{"url":"http://public2.vulnerablecode.io/api/packages/95017?format=json","purl":"pkg:deb/debian/firefox-esr@102.8.0esr-1~deb11u1?distro=trixie","type":"deb","namespace":"debian","name":"firefox-esr","version":"102.8.0esr-1~deb11u1","qualifiers":{"distro":"trixie"},"subpath":"","is_vulnerable":false,"next_non_vulnerable_version":"102.8.0esr-1","latest_non_vulnerable_version":"140.11.0esr-1~deb13u1","affected_by_vulnerabilities":[],"fixing_vulnerabilities":[{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/1076?format=json","vulnerability_id":"VCID-3vyt-2drx-kkbv","summary":"Mozilla developers Kershaw Chang and the Mozilla Fuzzing Team reported memory safety bugs present in Firefox 109 and Firefox ESR 102.7. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-25744.json","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-25744.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2023-25744","reference_id":"","reference_type":"","scores":[{"value":"0.00145","scoring_system":"epss","scoring_elements":"0.34622","published_at":"2026-06-09T12:55:00Z"},{"value":"0.00145","scoring_system":"epss","scoring_elements":"0.34658","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00145","scoring_system":"epss","scoring_elements":"0.34604","published_at":"2026-06-08T12:55:00Z"},{"value":"0.00145","scoring_system":"epss","scoring_elements":"0.34638","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00145","scoring_system":"epss","scoring_elements":"0.34674","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00145","scoring_system":"epss","scoring_elements":"0.34559","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2023-25744"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-46871","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-46871"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-46877","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-46877"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0430","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0430"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0616","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0616"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0767","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0767"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-23598","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-23598"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-23601","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-23601"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-23602","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-23602"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-23603","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-23603"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-23605","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-23605"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25728","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25728"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25729","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25729"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25730","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25730"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25732","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25732"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25735","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25735"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25737","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25737"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25739","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25739"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25742","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25742"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25744","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25744"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25746","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25746"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2170391","reference_id":"2170391","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2170391"},{"reference_url":"https://bugzilla.mozilla.org/buglist.cgi?bug_id=1789449%2C1803628%2C1810536","reference_id":"buglist.cgi?bug_id=1789449%2C1803628%2C1810536","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-01-09T16:10:45Z/"}],"url":"https://bugzilla.mozilla.org/buglist.cgi?bug_id=1789449%2C1803628%2C1810536"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2023-05","reference_id":"mfsa2023-05","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2023-05"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2023-05/","reference_id":"mfsa2023-05","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-01-09T16:10:45Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2023-05/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2023-06","reference_id":"mfsa2023-06","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2023-06"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2023-06/","reference_id":"mfsa2023-06","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-01-09T16:10:45Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2023-06/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:0805","reference_id":"RHSA-2023:0805","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:0805"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:0806","reference_id":"RHSA-2023:0806","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:0806"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:0807","reference_id":"RHSA-2023:0807","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:0807"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:0808","reference_id":"RHSA-2023:0808","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:0808"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:0809","reference_id":"RHSA-2023:0809","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:0809"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:0810","reference_id":"RHSA-2023:0810","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:0810"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:0811","reference_id":"RHSA-2023:0811","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:0811"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:0812","reference_id":"RHSA-2023:0812","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:0812"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:0817","reference_id":"RHSA-2023:0817","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:0817"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:0818","reference_id":"RHSA-2023:0818","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:0818"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:0819","reference_id":"RHSA-2023:0819","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:0819"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:0820","reference_id":"RHSA-2023:0820","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:0820"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:0821","reference_id":"RHSA-2023:0821","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:0821"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:0822","reference_id":"RHSA-2023:0822","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:0822"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:0823","reference_id":"RHSA-2023:0823","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:0823"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:0824","reference_id":"RHSA-2023:0824","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:0824"},{"reference_url":"https://usn.ubuntu.com/5880-1/","reference_id":"USN-5880-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5880-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/95017?format=json","purl":"pkg:deb/debian/firefox-esr@102.8.0esr-1~deb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@102.8.0esr-1~deb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/95016?format=json","purl":"pkg:deb/debian/firefox-esr@102.8.0esr-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@102.8.0esr-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/94686?format=json","purl":"pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/94684?format=json","purl":"pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-ghpk-c1e6-pkae"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/94688?format=json","purl":"pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-ghpk-c1e6-pkae"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/94687?format=json","purl":"pkg:deb/debian/firefox-esr@140.11.0esr-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-ghpk-c1e6-pkae"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.11.0esr-1%3Fdistro=trixie"}],"aliases":["CVE-2023-25744"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-3vyt-2drx-kkbv"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/1023?format=json","vulnerability_id":"VCID-b7tj-q8bt-gugw","summary":"Mozilla developers Philipp and Gabriele Svelto reported memory safety bugs present in Thunderbird 102.7. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-25746.json","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-25746.