deb/debian/firefox-esr@128.14.0esr-1~deb12u1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-f81v-9fv8-93cd

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@128.14.0esr-1~deb12u1%3Fdistro=trixie

url pkg:deb/debian/firefox-esr@140.8.0esr-1~deb13u1?distro=trixie

purl pkg:deb/debian/firefox-esr@140.8.0esr-1~deb13u1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-f81v-9fv8-93cd

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.8.0esr-1~deb13u1%3Fdistro=trixie

url pkg:deb/debian/firefox-esr@140.9.0esr-1?distro=trixie

purl pkg:deb/debian/firefox-esr@140.9.0esr-1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-5dw5-vpt8-zqbz

vulnerability	VCID-9ag7-z86d-nba9

vulnerability	VCID-f81v-9fv8-93cd

vulnerability	VCID-qbzp-euvv-q7c7

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.9.0esr-1%3Fdistro=trixie

url pkg:deb/debian/firefox-esr@140.9.1esr-1?distro=trixie

purl pkg:deb/debian/firefox-esr@140.9.1esr-1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2fqb-r5zb-a7dp

vulnerability	VCID-3kv6-c148-nkhq

vulnerability	VCID-59d3-343b-e3aw

vulnerability	VCID-61r1-arbe-dke4

vulnerability	VCID-7jt2-zr49-7ye5

vulnerability	VCID-95et-ezmb-buau

vulnerability	VCID-9nbw-7c9e-13af

vulnerability	VCID-av7u-3g4m-mugm

vulnerability	VCID-bwth-uepr-z7a3

vulnerability	VCID-cjsm-7gxr-8ygw

vulnerability	VCID-d16s-p141-qbft

vulnerability	VCID-f81v-9fv8-93cd

vulnerability	VCID-fxjm-ywug-f3d5

vulnerability	VCID-hk2m-rbdy-nqhc

vulnerability	VCID-ma29-qa7e-9qb4

vulnerability	VCID-nge1-4cvg-zqb2

vulnerability	VCID-nyum-jpbc-abew

vulnerability	VCID-p6yz-xs58-u3gm

vulnerability	VCID-pfmd-zv8f-8bfc

vulnerability	VCID-q689-wneh-hbdq

vulnerability	VCID-q8qp-5szp-mfe8

vulnerability	VCID-ruqn-mk9t-57hb

vulnerability	VCID-tv7r-qf2c-dqbm

vulnerability	VCID-w98r-yagc-kkec

vulnerability	VCID-z6tm-b352-5uhk

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.9.1esr-1%3Fdistro=trixie

url pkg:deb/debian/firefox-esr@140.10.0esr-1?distro=trixie

purl pkg:deb/debian/firefox-esr@140.10.0esr-1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1y9d-wx59-fyh2

vulnerability	VCID-9uk1-zvat-5qc9

vulnerability	VCID-f81v-9fv8-93cd

vulnerability	VCID-ndwm-svz7-5uen

vulnerability	VCID-zkbj-717t-j3hw

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.0esr-1%3Fdistro=trixie

url pkg:deb/debian/firefox-esr@140.10.1esr-1?distro=trixie

purl pkg:deb/debian/firefox-esr@140.10.1esr-1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-f81v-9fv8-93cd

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.1esr-1%3Fdistro=trixie

aliases CVE-2019-9792

risk_score 10.0

exploitability 2.0

weighted_severity 9.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-wwck-cpa8-y3c5

url VCID-x4sm-zyc1-ffd4

vulnerability_id VCID-x4sm-zyc1-ffd4

summary

Multiple vulnerabilities have been found in Mozilla Thunderbird and
    Firefox, the worst of which could lead to the execution of arbitrary code.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-9796.json

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-9796.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2019-9796

reference_id

reference_type

scores

value	0.00714
scoring_system	epss
scoring_elements	0.72408
published_at	2026-04-29T12:55:00Z

value	0.00714
scoring_system	epss
scoring_elements	0.72363
published_at	2026-04-16T12:55:00Z

value	0.00714
scoring_system	epss
scoring_elements	0.72372
published_at	2026-04-18T12:55:00Z

value	0.00714
scoring_system	epss
scoring_elements	0.7236
published_at	2026-04-21T12:55:00Z

value	0.00714
scoring_system	epss
scoring_elements	0.72403
published_at	2026-04-24T12:55:00Z

value	0.00714
scoring_system	epss
scoring_elements	0.72412
published_at	2026-04-26T12:55:00Z

