Package Instance
Lookup for vulnerable packages by Package URL.
GET /api/packages/922267?format=api
{ "url": "http://public2.vulnerablecode.io/api/packages/922267?format=api", "purl": "pkg:deb/debian/firefox-esr@128.6.0esr-1~deb11u3?distro=trixie", "type": "deb", "namespace": "debian", "name": "firefox-esr", "version": "128.6.0esr-1~deb11u3", "qualifiers": { "distro": "trixie" }, "subpath": "", "is_vulnerable": false, "next_non_vulnerable_version": "128.6.0esr-1~deb12u1", "latest_non_vulnerable_version": "140.10.1esr-1~deb13u1", "affected_by_vulnerabilities": [], "fixing_vulnerabilities": [ { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/42004?format=api", "vulnerability_id": "VCID-4zjw-4gjw-pqh1", "summary": "Multiple vulnerabilities have been discovered in Mozilla Firefox, the worst of which can lead to arbitrary code execution.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-0242.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-0242.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-0242", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.02414", "scoring_system": "epss", "scoring_elements": "0.85216", "published_at": "2026-05-09T12:55:00Z" }, { "value": "0.02414", "scoring_system": "epss", "scoring_elements": "0.85152", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.02414", "scoring_system": "epss", "scoring_elements": "0.85161", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.02414", "scoring_system": "epss", "scoring_elements": "0.85158", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.02414", "scoring_system": "epss", "scoring_elements": "0.85172", "published_at": "2026-05-05T12:55:00Z" }, { "value": "0.02414", "scoring_system": "epss", "scoring_elements": "0.85197", "published_at": "2026-05-07T12:55:00Z" }, { "value": "0.02414", "scoring_system": "epss", "scoring_elements": "0.85129", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.02914", "scoring_system": "epss", "scoring_elements": "0.86385", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.02914", "scoring_system": "epss", "scoring_elements": "0.86324", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.02914", "scoring_system": "epss", "scoring_elements": "0.86394", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.02914", "scoring_system": "epss", "scoring_elements": "0.86377", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.02914", "scoring_system": "epss", "scoring_elements": "0.86342", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.02914", "scoring_system": "epss", "scoring_elements": "0.86343", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.02914", "scoring_system": "epss", "scoring_elements": "0.86362", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.02914", "scoring_system": "epss", "scoring_elements": "0.86371", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.02914", "scoring_system": "epss", "scoring_elements": "0.86383", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.02914", "scoring_system": "epss", "scoring_elements": "0.86399", "published_at": "2026-04-18T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-0242" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-0242", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-0242" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2336181", "reference_id": "2336181", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2336181" }, { "reference_url": "https://bugzilla.mozilla.org/buglist.cgi?bug_id=1874523%2C1926454%2C1931873%2C1932169", "reference_id": "buglist.cgi?bug_id=1874523%2C1926454%2C1931873%2C1932169", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-01-08T16:40:52Z/" } ], "url": "https://bugzilla.mozilla.org/buglist.cgi?bug_id=1874523%2C1926454%2C1931873%2C1932169" }, { "reference_url": "https://security.gentoo.org/glsa/202501-10", "reference_id": "GLSA-202501-10", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202501-10" }, { "reference_url": "https://security.gentoo.org/glsa/202505-03", "reference_id": "GLSA-202505-03", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202505-03" }, { "reference_url": "https://security.gentoo.org/glsa/202509-02", "reference_id": "GLSA-202509-02", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202509-02" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-01", "reference_id": "mfsa2025-01", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-01" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2025-01/", "reference_id": "mfsa2025-01", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-01-08T16:40:52Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2025-01/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-02", "reference_id": "mfsa2025-02", "reference_type": "", "scores": [ { "value": "none", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-02" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2025-02/", "reference_id": "mfsa2025-02", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-01-08T16:40:52Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2025-02/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-03", "reference_id": "mfsa2025-03", "reference_type": "", "scores": [ { "value": "none", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-03" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2025-03/", "reference_id": "mfsa2025-03", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-01-08T16:40:52Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2025-03/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-04", "reference_id": "mfsa2025-04", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-04" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2025-04/", "reference_id": "mfsa2025-04", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-01-08T16:40:52Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2025-04/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-05", "reference_id": "mfsa2025-05", "reference_type": "", "scores": [ { "value": "none", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-05" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2025-05/", "reference_id": "mfsa2025-05", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-01-08T16:40:52Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2025-05/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:0080", "reference_id": "RHSA-2025:0080", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:0080" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:0132", "reference_id": "RHSA-2025:0132", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:0132" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:0133", "reference_id": "RHSA-2025:0133", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:0133" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:0134", "reference_id": "RHSA-2025:0134", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:0134" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:0135", "reference_id": "RHSA-2025:0135", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:0135" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:0136", "reference_id": "RHSA-2025:0136", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:0136" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:0137", "reference_id": "RHSA-2025:0137", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:0137" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:0138", "reference_id": "RHSA-2025:0138", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:0138" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:0144", "reference_id": "RHSA-2025:0144", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:0144" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:0147", "reference_id": "RHSA-2025:0147", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:0147" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:0162", "reference_id": "RHSA-2025:0162", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:0162" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:0165", "reference_id": "RHSA-2025:0165", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:0165" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:0166", "reference_id": "RHSA-2025:0166", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:0166" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:0167", "reference_id": "RHSA-2025:0167", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:0167" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:0275", "reference_id": "RHSA-2025:0275", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:0275" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:0281", "reference_id": "RHSA-2025:0281", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:0281" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:0284", "reference_id": "RHSA-2025:0284", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:0284" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:0286", "reference_id": "RHSA-2025:0286", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:0286" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:0287", "reference_id": "RHSA-2025:0287", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:0287" }, { "reference_url": "https://usn.ubuntu.com/7191-1/", "reference_id": "USN-7191-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7191-1/" }, { "reference_url": "https://usn.ubuntu.com/7663-1/", "reference_id": "USN-7663-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7663-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/582079?format=api", "purl": "pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2fqb-r5zb-a7dp" }, { "vulnerability": "VCID-3a6f-173h-fqbz" }, { "vulnerability": "VCID-3kv6-c148-nkhq" }, { "vulnerability": "VCID-4e49-6tg2-e7d9" }, { "vulnerability": "VCID-59d3-343b-e3aw" }, { "vulnerability": "VCID-5dw5-vpt8-zqbz" }, { "vulnerability": "VCID-61r1-arbe-dke4" }, { "vulnerability": "VCID-7jt2-zr49-7ye5" }, { "vulnerability": "VCID-95et-ezmb-buau" }, { "vulnerability": "VCID-9ag7-z86d-nba9" }, { "vulnerability": "VCID-9nbw-7c9e-13af" }, { "vulnerability": "VCID-av7u-3g4m-mugm" }, { "vulnerability": "VCID-bwth-uepr-z7a3" }, { "vulnerability": "VCID-cjsm-7gxr-8ygw" }, { "vulnerability": "VCID-d16s-p141-qbft" }, { "vulnerability": "VCID-fxjm-ywug-f3d5" }, { "vulnerability": "VCID-hk2m-rbdy-nqhc" }, { "vulnerability": "VCID-ma29-qa7e-9qb4" }, { "vulnerability": "VCID-nge1-4cvg-zqb2" }, { "vulnerability": "VCID-nyum-jpbc-abew" }, { "vulnerability": "VCID-p6yz-xs58-u3gm" }, { "vulnerability": "VCID-pfmd-zv8f-8bfc" }, { "vulnerability": "VCID-pszh-x9gd-xyg4" }, { "vulnerability": "VCID-q689-wneh-hbdq" }, { "vulnerability": "VCID-q8qp-5szp-mfe8" }, { "vulnerability": "VCID-qbzp-euvv-q7c7" }, { "vulnerability": "VCID-ruqn-mk9t-57hb" }, { "vulnerability": "VCID-tv7r-qf2c-dqbm" }, { "vulnerability": "VCID-ufku-v5vq-4yef" }, { "vulnerability": "VCID-w98r-yagc-kkec" }, { "vulnerability": "VCID-z6tm-b352-5uhk" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/922267?format=api", "purl": "pkg:deb/debian/firefox-esr@128.6.0esr-1~deb11u3?