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2023-25746","reference_id":"","reference_type":"","scores":[{"value":"0.00145","scoring_system":"epss","scoring_elements":"0.34658","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00145","scoring_system":"epss","scoring_elements":"0.34604","published_at":"2026-06-08T12:55:00Z"},{"value":"0.00145","scoring_system":"epss","scoring_elements":"0.34638","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00145","scoring_system":"epss","scoring_elements":"0.34674","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00145","scoring_system":"epss","scoring_elements":"0.34559","published_at":"2026-06-04T12:55:00Z"},{"value":"0.00145","scoring_system":"epss","scoring_elements":"0.34622","published_at":"2026-06-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2023-25746"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-46871","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-46871"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-46877","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-46877"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0430","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0430"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0616","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0616"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0767","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0767"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-23598","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-23598"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-23601","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-23601"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-23602","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-23602"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-23603","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-23603"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-23605","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-23605"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25728","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25728"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25729","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25729"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25730","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25730"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25732","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25732"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25735","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25735"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25737","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25737"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25739","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25739"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25742","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25742"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25744","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25744"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25746","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25746"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2170402","reference_id":"2170402","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2170402"},{"reference_url":"https://bugzilla.mozilla.org/buglist.cgi?bug_id=1544127%2C1762368","reference_id":"buglist.cgi?bug_id=1544127%2C1762368","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-01-09T19:10:21Z/"}],"url":"https://bugzilla.mozilla.org/buglist.cgi?bug_id=1544127%2C1762368"},{"reference_url":"https://security.gentoo.org/glsa/202305-35","reference_id":"GLSA-202305-35","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202305-35"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2023-06","reference_id":"mfsa2023-06","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2023-06"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2023-06/","reference_id":"mfsa2023-06","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-01-09T19:10:21Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2023-06/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2023-07","reference_id":"mfsa2023-07","reference_type":"","scores":[{"value":"low","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2023-07"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2023-07/","reference_id":"mfsa2023-07","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-01-09T19:10:21Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2023-07/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:0805","reference_id":"RHSA-2023:0805","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:0805"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:0806","reference_id":"RHSA-2023:0806","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:0806"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:0807","reference_id":"RHSA-2023:0807","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:0807"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:0808","reference_id":"RHSA-2023:0808","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:0808"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:0809","reference_id":"RHSA-2023:0809","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:0809"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:0810","reference_id":"RHSA-2023:0810","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:0810"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:0811","reference_id":"RHSA-2023:0811","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:0811"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:0812","reference_id":"RHSA-2023:0812","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:0812"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:0817","reference_id":"RHSA-2023:0817","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:0817"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:0818","reference_id":"RHSA-2023:0818","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:0818"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:0819","reference_id":"RHSA-2023:0819","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:0819"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:0820","reference_id":"RHSA-2023:0820","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:0820"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:0821","reference_id":"RHSA-2023:0821","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:0821"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:0822","reference_id":"RHSA-2023:0822","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:0822"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:0823","reference_id":"RHSA-2023:0823","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:0823"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:0824","reference_id":"RHSA-2023:0824","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:0824"},{"reference_url":"https://usn.ubuntu.com/5943-1/","reference_id":"USN-5943-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5943-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/95017?format=json","purl":"pkg:deb/debian/firefox-esr@102.8.0esr-1~deb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@102.8.0esr-1~deb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/95016?format=json","purl":"pkg:deb/debian/firefox-esr@102.8.0esr-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@102.8.0esr-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/94686?format=json","purl":"pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/94684?format=json","purl":"pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-ghpk-c1e6-pkae"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/94688?format=json","purl":"pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-ghpk-c1e6-pkae"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/94687?format=json","purl":"pkg:deb/debian/firefox-esr@140.11.0esr-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-ghpk-c1e6-pkae"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.11.0esr-1%3Fdistro=trixie"}],"aliases":["CVE-2023-25746"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-b7tj-q8bt-gugw"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/1016?format=json","vulnerability_id":"VCID-drt8-4m4z-bqhn","summary":"An invalid downcast from nsTextNode to SVGElement could have lead to undefined behavior.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-25737.json","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-25737.