value	0.00714
scoring_system	epss
scoring_elements	0.72274
published_at	2026-04-01T12:55:00Z

value	0.00714
scoring_system	epss
scoring_elements	0.7228
published_at	2026-04-02T12:55:00Z

value	0.00714
scoring_system	epss
scoring_elements	0.72299
published_at	2026-04-04T12:55:00Z

value	0.00714
scoring_system	epss
scoring_elements	0.72276
published_at	2026-04-07T12:55:00Z

value	0.00714
scoring_system	epss
scoring_elements	0.72315
published_at	2026-04-08T12:55:00Z

value	0.00714
scoring_system	epss
scoring_elements	0.72327
published_at	2026-04-09T12:55:00Z

value	0.00714
scoring_system	epss
scoring_elements	0.7235
published_at	2026-04-11T12:55:00Z

value	0.00714
scoring_system	epss
scoring_elements	0.72333
published_at	2026-04-12T12:55:00Z

value	0.00714
scoring_system	epss
scoring_elements	0.72321
published_at	2026-04-13T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2019-9796

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-18506
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-18506

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9788
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9788

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9790
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9790

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9791
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9791

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9792
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9792

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9793
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9793

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9795
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9795

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9796
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9796

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1690681
reference_id	1690681
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1690681

reference_url	https://security.archlinux.org/ASA-201903-11
reference_id	ASA-201903-11
reference_type
scores
url	https://security.archlinux.org/ASA-201903-11

reference_url

https://security.archlinux.org/AVG-925

reference_id

AVG-925

reference_type

scores

value	Critical
scoring_system	archlinux
scoring_elements

url

https://security.archlinux.org/AVG-925

reference_url	https://security.gentoo.org/glsa/201904-07
reference_id	GLSA-201904-07
reference_type
scores
url	https://security.gentoo.org/glsa/201904-07

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2019-07

reference_id

mfsa2019-07

reference_type

scores

value	critical
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2019-07

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2019-08

reference_id

mfsa2019-08

reference_type

scores

value	critical
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2019-08

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2019-11

reference_id

mfsa2019-11

reference_type

scores

value	critical
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2019-11

reference_url	https://access.redhat.com/errata/RHSA-2019:0622
reference_id	RHSA-2019:0622
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2019:0622

reference_url	https://access.redhat.com/errata/RHSA-2019:0623
reference_id	RHSA-2019:0623
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2019:0623

reference_url	https://access.redhat.com/errata/RHSA-2019:0680
reference_id	RHSA-2019:0680
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2019:0680

reference_url	https://access.redhat.com/errata/RHSA-2019:0681
reference_id	RHSA-2019:0681
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2019:0681

reference_url	https://access.redhat.com/errata/RHSA-2019:0966
reference_id	RHSA-2019:0966
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2019:0966

reference_url	https://access.redhat.com/errata/RHSA-2019:1144
reference_id	RHSA-2019:1144
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2019:1144

reference_url	https://usn.ubuntu.com/3918-1/
reference_id	USN-3918-1
reference_type
scores
url	https://usn.ubuntu.com/3918-1/

reference_url	https://usn.ubuntu.com/3918-2/
reference_id	USN-3918-2
reference_type
scores
url	https://usn.ubuntu.com/3918-2/

reference_url	https://usn.ubuntu.com/3927-1/
reference_id	USN-3927-1
reference_type
scores
url	https://usn.ubuntu.com/3927-1/

fixed_packages

url	pkg:deb/debian/firefox-esr@60.6.0esr-1?distro=trixie
purl	pkg:deb/debian/firefox-esr@60.6.0esr-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@60.6.0esr-1%3Fdistro=trixie

url pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1?distro=trixie

purl pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2fqb-r5zb-a7dp

vulnerability	VCID-3kv6-c148-nkhq

vulnerability	VCID-59d3-343b-e3aw

vulnerability	VCID-5dw5-vpt8-zqbz

vulnerability	VCID-61r1-arbe-dke4

vulnerability	VCID-7jt2-zr49-7ye5

vulnerability	VCID-95et-ezmb-buau

vulnerability	VCID-9ag7-z86d-nba9

vulnerability	VCID-9nbw-7c9e-13af

vulnerability	VCID-av7u-3g4m-mugm

vulnerability	VCID-bwth-uepr-z7a3

vulnerability	VCID-cjsm-7gxr-8ygw

vulnerability	VCID-d16s-p141-qbft

vulnerability	VCID-fxjm-ywug-f3d5

vulnerability	VCID-hk2m-rbdy-nqhc

vulnerability	VCID-ma29-qa7e-9qb4

vulnerability	VCID-nge1-4cvg-zqb2

vulnerability	VCID-nyum-jpbc-abew

vulnerability	VCID-p6yz-xs58-u3gm

vulnerability	VCID-pfmd-zv8f-8bfc

vulnerability	VCID-q689-wneh-hbdq

vulnerability	VCID-q8qp-5szp-mfe8

vulnerability	VCID-qbzp-euvv-q7c7

vulnerability	VCID-ruqn-mk9t-57hb

vulnerability	VCID-tv7r-qf2c-dqbm

vulnerability	VCID-w98r-yagc-kkec

vulnerability	VCID-z6tm-b352-5uhk

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1%3Fdistro=trixie

url pkg:deb/debian/firefox-esr@128.14.0esr-1~deb12u1?distro=trixie

purl pkg:deb/debian/firefox-esr@128.14.0esr-1~deb12u1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-f81v-9fv8-93cd

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@128.14.0esr-1~deb12u1%3Fdistro=trixie

url pkg:deb/debian/firefox-esr@140.8.0esr-1~deb13u1?distro=trixie

purl pkg:deb/debian/firefox-esr@140.8.0esr-1~deb13u1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-f81v-9fv8-93cd

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.8.0esr-1~deb13u1%3Fdistro=trixie

url pkg:deb/debian/firefox-esr@140.9.0esr-1?distro=trixie

purl pkg:deb/debian/firefox-esr@140.9.0esr-1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-5dw5-vpt8-zqbz

vulnerability	VCID-9ag7-z86d-nba9

vulnerability	VCID-f81v-9fv8-93cd

vulnerability	VCID-qbzp-euvv-q7c7

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.9.0esr-1%3Fdistro=trixie

url pkg:deb/debian/firefox-esr@140.9.1esr-1?distro=trixie

purl pkg:deb/debian/firefox-esr@140.9.1esr-1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2fqb-r5zb-a7dp

vulnerability	VCID-3kv6-c148-nkhq

vulnerability	VCID-59d3-343b-e3aw

vulnerability	VCID-61r1-arbe-dke4

vulnerability	VCID-7jt2-zr49-7ye5

vulnerability	VCID-95et-ezmb-buau

vulnerability	VCID-9nbw-7c9e-13af

vulnerability	VCID-av7u-3g4m-mugm

vulnerability	VCID-bwth-uepr-z7a3

vulnerability	VCID-cjsm-7gxr-8ygw

vulnerability	VCID-d16s-p141-qbft

vulnerability	VCID-f81v-9fv8-93cd

vulnerability	VCID-fxjm-ywug-f3d5

vulnerability	VCID-hk2m-rbdy-nqhc

vulnerability	VCID-ma29-qa7e-9qb4

vulnerability	VCID-nge1-4cvg-zqb2

vulnerability	VCID-nyum-jpbc-abew

vulnerability	VCID-p6yz-xs58-u3gm

vulnerability	VCID-pfmd-zv8f-8bfc

vulnerability	VCID-q689-wneh-hbdq

vulnerability	VCID-q8qp-5szp-mfe8

vulnerability	VCID-ruqn-mk9t-57hb

vulnerability	VCID-tv7r-qf2c-dqbm

vulnerability	VCID-w98r-yagc-kkec

vulnerability	VCID-z6tm-b352-5uhk

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.9.1esr-1%3Fdistro=trixie

url pkg:deb/debian/firefox-esr@140.10.0esr-1?distro=trixie

purl pkg:deb/debian/firefox-esr@140.10.0esr-1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1y9d-wx59-fyh2

vulnerability	VCID-9uk1-zvat-5qc9

vulnerability	VCID-f81v-9fv8-93cd

vulnerability	VCID-ndwm-svz7-5uen

vulnerability	VCID-zkbj-717t-j3hw

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.0esr-1%3Fdistro=trixie

url pkg:deb/debian/firefox-esr@140.10.1esr-1?distro=trixie

purl pkg:deb/debian/firefox-esr@140.10.1esr-1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-f81v-9fv8-93cd

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.1esr-1%3Fdistro=trixie

aliases CVE-2019-9796

risk_score 4.5

exploitability 0.5

weighted_severity 9.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-x4sm-zyc1-ffd4

Risk_score null

Resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@60.6.0esr-1%3Fdistro=trixie

Package Instance