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@128.6.0esr-1~deb11u3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/922266?format=api", "purl": "pkg:deb/debian/firefox-esr@128.6.0esr-1~deb12u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@128.6.0esr-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/922268?format=api", "purl": "pkg:deb/debian/firefox-esr@128.6.0esr-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@128.6.0esr-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/582080?format=api", "purl": "pkg:deb/debian/firefox-esr@128.14.0esr-1~deb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3a6f-173h-fqbz" }, { "vulnerability": "VCID-4e49-6tg2-e7d9" }, { "vulnerability": "VCID-f81v-9fv8-93cd" }, { "vulnerability": "VCID-pszh-x9gd-xyg4" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@128.14.0esr-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/582081?format=api", "purl": "pkg:deb/debian/firefox-esr@140.8.0esr-1~deb13u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3a6f-173h-fqbz" }, { "vulnerability": "VCID-4e49-6tg2-e7d9" }, { "vulnerability": "VCID-f81v-9fv8-93cd" }, { "vulnerability": "VCID-pszh-x9gd-xyg4" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.8.0esr-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/582082?format=api", "purl": "pkg:deb/debian/firefox-esr@140.9.0esr-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-5dw5-vpt8-zqbz" }, { "vulnerability": "VCID-9ag7-z86d-nba9" }, { "vulnerability": "VCID-f81v-9fv8-93cd" }, { "vulnerability": "VCID-qbzp-euvv-q7c7" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.9.0esr-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1059612?format=api", "purl": "pkg:deb/debian/firefox-esr@140.9.1esr-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2fqb-r5zb-a7dp" }, { "vulnerability": "VCID-3kv6-c148-nkhq" }, { "vulnerability": "VCID-59d3-343b-e3aw" }, { "vulnerability": "VCID-61r1-arbe-dke4" }, { "vulnerability": "VCID-7jt2-zr49-7ye5" }, { "vulnerability": "VCID-95et-ezmb-buau" }, { "vulnerability": "VCID-9nbw-7c9e-13af" }, { "vulnerability": "VCID-av7u-3g4m-mugm" }, { "vulnerability": "VCID-bwth-uepr-z7a3" }, { "vulnerability": "VCID-cjsm-7gxr-8ygw" }, { "vulnerability": "VCID-d16s-p141-qbft" }, { "vulnerability": "VCID-f81v-9fv8-93cd" }, { "vulnerability": "VCID-fxjm-ywug-f3d5" }, { "vulnerability": "VCID-hk2m-rbdy-nqhc" }, { "vulnerability": "VCID-ma29-qa7e-9qb4" }, { "vulnerability": "VCID-nge1-4cvg-zqb2" }, { "vulnerability": "VCID-nyum-jpbc-abew" }, { "vulnerability": "VCID-p6yz-xs58-u3gm" }, { "vulnerability": "VCID-pfmd-zv8f-8bfc" }, { "vulnerability": "VCID-q689-wneh-hbdq" }, { "vulnerability": "VCID-q8qp-5szp-mfe8" }, { "vulnerability": "VCID-ruqn-mk9t-57hb" }, { "vulnerability": "VCID-tv7r-qf2c-dqbm" }, { "vulnerability": "VCID-w98r-yagc-kkec" }, { "vulnerability": "VCID-z6tm-b352-5uhk" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.9.1esr-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1076057?format=api", "purl": "pkg:deb/debian/firefox-esr@140.10.0esr-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1y9d-wx59-fyh2" }, { "vulnerability": "VCID-9uk1-zvat-5qc9" }, { "vulnerability": "VCID-f81v-9fv8-93cd" }, { "vulnerability": "VCID-ndwm-svz7-5uen" }, { "vulnerability": "VCID-zkbj-717t-j3hw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.0esr-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1088671?format=api", "purl": "pkg:deb/debian/firefox-esr@140.10.1esr-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3a6f-173h-fqbz" }, { "vulnerability": "VCID-4e49-6tg2-e7d9" }, { "vulnerability": "VCID-f81v-9fv8-93cd" }, { "vulnerability": "VCID-pszh-x9gd-xyg4" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.1esr-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1105249?format=api", "purl": "pkg:deb/debian/firefox-esr@140.10.2esr-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-f81v-9fv8-93cd" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2025-0242" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-4zjw-4gjw-pqh1" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/42001?format=api", "vulnerability_id": "VCID-f1zm-g4es-vfbz", "summary": "Multiple vulnerabilities have been discovered in Mozilla Firefox, the worst of which can lead to arbitrary code execution.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-0239.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-0239.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-0239", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0003", "scoring_system": "epss", "scoring_elements": "0.08658", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.0003", "scoring_system": "epss", "scoring_elements": "0.08677", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.0003", "scoring_system": "epss", "scoring_elements": "0.08596", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.0003", "scoring_system": "epss", "scoring_elements": "0.0867", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.0003", "scoring_system": "epss", "scoring_elements": "0.08694", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.0003", "scoring_system": "epss", "scoring_elements": "0.08671", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.0003", "scoring_system": "epss", "scoring_elements": "0.08546", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.0003", "scoring_system": "epss", "scoring_elements": "0.08626", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.0003", "scoring_system": "epss", "scoring_elements": "0.08823", "published_at": "2026-05-09T12:55:00Z" }, { "value": "0.0003", "scoring_system": "epss", "scoring_elements": "0.08735", "published_at": "2026-05-07T12:55:00Z" }, { "value": "0.0003", "scoring_system": "epss", "scoring_elements": "0.08593", "published_at": "2026-05-05T12:55:00Z" }, { "value": "0.0003", "scoring_system": "epss", "scoring_elements": "0.08656", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.0003", "scoring_system": "epss", "scoring_elements": "0.08654", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.0003", "scoring_system": "epss", "scoring_elements": "0.08702", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.0003", "scoring_system": "epss", "scoring_elements": "0.08687", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.0003", "scoring_system": "epss", "scoring_elements": "0.08534", "published_at": "2026-04-18T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-0239" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-0239", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-0239" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2336170", "reference_id": "2336170", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2336170" }, { "reference_url": "https://security.gentoo.org/glsa/202501-10", "reference_id": "GLSA-202501-10", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202501-10" }, { "reference_url": "https://security.gentoo.org/glsa/202505-03", "reference_id": "GLSA-202505-03", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202505-03" }, { "reference_url": "https://security.gentoo.org/glsa/202509-02", "reference_id": "GLSA-202509-02", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202509-02" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-01", "reference_id": "mfsa2025-01", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-01" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2025-01/", "reference_id": "mfsa2025-01", "reference_type": "", "scores": [ { "value": "4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-08T16:33:42Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2025-01/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-02", "reference_id": "mfsa2025-02", "reference_type": "", "scores": [ { "value": "none", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-02" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2025-02/", "reference_id": "mfsa2025-02", "reference_type": "", "scores": [ { "value": "4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-08T16:33:42Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2025-02/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-04", "reference_id": "mfsa2025-04", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-04" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2025-04/", "reference_id": "mfsa2025-04", "reference_type": "", "scores": [ { "value": "4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-08T16:33:42Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2025-04/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-05", "reference_id": "mfsa2025-05", "reference_type": "", "scores": [ { "value": "none", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-05" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2025-05/", "reference_id": "mfsa2025-05", "reference_type": "", "scores": [ { "value": "4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-08T16:33:42Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2025-05/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:0080", "reference_id": "RHSA-2025:0080", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:0080" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:0132", "reference_id": "RHSA-2025:0132", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:0132" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:0133", "reference_id": "RHSA-2025:0133", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:0133" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:0134", "reference_id": "RHSA-2025:0134", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:0134" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:0135", "reference_id": "RHSA-2025:0135", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:0135" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:0136", "reference_id": "RHSA-2025:0136", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:0136" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:0137", "reference_id": "RHSA-2025:0137", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:0137" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:0138", "reference_id": "RHSA-2025:0138", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:0138" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:0144", "reference_id": "RHSA-2025:0144", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:0144" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:0147", "reference_id": "RHSA-2025:0147", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:0147" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:0162", "reference_id": "RHSA-2025:0162", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:0162" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:0165", "reference_id": "RHSA-2025:0165", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:0165" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:0166", "reference_id": "RHSA-2025:0166", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:0166" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:0167", "reference_id": "RHSA-2025:0167", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:0167" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:0275", "reference_id": "RHSA-2025:0275", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:0275" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:0281", "reference_id": "RHSA-2025:0281", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:0281" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:0284", "reference_id": "RHSA-2025:0284", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:0284" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:0286", "reference_id": "RHSA-2025:0286", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:0286" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:0287", "reference_id": "RHSA-2025:0287", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:0287" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1929156", "reference_id": "show_bug.cgi?id=1929156", "reference_type": "", "scores": [ { "value": "4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-08T16:33:42Z/" } ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1929156" }, { "reference_url": "https://usn.ubuntu.com/7191-1/", "reference_id": "USN-7191-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7191-1/" }, { "reference_url": "https://usn.ubuntu.com/7991-1/", "reference_id": "USN-7991-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7991-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/582079?format=api", "purl": "pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2fqb-r5zb-a7dp" }, { "vulnerability": "VCID-3a6f-173h-fqbz" }, { "vulnerability": "VCID-3kv6-c148-nkhq" }, { "vulnerability": "VCID-4e49-6tg2-e7d9" }, { "vulnerability": "VCID-59d3-343b-e3aw" }, { "vulnerability": "VCID-5dw5-vpt8-zqbz" }, { "vulnerability": "VCID-61r1-arbe-dke4" }, { "vulnerability": "VCID-7jt2-zr49-7ye5" }, { "vulnerability": "VCID-95et-ezmb-buau" }, { "vulnerability": "VCID-9ag7-z86d-nba9" }, { "vulnerability": "VCID-9nbw-7c9e-13af" }, { "vulnerability": "VCID-av7u-3g4m-mugm" }, { "vulnerability": "VCID-bwth-uepr-z7a3" }, { "vulnerability": "VCID-cjsm-7gxr-8ygw" }, { "vulnerability": "VCID-d16s-p141-qbft" }, { "vulnerability": "VCID-fxjm-ywug-f3d5" }, { "vulnerability": "VCID-hk2m-rbdy-nqhc" }, { "vulnerability": "VCID-ma29-qa7e-9qb4" }, { "vulnerability": "VCID-nge1-4cvg-zqb2" }, { "vulnerability": "VCID-nyum-jpbc-abew" }, { "vulnerability": "VCID-p6yz-xs58-u3gm" }, { "vulnerability": "VCID-pfmd-zv8f-8bfc" }, { "vulnerability": "VCID-pszh-x9gd-xyg4" }, { "vulnerability": "VCID-q689-wneh-hbdq" }, { "vulnerability": "VCID-q8qp-5szp-mfe8" }, { "vulnerability": "VCID-qbzp-euvv-q7c7" }, { "vulnerability": "VCID-ruqn-mk9t-57hb" }, { "vulnerability": "VCID-tv7r-qf2c-dqbm" }, { "vulnerability": "VCID-ufku-v5vq-4yef" }, { "vulnerability": "VCID-w98r-yagc-kkec" }, { "vulnerability": "VCID-z6tm-b352-5uhk" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/922267?format=api", "purl": "pkg:deb/debian/firefox-esr@128.6.0esr-1~deb11u3?