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2023-25737","reference_id":"","reference_type":"","scores":[{"value":"0.00172","scoring_system":"epss","scoring_elements":"0.38252","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00172","scoring_system":"epss","scoring_elements":"0.38256","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00172","scoring_system":"epss","scoring_elements":"0.38229","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00172","scoring_system":"epss","scoring_elements":"0.38164","published_at":"2026-06-04T12:55:00Z"},{"value":"0.00172","scoring_system":"epss","scoring_elements":"0.3821","published_at":"2026-06-09T12:55:00Z"},{"value":"0.00172","scoring_system":"epss","scoring_elements":"0.38199","published_at":"2026-06-08T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2023-25737"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-46871","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-46871"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-46877","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-46877"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0430","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0430"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0616","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0616"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0767","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0767"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-23598","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-23598"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-23601","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-23601"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-23602","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-23602"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-23603","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-23603"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-23605","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-23605"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25728","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25728"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25729","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25729"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25730","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25730"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25732","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25732"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25735","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25735"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25737","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25737"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25739","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25739"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25742","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25742"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25744","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25744"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25746","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25746"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2170379","reference_id":"2170379","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2170379"},{"reference_url":"https://security.gentoo.org/glsa/202305-35","reference_id":"GLSA-202305-35","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202305-35"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2023-05","reference_id":"mfsa2023-05","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2023-05"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2023-05/","reference_id":"mfsa2023-05","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2025-01-09T20:10:49Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2023-05/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2023-06","reference_id":"mfsa2023-06","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2023-06"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2023-06/","reference_id":"mfsa2023-06","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2025-01-09T20:10:49Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2023-06/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2023-07","reference_id":"mfsa2023-07","reference_type":"","scores":[{"value":"low","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2023-07"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2023-07/","reference_id":"mfsa2023-07","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2025-01-09T20:10:49Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2023-07/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:0805","reference_id":"RHSA-2023:0805","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:0805"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:0806","reference_id":"RHSA-2023:0806","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:0806"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:0807","reference_id":"RHSA-2023:0807","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:0807"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:0808","reference_id":"RHSA-2023:0808","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:0808"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:0809","reference_id":"RHSA-2023:0809","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:0809"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:0810","reference_id":"RHSA-2023:0810","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:0810"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:0811","reference_id":"RHSA-2023:0811","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:0811"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:0812","reference_id":"RHSA-2023:0812","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:0812"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:0817","reference_id":"RHSA-2023:0817","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:0817"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:0818","reference_id":"RHSA-2023:0818","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:0818"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:0819","reference_id":"RHSA-2023:0819","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:0819"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:0820","reference_id":"RHSA-2023:0820","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:0820"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:0821","reference_id":"RHSA-2023:0821","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:0821"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:0822","reference_id":"RHSA-2023:0822","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:0822"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:0823","reference_id":"RHSA-2023:0823","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:0823"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:0824","reference_id":"RHSA-2023:0824","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:0824"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1811464","reference_id":"show_bug.cgi?id=1811464","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2025-01-09T20:10:49Z/"}],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1811464"},{"reference_url":"https://usn.ubuntu.com/5880-1/","reference_id":"USN-5880-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5880-1/"},{"reference_url":"https://usn.ubuntu.com/5943-1/","reference_id":"USN-5943-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5943-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/95017?format=json","purl":"pkg:deb/debian/firefox-esr@102.8.0esr-1~deb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@102.8.0esr-1~deb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/95016?format=json","purl":"pkg:deb/debian/firefox-esr@102.8.0esr-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@102.8.0esr-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/94686?format=json","purl":"pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/94684?format=json","purl":"pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-ghpk-c1e6-pkae"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/94688?format=json","purl":"pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-ghpk-c1e6-pkae"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/94687?format=json","purl":"pkg:deb/debian/firefox-esr@140.11.0esr-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-ghpk-c1e6-pkae"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.11.0esr-1%3Fdistro=trixie"}],"aliases":["CVE-2023-25737"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-drt8-4m4z-bqhn"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/1022?format=json","vulnerability_id":"VCID-h9j9-km9y-rqer","summary":"When importing a SPKI RSA public key as ECDSA P-256, the key would be handled incorrectly causing the tab to crash.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-25742.json","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-25742.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2023-25742","reference_id":"","reference_type":"","scores":[{"value":"0.00124","scoring_system":"epss","scoring_elements":"0.31224","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00124","scoring_system":"epss","scoring_elements":"0.31146","published_at":"2026-06-09T12:55:00Z"},{"value":"0.00124","scoring_system":"epss","scoring_elements":"0.31124","published_at":"2026-06-08T12:55:00Z"},{"value":"0.00124","scoring_system":"epss","scoring_elements":"0.31191","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00124","scoring_system":"epss","scoring_elements":"0.31156","published_at":"2026-06-07T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2023-25742"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-46871","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-46871"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-46877","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-46877"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0430","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0430"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0616","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0616"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0767","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0767"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-23598","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-23598"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-23601","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-23601"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-23602","