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@128.6.0esr-1~deb11u3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/922266?format=api", "purl": "pkg:deb/debian/firefox-esr@128.6.0esr-1~deb12u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@128.6.0esr-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/922268?format=api", "purl": "pkg:deb/debian/firefox-esr@128.6.0esr-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@128.6.0esr-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/582080?format=api", "purl": "pkg:deb/debian/firefox-esr@128.14.0esr-1~deb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3a6f-173h-fqbz" }, { "vulnerability": "VCID-4e49-6tg2-e7d9" }, { "vulnerability": "VCID-f81v-9fv8-93cd" }, { "vulnerability": "VCID-pszh-x9gd-xyg4" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@128.14.0esr-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/582081?format=api", "purl": "pkg:deb/debian/firefox-esr@140.8.0esr-1~deb13u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3a6f-173h-fqbz" }, { "vulnerability": "VCID-4e49-6tg2-e7d9" }, { "vulnerability": "VCID-f81v-9fv8-93cd" }, { "vulnerability": "VCID-pszh-x9gd-xyg4" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.8.0esr-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/582082?format=api", "purl": "pkg:deb/debian/firefox-esr@140.9.0esr-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-5dw5-vpt8-zqbz" }, { "vulnerability": "VCID-9ag7-z86d-nba9" }, { "vulnerability": "VCID-f81v-9fv8-93cd" }, { "vulnerability": "VCID-qbzp-euvv-q7c7" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.9.0esr-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1059612?format=api", "purl": "pkg:deb/debian/firefox-esr@140.9.1esr-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2fqb-r5zb-a7dp" }, { "vulnerability": "VCID-3kv6-c148-nkhq" }, { "vulnerability": "VCID-59d3-343b-e3aw" }, { "vulnerability": "VCID-61r1-arbe-dke4" }, { "vulnerability": "VCID-7jt2-zr49-7ye5" }, { "vulnerability": "VCID-95et-ezmb-buau" }, { "vulnerability": "VCID-9nbw-7c9e-13af" }, { "vulnerability": "VCID-av7u-3g4m-mugm" }, { "vulnerability": "VCID-bwth-uepr-z7a3" }, { "vulnerability": "VCID-cjsm-7gxr-8ygw" }, { "vulnerability": "VCID-d16s-p141-qbft" }, { "vulnerability": "VCID-f81v-9fv8-93cd" }, { "vulnerability": "VCID-fxjm-ywug-f3d5" }, { "vulnerability": "VCID-hk2m-rbdy-nqhc" }, { "vulnerability": "VCID-ma29-qa7e-9qb4" }, { "vulnerability": "VCID-nge1-4cvg-zqb2" }, { "vulnerability": "VCID-nyum-jpbc-abew" }, { "vulnerability": "VCID-p6yz-xs58-u3gm" }, { "vulnerability": "VCID-pfmd-zv8f-8bfc" }, { "vulnerability": "VCID-q689-wneh-hbdq" }, { "vulnerability": "VCID-q8qp-5szp-mfe8" }, { "vulnerability": "VCID-ruqn-mk9t-57hb" }, { "vulnerability": "VCID-tv7r-qf2c-dqbm" }, { "vulnerability": "VCID-w98r-yagc-kkec" }, { "vulnerability": "VCID-z6tm-b352-5uhk" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.9.1esr-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1076057?format=api", "purl": "pkg:deb/debian/firefox-esr@140.10.0esr-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1y9d-wx59-fyh2" }, { "vulnerability": "VCID-9uk1-zvat-5qc9" }, { "vulnerability": "VCID-f81v-9fv8-93cd" }, { "vulnerability": "VCID-ndwm-svz7-5uen" }, { "vulnerability": "VCID-zkbj-717t-j3hw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.0esr-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1088671?format=api", "purl": "pkg:deb/debian/firefox-esr@140.10.1esr-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3a6f-173h-fqbz" }, { "vulnerability": "VCID-4e49-6tg2-e7d9" }, { "vulnerability": "VCID-f81v-9fv8-93cd" }, { "vulnerability": "VCID-pszh-x9gd-xyg4" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.1esr-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1105249?format=api", "purl": "pkg:deb/debian/firefox-esr@140.10.2esr-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-f81v-9fv8-93cd" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2025-0239" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-f1zm-g4es-vfbz" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/42000?format=api", "vulnerability_id": "VCID-j5k8-ztxb-uffb", "summary": "Multiple vulnerabilities have been discovered in Mozilla Firefox, the worst of which can lead to arbitrary code execution.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-0238.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-0238.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-0238", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00117", "scoring_system": "epss", "scoring_elements": "0.30041", "published_at": "2026-05-07T12:55:00Z" }, { "value": "0.00117", "scoring_system": "epss", "scoring_elements": "0.30305", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00117", "scoring_system": "epss", "scoring_elements": "0.3019", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.00117", "scoring_system": "epss", "scoring_elements": "0.30109", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.00117", "scoring_system": "epss", "scoring_elements": "0.29969", "published_at": "2026-05-05T12:55:00Z" }, { "value": "0.00117", "scoring_system": "epss", "scoring_elements": "0.30049", "published_at": "2026-05-09T12:55:00Z" }, { "value": "0.00117", "scoring_system": "epss", "scoring_elements": "0.30485", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00127", "scoring_system": "epss", "scoring_elements": "0.32112", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00127", "scoring_system": "epss", "scoring_elements": "0.32165", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00127", "scoring_system": "epss", "scoring_elements": "0.32076", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00127", "scoring_system": "epss", "scoring_elements": "0.32042", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00127", "scoring_system": "epss", "scoring_elements": "0.32204", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00127", "scoring_system": "epss", "scoring_elements": "0.32027", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00127", "scoring_system": "epss", "scoring_elements": "0.32078", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00127", "scoring_system": "epss", "scoring_elements": "0.32108", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00127", "scoring_system": "epss", "scoring_elements": "0.32073", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00127", "scoring_system": "epss", "scoring_elements": "0.32053", "published_at": "2026-04-18T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-0238" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-0238", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-0238" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2336165", "reference_id": "2336165", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2336165" }, { "reference_url": "https://security.gentoo.org/glsa/202501-10", "reference_id": "GLSA-202501-10", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202501-10" }, { "reference_url": "https://security.gentoo.org/glsa/202505-03", "reference_id": "GLSA-202505-03", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202505-03" }, { "reference_url": "https://security.gentoo.org/glsa/202509-02", "reference_id": "GLSA-202509-02", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202509-02" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-01", "reference_id": "mfsa2025-01", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-01" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2025-01/", "reference_id": "mfsa2025-01", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-08T16:24:00Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2025-01/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-02", "reference_id": "mfsa2025-02", "reference_type": "", "scores": [ { "value": "none", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-02" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2025-02/", "reference_id": "mfsa2025-02", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-08T16:24:00Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2025-02/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-03", "reference_id": "mfsa2025-03", "reference_type": "", "scores": [ { "value": "none", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-03" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2025-03/", "reference_id": "mfsa2025-03", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-08T16:24:00Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2025-03/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-04", "reference_id": "mfsa2025-04", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-04" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2025-04/", "reference_id": "mfsa2025-04", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-08T16:24:00Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2025-04/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-05", "reference_id": "mfsa2025-05", "reference_type": "", "scores": [ { "value": "none", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-05" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2025-05/", "reference_id": "mfsa2025-05", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-08T16:24:00Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2025-05/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:0080", "reference_id": "RHSA-2025:0080", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:0080" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:0132", "reference_id": "RHSA-2025:0132", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:0132" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:0133", "reference_id": "RHSA-2025:0133", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:0133" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:0134", "reference_id": "RHSA-2025:0134", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:0134" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:0135", "reference_id": "RHSA-2025:0135", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:0135" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:0136", "reference_id": "RHSA-2025:0136", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:0136" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:0137", "reference_id": "RHSA-2025:0137", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:0137" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:0138", "reference_id": "RHSA-2025:0138", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:0138" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:0144", "reference_id": "RHSA-2025:0144", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:0144" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:0147", "reference_id": "RHSA-2025:0147", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:0147" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:0162", "reference_id": "RHSA-2025:0162", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:0162" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:0165", "reference_id": "RHSA-2025:0165", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:0165" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:0166", "reference_id": "RHSA-2025:0166", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:0166" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:0167", "reference_id": "RHSA-2025:0167", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:0167" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:0275", "reference_id": "RHSA-2025:0275", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:0275" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:0281", "reference_id": "RHSA-2025:0281", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:0281" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:0284", "reference_id": "RHSA-2025:0284", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:0284" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:0286", "reference_id": "RHSA-2025:0286", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:0286" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:0287", "reference_id": "RHSA-2025:0287", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:0287" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1915535", "reference_id": "show_bug.cgi?id=1915535", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-08T16:24:00Z/" } ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1915535" }, { "reference_url": "https://usn.ubuntu.com/7191-1/", "reference_id": "USN-7191-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7191-1/" }, { "reference_url": "https://usn.ubuntu.com/7663-1/", "reference_id": "USN-7663-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7663-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/582079?format=api", "purl": "pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2fqb-r5zb-a7dp" }, { "vulnerability": "VCID-3a6f-173h-fqbz" }, { "vulnerability": "VCID-3kv6-c148-nkhq" }, { "vulnerability": "VCID-4e49-6tg2-e7d9" }, { "vulnerability": "VCID-59d3-343b-e3aw" }, { "vulnerability": "VCID-5dw5-vpt8-zqbz" }, { "vulnerability": "VCID-61r1-arbe-dke4" }, { "vulnerability": "VCID-7jt2-zr49-7ye5" }, { "vulnerability": "VCID-95et-ezmb-buau" }, { "vulnerability": "VCID-9ag7-z86d-nba9" }, { "vulnerability": "VCID-9nbw-7c9e-13af" }, { "vulnerability": "VCID-av7u-3g4m-mugm" }, { "vulnerability": "VCID-bwth-uepr-z7a3" }, { "vulnerability": "VCID-cjsm-7gxr-8ygw" }, { "vulnerability": "VCID-d16s-p141-qbft" }, { "vulnerability": "VCID-fxjm-ywug-f3d5" }, { "vulnerability": "VCID-hk2m-rbdy-nqhc" }, { "vulnerability": "VCID-ma29-qa7e-9qb4" }, { "vulnerability": "VCID-nge1-4cvg-zqb2" }, { "vulnerability": "VCID-nyum-jpbc-abew" }, { "vulnerability": "VCID-p6yz-xs58-u3gm" }, { "vulnerability": "VCID-pfmd-zv8f-8bfc" }, { "vulnerability": "VCID-pszh-x9gd-xyg4" }, { "vulnerability": "VCID-q689-wneh-hbdq" }, { "vulnerability": "VCID-q8qp-5szp-mfe8" }, { "vulnerability": "VCID-qbzp-euvv-q7c7" }, { "vulnerability": "VCID-ruqn-mk9t-57hb" }, { "vulnerability": "VCID-tv7r-qf2c-dqbm" }, { "vulnerability": "VCID-ufku-v5vq-4yef" }, { "vulnerability": "VCID-w98r-yagc-kkec" }, { "vulnerability": "VCID-z6tm-b352-5uhk" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/922267?format=api", "purl": "pkg:deb/debian/firefox-esr@128.6.0esr-1~deb11u3?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@128.6.0esr-1~deb11u3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/922266?format=api", "purl": "pkg:deb/debian/firefox-esr@128.6.0esr-1~deb12u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@128.6.0esr-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/922268?format=api", "purl": "pkg:deb/debian/firefox-esr@128.6.0esr-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@128.6.0esr-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/582080?format=api", "purl": "pkg:deb/debian/firefox-esr@128.14.0esr-1~deb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3a6f-173h-fqbz" }, { "vulnerability": "VCID-4e49-6tg2-e7d9" }, { "vulnerability": "VCID-f81v-9fv8-93cd" }, { "vulnerability": "VCID-pszh-x9gd-xyg4" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@128.14.0esr-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/582081?format=api", "purl": "pkg:deb/debian/firefox-esr@140.8.0esr-1~deb13u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3a6f-173h-fqbz" }, { "vulnerability": "VCID-4e49-6tg2-e7d9" }, { "vulnerability": "VCID-f81v-9fv8-93cd" }, { "vulnerability": "VCID-pszh-x9gd-xyg4" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.8.0esr-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/582082?format=api", "purl": "pkg:deb/debian/firefox-esr@140.9.0esr-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-5dw5-vpt8-zqbz" }, { "vulnerability": "VCID-9ag7-z86d-nba9" }, { "vulnerability": "VCID-f81v-9fv8-93cd" }, { "vulnerability": "VCID-qbzp-euvv-q7c7" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.9.0esr-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1059612?format=api", "purl": "pkg:deb/debian/firefox-esr@140.9.1esr-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2fqb-r5zb-a7dp" }, { "vulnerability": "VCID-3kv6-c148-nkhq" }, { "vulnerability": "VCID-59d3-343b-e3aw" }, { "vulnerability": "VCID-61r1-arbe-dke4" }, { "vulnerability": "VCID-7jt2-zr49-7ye5" }, { "vulnerability": "VCID-95et-ezmb-buau" }, { "vulnerability": "VCID-9nbw-7c9e-13af" }, { "vulnerability": "VCID-av7u-3g4m-mugm" }, { "vulnerability": "VCID-bwth-uepr-z7a3" }, { "vulnerability": "VCID-cjsm-7gxr-8ygw" }, { "vulnerability": "VCID-d16s-p141-qbft" }, { "vulnerability": "VCID-f81v-9fv8-93cd" }, { "vulnerability": "VCID-fxjm-ywug-f3d5" }, { "vulnerability": "VCID-hk2m-rbdy-nqhc" }, { "vulnerability": "VCID-ma29-qa7e-9qb4" }, { "vulnerability": "VCID-nge1-4cvg-zqb2" }, { "vulnerability": "VCID-nyum-jpbc-abew" }, { "vulnerability": "VCID-p6yz-xs58-u3gm" }, { "vulnerability": "VCID-pfmd-zv8f-8bfc" }, { "vulnerability": "VCID-q689-wneh-hbdq" }, { "vulnerability": "VCID-q8qp-5szp-mfe8" }, { "vulnerability": "VCID-ruqn-mk9t-57hb" }, { "vulnerability": "VCID-tv7r-qf2c-dqbm" }, { "vulnerability": "VCID-w98r-yagc-kkec" }, { "vulnerability": "VCID-z6tm-b352-5uhk" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.9.1esr-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1076057?format=api", "purl": "pkg:deb/debian/firefox-esr@140.10.0esr-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1y9d-wx59-fyh2" }, { "vulnerability": "VCID-9uk1-zvat-5qc9" }, { "vulnerability": "VCID-f81v-9fv8-93cd" }, { "vulnerability": "VCID-ndwm-svz7-5uen" }, { "vulnerability": "VCID-zkbj-717t-j3hw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.0esr-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1088671?format=api", "purl": "pkg:deb/debian/firefox-esr@140.10.1esr-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3a6f-173h-fqbz" }, { "vulnerability": "VCID-4e49-6tg2-e7d9" }, { "vulnerability": "VCID-f81v-9fv8-93cd" }, { "vulnerability": "VCID-pszh-x9gd-xyg4" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.1esr-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1105249?format=api", "purl": "pkg:deb/debian/firefox-esr@140.10.2esr-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-f81v-9fv8-93cd" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2025-0238" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-j5k8-ztxb-uffb" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/42003?format=api", "vulnerability_id": "VCID-qtcm-9z3v-dydn", "summary": "Multiple vulnerabilities have been discovered in Mozilla Firefox, the worst of which can lead to arbitrary code execution.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-0241.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-0241.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-0241", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00074", "scoring_system": "epss", "scoring_elements": "0.22245", "published_at": "2026-05-09T12:55:00Z" }, { "value": "0.00074", "scoring_system": "epss", "scoring_elements": "0.22335", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00074", "scoring_system": "epss", "scoring_elements": "0.22417", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00074", "scoring_system": "epss", "scoring_elements": "0.22472", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00074", "scoring_system": "epss", "scoring_elements": "0.22491", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00074", "scoring_system": "epss", "scoring_elements": "0.2245", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00074", "scoring_system": "epss", "scoring_elements": "0.22396", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00074", "scoring_system": "epss", "scoring_elements": "0.22413", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00074", "scoring_system": "epss", "scoring_elements": "0.22411", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00074", "scoring_system": "epss", "scoring_elements": "0.22361", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00074", "scoring_system": "epss", "scoring_elements": "0.22212", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00074", "scoring_system": "epss", "scoring_elements": "0.22199", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.00074", "scoring_system": "epss", "scoring_elements": "0.22191", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.00074", "scoring_system": "epss", "scoring_elements": "0.22086", "published_at": "2026-05-05T12:55:00Z" }, { "value": "0.00074", "scoring_system": "epss", "scoring_elements": "0.22166", "published_at": "2026-05-07T12:55:00Z" }, { "value": "0.00074", "scoring_system": "epss", "scoring_elements": "0.22504", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00074", "scoring_system": "epss", "scoring_elements": "0.22547", "published_at": "2026-04-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-0241" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-0241", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-0241" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2336168", "reference_id": "2336168", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2336168" }, { "reference_url": "https://security.gentoo.org/glsa/202501-10", "reference_id": "GLSA-202501-10", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202501-10" }, { "reference_url": "https://security.gentoo.org/glsa/202505-03", "reference_id": "GLSA-202505-03", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202505-03" }, { "reference_url": "https://security.gentoo.org/glsa/202509-02", "reference_id": "GLSA-202509-02", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202509-02" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-01", "reference_id": "mfsa2025-01", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-01" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2025-01/", "reference_id": "mfsa2025-01", "reference_type": "", "scores": [ { "value": "7.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-01-08T17:27:29Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2025-01/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-02", "reference_id": "mfsa2025-02", "reference_type": "", "scores": [ { "value": "none", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-02" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2025-02/", "reference_id": "mfsa2025-02", "reference_type": "", "scores": [ { "value": "7.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-01-08T17:27:29Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2025-02/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-04", "reference_id": "mfsa2025-04", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-04" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2025-04/", "reference_id": "mfsa2025-04", "reference_type": "", "scores": [ { "value": "7.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-01-08T17:27:29Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2025-04/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-05", "reference_id": "mfsa2025-05", "reference_type": "", "scores": [ { "value": "none", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-05" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2025-05/", "reference_id": "mfsa2025-05", "reference_type": "", "scores": [ { "value": "7.