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-23602"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-23603","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-23603"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-23605","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-23605"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25728","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25728"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25729","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25729"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25730","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25730"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25732","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25732"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25735","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25735"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25737","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25737"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25739","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25739"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25742","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25742"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25744","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25744"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25746","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25746"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2170390","reference_id":"2170390","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2170390"},{"reference_url":"https://security.gentoo.org/glsa/202305-35","reference_id":"GLSA-202305-35","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202305-35"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2023-05","reference_id":"mfsa2023-05","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2023-05"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2023-05/","reference_id":"mfsa2023-05","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-09T16:15:37Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2023-05/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2023-06","reference_id":"mfsa2023-06","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2023-06"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2023-06/","reference_id":"mfsa2023-06","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-09T16:15:37Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2023-06/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2023-07","reference_id":"mfsa2023-07","reference_type":"","scores":[{"value":"low","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2023-07"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2023-07/","reference_id":"mfsa2023-07","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-09T16:15:37Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2023-07/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:0805","reference_id":"RHSA-2023:0805","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:0805"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:0806","reference_id":"RHSA-2023:0806","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:0806"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:0807","reference_id":"RHSA-2023:0807","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:0807"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:0808","reference_id":"RHSA-2023:0808","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:0808"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:0809","reference_id":"RHSA-2023:0809","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:0809"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:0810","reference_id":"RHSA-2023:0810","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:0810"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:0811","reference_id":"RHSA-2023:0811","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:0811"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:0812","reference_id":"RHSA-2023:0812","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:0812"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:0817","reference_id":"RHSA-2023:0817","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:0817"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:0818","reference_id":"RHSA-2023:0818","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:0818"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:0819","reference_id":"RHSA-2023:0819","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:0819"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:0820","reference_id":"RHSA-2023:0820","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:0820"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:0821","reference_id":"RHSA-2023:0821","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:0821"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:0822","reference_id":"RHSA-2023:0822","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:0822"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:0823","reference_id":"RHSA-2023:0823","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:0823"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:0824","reference_id":"RHSA-2023:0824","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:0824"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1813424","reference_id":"show_bug.cgi?id=1813424","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-09T16:15:37Z/"}],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1813424"},{"reference_url":"https://usn.ubuntu.com/5880-1/","reference_id":"USN-5880-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5880-1/"},{"reference_url":"https://usn.ubuntu.com/5943-1/","reference_id":"USN-5943-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5943-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/95017?format=json","purl":"pkg:deb/debian/firefox-esr@102.8.0esr-1~deb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@102.8.0esr-1~deb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/95016?format=json","purl":"pkg:deb/debian/firefox-esr@102.8.0esr-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@102.8.0esr-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/94686?format=json","purl":"pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/94684?format=json","purl":"pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-ghpk-c1e6-pkae"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/94688?format=json","purl":"pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-ghpk-c1e6-pkae"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/94687?format=json","purl":"pkg:deb/debian/firefox-esr@140.11.0esr-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-ghpk-c1e6-pkae"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.11.0esr-1%3Fdistro=trixie"}],"aliases":["CVE-2023-25742"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-h9j9-km9y-rqer"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/1019?format=json","vulnerability_id":"VCID-jr29-441c-xub9","summary":"Permission prompts for opening external schemes were only shown for ContentPrincipals resulting in extensions being able to open them without user interaction via ExpandedPrincipals. This could lead to further malicious actions such as downloading files or interacting with software already installed on the system.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-25729.json","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-25729.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2023-25729","reference_id":"","reference_type":"","scores":[{"value":"0.00124","scoring_system":"epss","scoring_elements":"0.3113","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00124","scoring_system":"epss","scoring_elements":"0.31096","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00124","scoring_system":"epss","scoring_elements":"0.31062","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00124","scoring_system":"epss","scoring_elements":"0.31064","published_at":"2026-06-04T12:55:00Z"},{"value":"0.00124","scoring_system":"epss","scoring_elements":"0.31052","published_at":"2026-06-09T12:55:00Z"},{"value":"0.00124","scoring_system":"epss","scoring_elements":"0.31029","published_at":"2026-06-08T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2023-25729"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-46871","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-46871"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-46877","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-46877"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0430","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0430"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0616","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0616"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0767","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0767"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-23598","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-23598"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-23601","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-23601"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-23602","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-23602"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-23603","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-23603"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-23605","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