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-01-08T17:27:29Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2025-05/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:0080", "reference_id": "RHSA-2025:0080", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:0080" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:0132", "reference_id": "RHSA-2025:0132", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:0132" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:0133", "reference_id": "RHSA-2025:0133", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:0133" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:0134", "reference_id": "RHSA-2025:0134", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:0134" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:0135", "reference_id": "RHSA-2025:0135", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:0135" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:0136", "reference_id": "RHSA-2025:0136", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:0136" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:0137", "reference_id": "RHSA-2025:0137", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:0137" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:0138", "reference_id": "RHSA-2025:0138", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:0138" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:0144", "reference_id": "RHSA-2025:0144", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:0144" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:0147", "reference_id": "RHSA-2025:0147", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:0147" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:0162", "reference_id": "RHSA-2025:0162", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:0162" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:0165", "reference_id": "RHSA-2025:0165", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:0165" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:0166", "reference_id": "RHSA-2025:0166", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:0166" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:0167", "reference_id": "RHSA-2025:0167", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:0167" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:0275", "reference_id": "RHSA-2025:0275", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:0275" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:0281", "reference_id": "RHSA-2025:0281", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:0281" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:0284", "reference_id": "RHSA-2025:0284", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:0284" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:0286", "reference_id": "RHSA-2025:0286", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:0286" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:0287", "reference_id": "RHSA-2025:0287", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:0287" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1933023", "reference_id": "show_bug.cgi?id=1933023", "reference_type": "", "scores": [ { "value": "7.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-01-08T17:27:29Z/" } ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1933023" }, { "reference_url": "https://usn.ubuntu.com/7191-1/", "reference_id": "USN-7191-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7191-1/" }, { "reference_url": "https://usn.ubuntu.com/7991-1/", "reference_id": "USN-7991-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7991-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/582079?format=api", "purl": "pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2fqb-r5zb-a7dp" }, { "vulnerability": "VCID-3a6f-173h-fqbz" }, { "vulnerability": "VCID-3kv6-c148-nkhq" }, { "vulnerability": "VCID-4e49-6tg2-e7d9" }, { "vulnerability": "VCID-59d3-343b-e3aw" }, { "vulnerability": "VCID-5dw5-vpt8-zqbz" }, { "vulnerability": "VCID-61r1-arbe-dke4" }, { "vulnerability": "VCID-7jt2-zr49-7ye5" }, { "vulnerability": "VCID-95et-ezmb-buau" }, { "vulnerability": "VCID-9ag7-z86d-nba9" }, { "vulnerability": "VCID-9nbw-7c9e-13af" }, { "vulnerability": "VCID-av7u-3g4m-mugm" }, { "vulnerability": "VCID-bwth-uepr-z7a3" }, { "vulnerability": "VCID-cjsm-7gxr-8ygw" }, { "vulnerability": "VCID-d16s-p141-qbft" }, { "vulnerability": "VCID-fxjm-ywug-f3d5" }, { "vulnerability": "VCID-hk2m-rbdy-nqhc" }, { "vulnerability": "VCID-ma29-qa7e-9qb4" }, { "vulnerability": "VCID-nge1-4cvg-zqb2" }, { "vulnerability": "VCID-nyum-jpbc-abew" }, { "vulnerability": "VCID-p6yz-xs58-u3gm" }, { "vulnerability": "VCID-pfmd-zv8f-8bfc" }, { "vulnerability": "VCID-pszh-x9gd-xyg4" }, { "vulnerability": "VCID-q689-wneh-hbdq" }, { "vulnerability": "VCID-q8qp-5szp-mfe8" }, { "vulnerability": "VCID-qbzp-euvv-q7c7" }, { "vulnerability": "VCID-ruqn-mk9t-57hb" }, { "vulnerability": "VCID-tv7r-qf2c-dqbm" }, { "vulnerability": "VCID-ufku-v5vq-4yef" }, { "vulnerability": "VCID-w98r-yagc-kkec" }, { "vulnerability": "VCID-z6tm-b352-5uhk" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/922267?format=api", "purl": "pkg:deb/debian/firefox-esr@128.6.0esr-1~deb11u3?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@128.6.0esr-1~deb11u3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/922266?format=api", "purl": "pkg:deb/debian/firefox-esr@128.6.0esr-1~deb12u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@128.6.0esr-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/922268?format=api", "purl": "pkg:deb/debian/firefox-esr@128.6.0esr-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@128.6.0esr-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/582080?format=api", "purl": "pkg:deb/debian/firefox-esr@128.14.0esr-1~deb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3a6f-173h-fqbz" }, { "vulnerability": "VCID-4e49-6tg2-e7d9" }, { "vulnerability": "VCID-f81v-9fv8-93cd" }, { "vulnerability": "VCID-pszh-x9gd-xyg4" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@128.14.0esr-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/582081?format=api", "purl": "pkg:deb/debian/firefox-esr@140.8.0esr-1~deb13u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3a6f-173h-fqbz" }, { "vulnerability": "VCID-4e49-6tg2-e7d9" }, { "vulnerability": "VCID-f81v-9fv8-93cd" }, { "vulnerability": "VCID-pszh-x9gd-xyg4" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.8.0esr-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/582082?format=api", "purl": "pkg:deb/debian/firefox-esr@140.9.0esr-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-5dw5-vpt8-zqbz" }, { "vulnerability": "VCID-9ag7-z86d-nba9" }, { "vulnerability": "VCID-f81v-9fv8-93cd" }, { "vulnerability": "VCID-qbzp-euvv-q7c7" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.9.0esr-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1059612?format=api", "purl": "pkg:deb/debian/firefox-esr@140.9.1esr-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2fqb-r5zb-a7dp" }, { "vulnerability": "VCID-3kv6-c148-nkhq" }, { "vulnerability": "VCID-59d3-343b-e3aw" }, { "vulnerability": "VCID-61r1-arbe-dke4" }, { "vulnerability": "VCID-7jt2-zr49-7ye5" }, { "vulnerability": "VCID-95et-ezmb-buau" }, { "vulnerability": "VCID-9nbw-7c9e-13af" }, { "vulnerability": "VCID-av7u-3g4m-mugm" }, { "vulnerability": "VCID-bwth-uepr-z7a3" }, { "vulnerability": "VCID-cjsm-7gxr-8ygw" }, { "vulnerability": "VCID-d16s-p141-qbft" }, { "vulnerability": "VCID-f81v-9fv8-93cd" }, { "vulnerability": "VCID-fxjm-ywug-f3d5" }, { "vulnerability": "VCID-hk2m-rbdy-nqhc" }, { "vulnerability": "VCID-ma29-qa7e-9qb4" }, { "vulnerability": "VCID-nge1-4cvg-zqb2" }, { "vulnerability": "VCID-nyum-jpbc-abew" }, { "vulnerability": "VCID-p6yz-xs58-u3gm" }, { "vulnerability": "VCID-pfmd-zv8f-8bfc" }, { "vulnerability": "VCID-q689-wneh-hbdq" }, { "vulnerability": "VCID-q8qp-5szp-mfe8" }, { "vulnerability": "VCID-ruqn-mk9t-57hb" }, { "vulnerability": "VCID-tv7r-qf2c-dqbm" }, { "vulnerability": "VCID-w98r-yagc-kkec" }, { "vulnerability": "VCID-z6tm-b352-5uhk" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.9.1esr-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1076057?format=api", "purl": "pkg:deb/debian/firefox-esr@140.10.0esr-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1y9d-wx59-fyh2" }, { "vulnerability": "VCID-9uk1-zvat-5qc9" }, { "vulnerability": "VCID-f81v-9fv8-93cd" }, { "vulnerability": "VCID-ndwm-svz7-5uen" }, { "vulnerability": "VCID-zkbj-717t-j3hw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.0esr-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1088671?format=api", "purl": "pkg:deb/debian/firefox-esr@140.10.1esr-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3a6f-173h-fqbz" }, { "vulnerability": "VCID-4e49-6tg2-e7d9" }, { "vulnerability": "VCID-f81v-9fv8-93cd" }, { "vulnerability": "VCID-pszh-x9gd-xyg4" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.1esr-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1105249?format=api", "purl": "pkg:deb/debian/firefox-esr@140.10.2esr-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-f81v-9fv8-93cd" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2025-0241" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-qtcm-9z3v-dydn" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/41999?format=api", "vulnerability_id": "VCID-r7ss-g876-c7fg", "summary": "Multiple vulnerabilities have been discovered in Mozilla Firefox, the worst of which can lead to arbitrary code execution.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-0237.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-0237.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-0237", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00102", "scoring_system": "epss", "scoring_elements": "0.28036", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00119", "scoring_system": "epss", "scoring_elements": "0.30879", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00119", "scoring_system": "epss", "scoring_elements": "0.30399", "published_at": "2026-05-09T12:55:00Z" }, { "value": "0.00119", "scoring_system": "epss", "scoring_elements": "0.30391", "published_at": "2026-05-07T12:55:00Z" }, { "value": "0.00119", "scoring_system": "epss", "scoring_elements": "0.30859", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00119", "scoring_system": "epss", "scoring_elements": "0.31026", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00119", "scoring_system": "epss", "scoring_elements": "0.30845", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00119", "scoring_system": "epss", "scoring_elements": "0.30903", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00119", "scoring_system": "epss", "scoring_elements": "0.30933", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00119", "scoring_system": "epss", "scoring_elements": "0.30935", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00119", "scoring_system": "epss", "scoring_elements": "0.30893", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00119", "scoring_system": "epss", "scoring_elements": "0.30848", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00119", "scoring_system": "epss", "scoring_elements": "0.30979", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00123", "scoring_system": "epss", "scoring_elements": "0.312", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00123", "scoring_system": "epss", "scoring_elements": "0.30998", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.00123", "scoring_system": "epss", "scoring_elements": "0.30845", "published_at": "2026-05-05T12:55:00Z" }, { "value": "0.00123", "scoring_system": "epss", "scoring_elements": "0.31076", "published_at": "2026-04-26T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-0237" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-0237", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-0237" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2336182", "reference_id": "2336182", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2336182" }, { "reference_url": "https://security.gentoo.org/glsa/202501-10", "reference_id": "GLSA-202501-10", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202501-10" }, { "reference_url": "https://security.gentoo.org/glsa/202505-03", "reference_id": "GLSA-202505-03", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202505-03" }, { "reference_url": "https://security.gentoo.org/glsa/202509-02", "reference_id": "GLSA-202509-02", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202509-02" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-01", "reference_id": "mfsa2025-01", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-01" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2025-01/", "reference_id": "mfsa2025-01", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-01-08T15:57:56Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2025-01/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-02", "reference_id": "mfsa2025-02", "reference_type": "", "scores": [ { "value": "none", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-02" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2025-02/", "reference_id": "mfsa2025-02", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-01-08T15:57:56Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2025-02/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-04", "reference_id": "mfsa2025-04", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-04" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2025-04/", "reference_id": "mfsa2025-04", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-01-08T15:57:56Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2025-04/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-05", "reference_id": "mfsa2025-05", "reference_type": "", "scores": [ { "value": "none", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-05" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2025-05/", "reference_id": "mfsa2025-05", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-01-08T15:57:56Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2025-05/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:0080", "reference_id": "RHSA-2025:0080", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:0080" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:0132", "reference_id": "RHSA-2025:0132", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:0132" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:0133", "reference_id": "RHSA-2025:0133", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:0133" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:0134", "reference_id": "RHSA-2025:0134", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:0134" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:0135", "reference_id": "RHSA-2025:0135", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:0135" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:0136", "reference_id": "RHSA-2025:0136", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:0136" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:0137", "reference_id": "RHSA-2025:0137", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:0137" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:0138", "reference_id": "RHSA-2025:0138", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:0138" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:0144", "reference_id": "RHSA-2025:0144", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:0144" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:0147", "reference_id": "RHSA-2025:0147", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:0147" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:0162", "reference_id": "RHSA-2025:0162", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:0162" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:0165", "reference_id": "RHSA-2025:0165", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:0165" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:0166", "reference_id": "RHSA-2025:0166", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:0166" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:0167", "reference_id": "RHSA-2025:0167", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:0167" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:0275", "reference_id": "RHSA-2025:0275", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:0275" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:0281", "reference_id": "RHSA-2025:0281", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:0281" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:0284", "reference_id": "RHSA-2025:0284", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:0284" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:0286", "reference_id": "RHSA-2025:0286", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:0286" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:0287", "reference_id": "RHSA-2025:0287", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:0287" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1915257", "reference_id": "show_bug.cgi?id=1915257", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-01-08T15:57:56Z/" } ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1915257" }, { "reference_url": "https://usn.ubuntu.com/7191-1/", "reference_id": "USN-7191-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7191-1/" }, { "reference_url": "https://usn.ubuntu.com/7991-1/", "reference_id": "USN-7991-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7991-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/582079?format=api", "purl": "pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2fqb-r5zb-a7dp" }, { "vulnerability": "VCID-3a6f-173h-fqbz" }, { "vulnerability": "VCID-3kv6-c148-nkhq" }, { "vulnerability": "VCID-4e49-6tg2-e7d9" }, { "vulnerability": "VCID-59d3-343b-e3aw" }, { "vulnerability": "VCID-5dw5-vpt8-zqbz" }, { "vulnerability": "VCID-61r1-arbe-dke4" }, { "vulnerability": "VCID-7jt2-zr49-7ye5" }, { "vulnerability": "VCID-95et-ezmb-buau" }, { "vulnerability": "VCID-9ag7-z86d-nba9" }, { "vulnerability": "VCID-9nbw-7c9e-13af" }, { "vulnerability": "VCID-av7u-3g4m-mugm" }, { "vulnerability": "VCID-bwth-uepr-z7a3" }, { "vulnerability": "VCID-cjsm-7gxr-8ygw" }, { "vulnerability": "VCID-d16s-p141-qbft" }, { "vulnerability": "VCID-fxjm-ywug-f3d5" }, { "vulnerability": "VCID-hk2m-rbdy-nqhc" }, { "vulnerability": "VCID-ma29-qa7e-9qb4" }, { "vulnerability": "VCID-nge1-4cvg-zqb2" }, { "vulnerability": "VCID-nyum-jpbc-abew" }, { "vulnerability": "VCID-p6yz-xs58-u3gm" }, { "vulnerability": "VCID-pfmd-zv8f-8bfc" }, { "vulnerability": "VCID-pszh-x9gd-xyg4" }, { "vulnerability": "VCID-q689-wneh-hbdq" }, { "vulnerability": "VCID-q8qp-5szp-mfe8" }, { "vulnerability": "VCID-qbzp-euvv-q7c7" }, { "vulnerability": "VCID-ruqn-mk9t-57hb" }, { "vulnerability": "VCID-tv7r-qf2c-dqbm" }, { "vulnerability": "VCID-ufku-v5vq-4yef" }, { "vulnerability": "VCID-w98r-yagc-kkec" }, { "vulnerability": "VCID-z6tm-b352-5uhk" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/922267?format=api", "purl": "pkg:deb/debian/firefox-esr@128.6.0esr-1~deb11u3?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@128.6.0esr-1~deb11u3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/922266?format=api", "purl": "pkg:deb/debian/firefox-esr@128.6.0esr-1~deb12u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@128.6.0esr-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/922268?format=api", "purl": "pkg:deb/debian/firefox-esr@128.6.0esr-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@128.6.0esr-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/582080?format=api", "purl": "pkg:deb/debian/firefox-esr@128.14.0esr-1~deb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3a6f-173h-fqbz" }, { "vulnerability": "VCID-4e49-6tg2-e7d9" }, { "vulnerability": "VCID-f81v-9fv8-93cd" }, { "vulnerability": "VCID-pszh-x9gd-xyg4" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@128.14.0esr-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/582081?format=api", "purl": "pkg:deb/debian/firefox-esr@140.8.0esr-1~deb13u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3a6f-173h-fqbz" }, { "vulnerability": "VCID-4e49-6tg2-e7d9" }, { "vulnerability": "VCID-f81v-9fv8-93cd" }, { "vulnerability": "VCID-pszh-x9gd-xyg4" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.8.0esr-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/582082?format=api", "purl": "pkg:deb/debian/firefox-esr@140.9.0esr-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-5dw5-vpt8-zqbz" }, { "vulnerability": "VCID-9ag7-z86d-nba9" }, { "vulnerability": "VCID-f81v-9fv8-93cd" }, { "vulnerability": "VCID-qbzp-euvv-q7c7" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.9.0esr-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1059612?format=api", "purl": "pkg:deb/debian/firefox-esr@140.9.1esr-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2fqb-r5zb-a7dp" }, { "vulnerability": "VCID-3kv6-c148-nkhq" }, { "vulnerability": "VCID-59d3-343b-e3aw" }, { "vulnerability": "VCID-61r1-arbe-dke4" }, { "vulnerability": "VCID-7jt2-zr49-7ye5" }, { "vulnerability": "VCID-95et-ezmb-buau" }, { "vulnerability": "VCID-9nbw-7c9e-13af" }, { "vulnerability": "VCID-av7u-3g4m-mugm" }, { "vulnerability": "VCID-bwth-uepr-z7a3" }, { "vulnerability": "VCID-cjsm-7gxr-8ygw" }, { "vulnerability": "VCID-d16s-p141-qbft" }, { "vulnerability": "VCID-f81v-9fv8-93cd" }, { "vulnerability": "VCID-fxjm-ywug-f3d5" }, { "vulnerability": "VCID-hk2m-rbdy-nqhc" }, { "vulnerability": "VCID-ma29-qa7e-9qb4" }, { "vulnerability": "VCID-nge1-4cvg-zqb2" }, { "vulnerability": "VCID-nyum-jpbc-abew" }, { "vulnerability": "VCID-p6yz-xs58-u3gm" }, { "vulnerability": "VCID-pfmd-zv8f-8bfc" }, { "vulnerability": "VCID-q689-wneh-hbdq" }, { "vulnerability": "VCID-q8qp-5szp-mfe8" }, { "vulnerability": "VCID-ruqn-mk9t-57hb" }, { "vulnerability": "VCID-tv7r-qf2c-dqbm" }, { "vulnerability": "VCID-w98r-yagc-kkec" }, { "vulnerability": "VCID-z6tm-b352-5uhk" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.9.1esr-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1076057?format=api", "purl": "pkg:deb/debian/firefox-esr@140.10.0esr-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1y9d-wx59-fyh2" }, { "vulnerability": "VCID-9uk1-zvat-5qc9" }, { "vulnerability": "VCID-f81v-9fv8-93cd" }, { "vulnerability": "VCID-ndwm-svz7-5uen" }, { "vulnerability": "VCID-zkbj-717t-j3hw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.0esr-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1088671?format=api", "purl": "pkg:deb/debian/firefox-esr@140.10.1esr-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3a6f-173h-fqbz" }, { "vulnerability": "VCID-4e49-6tg2-e7d9" }, { "vulnerability": "VCID-f81v-9fv8-93cd" }, { "vulnerability": "VCID-pszh-x9gd-xyg4" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.1esr-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1105249?format=api", "purl": "pkg:deb/debian/firefox-esr@140.10.2esr-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-f81v-9fv8-93cd" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2025-0237" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-r7ss-g876-c7fg" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/42002?format=api", "vulnerability_id": "VCID-tgpf-32kg-rqc2", "summary": "Multiple vulnerabilities have been discovered in Mozilla Firefox, the worst of which can lead to arbitrary code execution.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-0240.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-0240.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-0240", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00048", "scoring_system": "epss", "scoring_elements": "0.14706", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00048", "scoring_system": "epss", "scoring_elements": "0.148", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00048", "scoring_system": "epss", "scoring_elements": "0.1489", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00048", "scoring_system": "epss", "scoring_elements": "0.14941", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00048", "scoring_system": "epss", "scoring_elements": "0.14906", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00048", "scoring_system": "epss", "scoring_elements": "0.14868", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00048", "scoring_system": "epss", "scoring_elements": "0.14809", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00048", "scoring_system": "epss", "scoring_elements": "0.1492", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00048", "scoring_system": "epss", "scoring_elements": "0.14849", "published_at": "2026-05-09T12:55:00Z" }, { "value": "0.00048", "scoring_system": "epss", "scoring_elements": "0.1476", "published_at": "2026-05-07T12:55:00Z" }, { "value": "0.00048", "scoring_system": "epss", "scoring_elements": "0.14633", "published_at": "2026-05-05T12:55:00Z" }, { "value": "0.00048", "scoring_system": "epss", "scoring_elements": "0.14752", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.00048", "scoring_system": "epss", "scoring_elements": "0.14808", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.00048", "scoring_system": "epss", "scoring_elements": "0.1481", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00048", "scoring_system": "epss", "scoring_elements": "0.14773", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00048", "scoring_system": "epss", "scoring_elements": "0.14714", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00048", "scoring_system": "epss", "scoring_elements": "0.14997", "published_at": "2026-04-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-0240" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-0240", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-0240" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2336188", "reference_id": "2336188", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2336188" }, { "reference_url": "https://security.gentoo.org/glsa/202501-10", "reference_id": "GLSA-202501-10", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202501-10" }, { "reference_url": "https://security.gentoo.org/glsa/202505-03", "reference_id": "GLSA-202505-03", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202505-03" }, { "reference_url": "https://security.gentoo.org/glsa/202509-02", "reference_id": "GLSA-202509-02", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202509-02" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-01", "reference_id": "mfsa2025-01", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-01" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2025-01/", "reference_id": "mfsa2025-01", "reference_type": "", "scores": [ { "value": "4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-08T16:36:55Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2025-01/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-02", "reference_id": "mfsa2025-02", "reference_type": "", "scores": [ { "value": "none", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-02" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2025-02/", "reference_id": "mfsa2025-02", "reference_type": "", "scores": [ { "value": "4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-08T16:36:55Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2025-02/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-04", "reference_id": "mfsa2025-04", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-04" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2025-04/", "reference_id": "mfsa2025-04", "reference_type": "", "scores": [ { "value": "4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-08T16:36:55Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2025-04/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-05", "reference_id": "mfsa2025-05", "reference_type": "", "scores": [ { "value": "none", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-05" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2025-05/", "reference_id": "mfsa2025-05", "reference_type": "", "scores": [ { "value": "4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-08T16:36:55Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2025-05/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:0080", "reference_id": "RHSA-2025:0080", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:0080" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:0132", "reference_id": "RHSA-2025:0132", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:0132" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:0133", "reference_id": "RHSA-2025:0133", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:0133" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:0134", "reference_id": "RHSA-2025:0134", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:0134" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:0135", "reference_id": "RHSA-2025:0135", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:0135" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:0136", "reference_id": "RHSA-2025:0136", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:0136" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:0137", "reference_id": "RHSA-2025:0137", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:0137" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:0138", "reference_id": "RHSA-2025:0138", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:0138" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:0144", "reference_id": "RHSA-2025:0144", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:0144" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:0147", "reference_id": "RHSA-2025:0147", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:0147" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:0162", "reference_id": "RHSA-2025:0162", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:0162" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:0165", "reference_id": "RHSA-2025:0165", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:0165" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:0166", "reference_id": "RHSA-2025:0166", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:0166" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:0167", "reference_id": "RHSA-2025:0167", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:0167" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:0275", "reference_id": "RHSA-2025:0275", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:0275" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:0281", "reference_id": "RHSA-2025:0281", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:0281" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:0284", "reference_id": "RHSA-2025:0284", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:0284" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:0286", "reference_id": "RHSA-2025:0286", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:0286" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:0287", "reference_id": "RHSA-2025:0287", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:0287" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1929623", "reference_id": "show_bug.cgi?id=1929623", "reference_type": "", "scores": [ { "value": "4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-08T16:36:55Z/" } ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1929623" }, { "reference_url": "https://usn.ubuntu.com/7191-1/", "reference_id": "USN-7191-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7191-1/" }, { "reference_url": "https://usn.ubuntu.com/7991-1/", "reference_id": "USN-7991-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7991-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/582079?format=api", "purl": "pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2fqb-r5zb-a7dp" }, { "vulnerability": "VCID-3a6f-173h-fqbz" }, { "vulnerability": "VCID-3kv6-c148-nkhq" }, { "vulnerability": "VCID-4e49-6tg2-e7d9" }, { "vulnerability": "VCID-59d3-343b-e3aw" }, { "vulnerability": "VCID-5dw5-vpt8-zqbz" }, { "vulnerability": "VCID-61r1-arbe-dke4" }, { "vulnerability": "VCID-7jt2-zr49-7ye5" }, { "vulnerability": "VCID-95et-ezmb-buau" }, { "vulnerability": "VCID-9ag7-z86d-nba9" }, { "vulnerability": "VCID-9nbw-7c9e-13af" }, { "vulnerability": "VCID-av7u-3g4m-mugm" }, { "vulnerability": "VCID-bwth-uepr-z7a3" }, { "vulnerability": "VCID-cjsm-7gxr-8ygw" }, { "vulnerability": "VCID-d16s-p141-qbft" }, { "vulnerability": "VCID-fxjm-ywug-f3d5" }, { "vulnerability": "VCID-hk2m-rbdy-nqhc" }, { "vulnerability": "VCID-ma29-qa7e-9qb4" }, { "vulnerability": "VCID-nge1-4cvg-zqb2" }, { "vulnerability": "VCID-nyum-jpbc-abew" }, { "vulnerability": "VCID-p6yz-xs58-u3gm" }, { "vulnerability": "VCID-pfmd-zv8f-8bfc" }, { "vulnerability": "VCID-pszh-x9gd-xyg4" }, { "vulnerability": "VCID-q689-wneh-hbdq" }, { "vulnerability": "VCID-q8qp-5szp-mfe8" }, { "vulnerability": "VCID-qbzp-euvv-q7c7" }, { "vulnerability": "VCID-ruqn-mk9t-57hb" }, { "vulnerability": "VCID-tv7r-qf2c-dqbm" }, { "vulnerability": "VCID-ufku-v5vq-4yef" }, { "vulnerability": "VCID-w98r-yagc-kkec" }, { "vulnerability": "VCID-z6tm-b352-5uhk" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/922267?format=api", "purl": "pkg:deb/debian/firefox-esr@128.6.0esr-1~deb11u3?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@128.6.0esr-1~deb11u3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/922266?format=api", "purl": "pkg:deb/debian/firefox-esr@128.6.0esr-1~deb12u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@128.6.0esr-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/922268?format=api", "purl": "pkg:deb/debian/firefox-esr@128.6.0esr-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@128.6.0esr-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/582080?format=api", "purl": "pkg:deb/debian/firefox-esr@128.14.0esr-1~deb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3a6f-173h-fqbz" }, { "vulnerability": "VCID-4e49-6tg2-e7d9" }, { "vulnerability": "VCID-f81v-9fv8-93cd" }, { "vulnerability": "VCID-pszh-x9gd-xyg4" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@128.14.0esr-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/582081?format=api", "purl": "pkg:deb/debian/firefox-esr@140.8.0esr-1~deb13u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3a6f-173h-fqbz" }, { "vulnerability": "VCID-4e49-6tg2-e7d9" }, { "vulnerability": "VCID-f81v-9fv8-93cd" }, { "vulnerability": "VCID-pszh-x9gd-xyg4" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.8.0esr-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/582082?format=api", "purl": "pkg:deb/debian/firefox-esr@140.9.0esr-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-5dw5-vpt8-zqbz" }, { "vulnerability": "VCID-9ag7-z86d-nba9" }, { "vulnerability": "VCID-f81v-9fv8-93cd" }, { "vulnerability": "VCID-qbzp-euvv-q7c7" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.9.0esr-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1059612?format=api", "purl": "pkg:deb/debian/firefox-esr@140.9.1esr-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2fqb-r5zb-a7dp" }, { "vulnerability": "VCID-3kv6-c148-nkhq" }, { "vulnerability": "VCID-59d3-343b-e3aw" }, { "vulnerability": "VCID-61r1-arbe-dke4" }, { "vulnerability": "VCID-7jt2-zr49-7ye5" }, { "vulnerability": "VCID-95et-ezmb-buau" }, { "vulnerability": "VCID-9nbw-7c9e-13af" }, { "vulnerability": "VCID-av7u-3g4m-mugm" }, { "vulnerability": "VCID-bwth-uepr-z7a3" }, { "vulnerability": "VCID-cjsm-7gxr-8ygw" }, { "vulnerability": "VCID-d16s-p141-qbft" }, { "vulnerability": "VCID-f81v-9fv8-93cd" }, { "vulnerability": "VCID-fxjm-ywug-f3d5" }, { "vulnerability": "VCID-hk2m-rbdy-nqhc" }, { "vulnerability": "VCID-ma29-qa7e-9qb4" }, { "vulnerability": "VCID-nge1-4cvg-zqb2" }, { "vulnerability": "VCID-nyum-jpbc-abew" }, { "vulnerability": "VCID-p6yz-xs58-u3gm" }, { "vulnerability": "VCID-pfmd-zv8f-8bfc" }, { "vulnerability": "VCID-q689-wneh-hbdq" }, { "vulnerability": "VCID-q8qp-5szp-mfe8" }, { "vulnerability": "VCID-ruqn-mk9t-57hb" }, { "vulnerability": "VCID-tv7r-qf2c-dqbm" }, { "vulnerability": "VCID-w98r-yagc-kkec" }, { "vulnerability": "VCID-z6tm-b352-5uhk" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.9.1esr-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1076057?format=api", "purl": "pkg:deb/debian/firefox-esr@140.10.0esr-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1y9d-wx59-fyh2" }, { "vulnerability": "VCID-9uk1-zvat-5qc9" }, { "vulnerability": "VCID-f81v-9fv8-93cd" }, { "vulnerability": "VCID-ndwm-svz7-5uen" }, { "vulnerability": "VCID-zkbj-717t-j3hw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.0esr-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1088671?format=api", "purl": "pkg:deb/debian/firefox-esr@140.10.1esr-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3a6f-173h-fqbz" }, { "vulnerability": "VCID-4e49-6tg2-e7d9" }, { "vulnerability": "VCID-f81v-9fv8-93cd" }, { "vulnerability": "VCID-pszh-x9gd-xyg4" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.1esr-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1105249?format=api", "purl": "pkg:deb/debian/firefox-esr@140.10.2esr-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-f81v-9fv8-93cd" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2025-0240" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-tgpf-32kg-rqc2" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/42005?format=api", "vulnerability_id": "VCID-ukf2-qcjg-u7bg", "summary": "Multiple vulnerabilities have been discovered in Mozilla Firefox, the worst of which can lead to arbitrary code execution.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-0243.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-0243.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-0243", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0003", "scoring_system": "epss", "scoring_elements": "0.08521", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.0003", "scoring_system": "epss", "scoring_elements": "0.08488", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.0003", "scoring_system": "epss", "scoring_elements": "0.08516", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.0003", "scoring_system": "epss", "scoring_elements": "0.08435", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.0003", "scoring_system": "epss", "scoring_elements": "0.08508", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.0003", "scoring_system": "epss", "scoring_elements": "0.08527", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.0003", "scoring_system": "epss", "scoring_elements": "0.08503", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.0003", "scoring_system": "epss", "scoring_elements": "0.0846", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.0003", "scoring_system": "epss", "scoring_elements": "0.0864", "published_at": "2026-05-09T12:55:00Z" }, { "value": "0.0003", "scoring_system": "epss", "scoring_elements": "0.08562", "published_at": "2026-05-07T12:55:00Z" }, { "value": "0.0003", "scoring_system": "epss", "scoring_elements": "0.08417", "published_at": "2026-05-05T12:55:00Z" }, { "value": "0.0003", "scoring_system": "epss", "scoring_elements": "0.08469", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.0003", "scoring_system": "epss", "scoring_elements": "0.08481", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.0003", "scoring_system": "epss", "scoring_elements": "0.08363", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.0003", "scoring_system": "epss", "scoring_elements": "0.08379", "published_at": "2026-04-16T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-0243" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-0243", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-0243" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2336175", "reference_id": "2336175", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2336175" }, { "reference_url": "https://bugzilla.mozilla.org/buglist.cgi?bug_id=1827142%2C1932783", "reference_id": "buglist.cgi?bug_id=1827142%2C1932783", "reference_type": "", "scores": [ { "value": "5.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-01-08T16:44:56Z/" } ], "url": "https://bugzilla.mozilla.org/buglist.cgi?bug_id=1827142%2C1932783" }, { "reference_url": "https://security.gentoo.org/glsa/202501-10", "reference_id": "GLSA-202501-10", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202501-10" }, { "reference_url": "https://security.gentoo.org/glsa/202505-03", "reference_id": "GLSA-202505-03", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202505-03" }, { "reference_url": "https://security.gentoo.org/glsa/202509-02", "reference_id": "GLSA-202509-02", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202509-02" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-01", "reference_id": "mfsa2025-01", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-01" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2025-01/", "reference_id": "mfsa2025-01", "reference_type": "", "scores": [ { "value": "5.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-01-08T16:44:56Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2025-01/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-02", "reference_id": "mfsa2025-02", "reference_type": "", "scores": [ { "value": "none", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-02" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2025-02/", "reference_id": "mfsa2025-02", "reference_type": "", "scores": [ { "value": "5.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-01-08T16:44:56Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2025-02/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-04", "reference_id": "mfsa2025-04", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-04" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2025-04/", "reference_id": "mfsa2025-04", "reference_type": "", "scores": [ { "value": "5.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-01-08T16:44:56Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2025-04/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-05", "reference_id": "mfsa2025-05", "reference_type": "", "scores": [ { "value": "none", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-05" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2025-05/", "reference_id": "mfsa2025-05", "reference_type": "", "scores": [ { "value": "5.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-01-08T16:44:56Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2025-05/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:0080", "reference_id": "RHSA-2025:0080", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:0080" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:0132", "reference_id": "RHSA-2025:0132", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:0132" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:0133", "reference_id": "RHSA-2025:0133", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:0133" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:0134", "reference_id": "RHSA-2025:0134", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:0134" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:0135", "reference_id": "RHSA-2025:0135", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:0135" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:0136", "reference_id": "RHSA-2025:0136", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:0136" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:0137", "reference_id": "RHSA-2025:0137", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:0137" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:0138", "reference_id": "RHSA-2025:0138", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:0138" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:0144", "reference_id": "RHSA-2025:0144", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:0144" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:0147", "reference_id": "RHSA-2025:0147", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:0147" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:0162", "reference_id": "RHSA-2025:0162", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:0162" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:0165", "reference_id": "RHSA-2025:0165", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:0165" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:0166", "reference_id": "RHSA-2025:0166", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:0166" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:0167", "reference_id": "RHSA-2025:0167", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:0167" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:0275", "reference_id": "RHSA-2025:0275", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:0275" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:0281", "reference_id": "RHSA-2025:0281", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:0281" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:0284", "reference_id": "RHSA-2025:0284", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:0284" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:0286", "reference_id": "RHSA-2025:0286", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:0286" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:0287", "reference_id": "RHSA-2025:0287", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:0287" }, { "reference_url": "https://usn.ubuntu.com/7191-1/", "reference_id": "USN-7191-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7191-1/" }, { "reference_url": "https://usn.ubuntu.com/7991-1/", "reference_id": "USN-7991-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7991-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/582079?format=api", "purl": "pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2fqb-r5zb-a7dp" }, { "vulnerability": "VCID-3a6f-173h-fqbz" }, { "vulnerability": "VCID-3kv6-c148-nkhq" }, { "vulnerability": "VCID-4e49-6tg2-e7d9" }, { "vulnerability": "VCID-59d3-343b-e3aw" }, { "vulnerability": "VCID-5dw5-vpt8-zqbz" }, { "vulnerability": "VCID-61r1-arbe-dke4" }, { "vulnerability": "VCID-7jt2-zr49-7ye5" }, { "vulnerability": "VCID-95et-ezmb-buau" }, { "vulnerability": "VCID-9ag7-z86d-nba9" }, { "vulnerability": "VCID-9nbw-7c9e-13af" }, { "vulnerability": "VCID-av7u-3g4m-mugm" }, { "vulnerability": "VCID-bwth-uepr-z7a3" }, { "vulnerability": "VCID-cjsm-7gxr-8ygw" }, { "vulnerability": "VCID-d16s-p141-qbft" }, { "vulnerability": "VCID-fxjm-ywug-f3d5" }, { "vulnerability": "VCID-hk2m-rbdy-nqhc" }, { "vulnerability": "VCID-ma29-qa7e-9qb4" }, { "vulnerability": "VCID-nge1-4cvg-zqb2" }, { "vulnerability": "VCID-nyum-jpbc-abew" }, { "vulnerability": "VCID-p6yz-xs58-u3gm" }, { "vulnerability": "VCID-pfmd-zv8f-8bfc" }, { "vulnerability": "VCID-pszh-x9gd-xyg4" }, { "vulnerability": "VCID-q689-wneh-hbdq" }, { "vulnerability": "VCID-q8qp-5szp-mfe8" }, { "vulnerability": "VCID-qbzp-euvv-q7c7" }, { "vulnerability": "VCID-ruqn-mk9t-57hb" }, { "vulnerability": "VCID-tv7r-qf2c-dqbm" }, { "vulnerability": "VCID-ufku-v5vq-4yef" }, { "vulnerability": "VCID-w98r-yagc-kkec" }, { "vulnerability": "VCID-z6tm-b352-5uhk" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/922267?format=api", "purl": "pkg:deb/debian/firefox-esr@128.6.0esr-1~deb11u3?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@128.6.0esr-1~deb11u3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/922266?format=api", "purl": "pkg:deb/debian/firefox-esr@128.6.0esr-1~deb12u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@128.6.0esr-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/922268?format=api", "purl": "pkg:deb/debian/firefox-esr@128.6.0esr-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@128.6.0esr-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/582080?format=api", "purl": "pkg:deb/debian/firefox-esr@128.14.0esr-1~deb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3a6f-173h-fqbz" }, { "vulnerability": "VCID-4e49-6tg2-e7d9" }, { "vulnerability": "VCID-f81v-9fv8-93cd" }, { "vulnerability": "VCID-pszh-x9gd-xyg4" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@128.14.0esr-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/582081?format=api", "purl": "pkg:deb/debian/firefox-esr@140.8.0esr-1~deb13u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3a6f-173h-fqbz" }, { "vulnerability": "VCID-4e49-6tg2-e7d9" }, { "vulnerability": "VCID-f81v-9fv8-93cd" }, { "vulnerability": "VCID-pszh-x9gd-xyg4" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.8.0esr-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/582082?format=api", "purl": "pkg:deb/debian/firefox-esr@140.9.0esr-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-5dw5-vpt8-zqbz" }, { "vulnerability": "VCID-9ag7-z86d-nba9" }, { "vulnerability": "VCID-f81v-9fv8-93cd" }, { "vulnerability": "VCID-qbzp-euvv-q7c7" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.9.0esr-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1059612?format=api", "purl": "pkg:deb/debian/firefox-esr@140.9.1esr-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2fqb-r5zb-a7dp" }, { "vulnerability": "VCID-3kv6-c148-nkhq" }, { "vulnerability": "VCID-59d3-343b-e3aw" }, { "vulnerability": "VCID-61r1-arbe-dke4" }, { "vulnerability": "VCID-7jt2-zr49-7ye5" }, { "vulnerability": "VCID-95et-ezmb-buau" }, { "vulnerability": "VCID-9nbw-7c9e-13af" }, { "vulnerability": "VCID-av7u-3g4m-mugm" }, { "vulnerability": "VCID-bwth-uepr-z7a3" }, { "vulnerability": "VCID-cjsm-7gxr-8ygw" }, { "vulnerability": "VCID-d16s-p141-qbft" }, { "vulnerability": "VCID-f81v-9fv8-93cd" }, { "vulnerability": "VCID-fxjm-ywug-f3d5" }, { "vulnerability": "VCID-hk2m-rbdy-nqhc" }, { "vulnerability": "VCID-ma29-qa7e-9qb4" }, { "vulnerability": "VCID-nge1-4cvg-zqb2" }, { "vulnerability": "VCID-nyum-jpbc-abew" }, { "vulnerability": "VCID-p6yz-xs58-u3gm" }, { "vulnerability": "VCID-pfmd-zv8f-8bfc" }, { "vulnerability": "VCID-q689-wneh-hbdq" }, { "vulnerability": "VCID-q8qp-5szp-mfe8" }, { "vulnerability": "VCID-ruqn-mk9t-57hb" }, { "vulnerability": "VCID-tv7r-qf2c-dqbm" }, { "vulnerability": "VCID-w98r-yagc-kkec" }, { "vulnerability": "VCID-z6tm-b352-5uhk" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.9.1esr-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1076057?format=api", "purl": "pkg:deb/debian/firefox-esr@140.10.0esr-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1y9d-wx59-fyh2" }, { "vulnerability": "VCID-9uk1-zvat-5qc9" }, { "vulnerability": "VCID-f81v-9fv8-93cd" }, { "vulnerability": "VCID-ndwm-svz7-5uen" }, { "vulnerability": "VCID-zkbj-717t-j3hw" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.0esr-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1088671?format=api", "purl": "pkg:deb/debian/firefox-esr@140.10.1esr-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3a6f-173h-fqbz" }, { "vulnerability": "VCID-4e49-6tg2-e7d9" }, { "vulnerability": "VCID-f81v-9fv8-93cd" }, { "vulnerability": "VCID-pszh-x9gd-xyg4" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.1esr-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1105249?format=api", "purl": "pkg:deb/debian/firefox-esr@140.10.2esr-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-f81v-9fv8-93cd" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2025-0243" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-ukf2-qcjg-u7bg" } ], "risk_score": null, "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@128.6.0esr-1~deb11u3%3Fdistro=trixie" }