-23605"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25728","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25728"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25729","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25729"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25730","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25730"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25732","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25732"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25735","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25735"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25737","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25737"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25739","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25739"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25742","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25742"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25744","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25744"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25746","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25746"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2170382","reference_id":"2170382","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2170382"},{"reference_url":"https://security.gentoo.org/glsa/202305-35","reference_id":"GLSA-202305-35","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202305-35"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2023-05","reference_id":"mfsa2023-05","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2023-05"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2023-05/","reference_id":"mfsa2023-05","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2025-01-10T17:35:34Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2023-05/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2023-06","reference_id":"mfsa2023-06","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2023-06"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2023-06/","reference_id":"mfsa2023-06","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2025-01-10T17:35:34Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2023-06/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2023-07","reference_id":"mfsa2023-07","reference_type":"","scores":[{"value":"low","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2023-07"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2023-07/","reference_id":"mfsa2023-07","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2025-01-10T17:35:34Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2023-07/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:0805","reference_id":"RHSA-2023:0805","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:0805"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:0806","reference_id":"RHSA-2023:0806","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:0806"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:0807","reference_id":"RHSA-2023:0807","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:0807"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:0808","reference_id":"RHSA-2023:0808","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:0808"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:0809","reference_id":"RHSA-2023:0809","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:0809"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:0810","reference_id":"RHSA-2023:0810","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:0810"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:0811","reference_id":"RHSA-2023:0811","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:0811"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:0812","reference_id":"RHSA-2023:0812","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:0812"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:0817","reference_id":"RHSA-2023:0817","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:0817"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:0818","reference_id":"RHSA-2023:0818","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:0818"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:0819","reference_id":"RHSA-2023:0819","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:0819"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:0820","reference_id":"RHSA-2023:0820","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:0820"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:0821","reference_id":"RHSA-2023:0821","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:0821"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:0822","reference_id":"RHSA-2023:0822","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:0822"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:0823","reference_id":"RHSA-2023:0823","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:0823"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:0824","reference_id":"RHSA-2023:0824","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:0824"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1792138","reference_id":"show_bug.cgi?id=1792138","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2025-01-10T17:35:34Z/"}],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1792138"},{"reference_url":"https://usn.ubuntu.com/5880-1/","reference_id":"USN-5880-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5880-1/"},{"reference_url":"https://usn.ubuntu.com/5943-1/","reference_id":"USN-5943-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5943-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/95017?format=json","purl":"pkg:deb/debian/firefox-esr@102.8.0esr-1~deb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@102.8.0esr-1~deb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/95016?format=json","purl":"pkg:deb/debian/firefox-esr@102.8.0esr-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@102.8.0esr-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/94686?format=json","purl":"pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/94684?format=json","purl":"pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-ghpk-c1e6-pkae"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/94688?format=json","purl":"pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-ghpk-c1e6-pkae"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/94687?format=json","purl":"pkg:deb/debian/firefox-esr@140.11.0esr-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-ghpk-c1e6-pkae"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.11.0esr-1%3Fdistro=trixie"}],"aliases":["CVE-2023-25729"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-jr29-441c-xub9"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/1012?format=json","vulnerability_id":"VCID-jugw-w712-4ffm","summary":"The Content-Security-Policy-Report-Only header could allow an attacker to leak a child iframe's unredacted URI when interaction with that iframe triggers a redirect.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-25728.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-25728.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2023-25728","reference_id":"","reference_type":"","scores":[{"value":"0.00201","scoring_system":"epss","scoring_elements":"0.42134","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00201","scoring_system":"epss","scoring_elements":"0.42144","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00201","scoring_system":"epss","scoring_elements":"0.42116","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00201","scoring_system":"epss","scoring_elements":"0.42059","published_at":"2026-06-04T12:55:00Z"},{"value":"0.00201","scoring_system":"epss","scoring_elements":"0.4209","published_at":"2026-06-09T12:55:00Z"},{"value":"0.00201","scoring_system":"epss","scoring_elements":"0.42081","published_at":"2026-06-08T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2023-25728"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-46871","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-46871"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-46877","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-46877"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0430","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0430"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0616","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0616"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0767","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0767"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-23598","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-23598"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-23601","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-23601"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-23602","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-23602"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-23603","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-23603"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-23605","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-23605"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25728","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25728"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25729","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25729"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25730","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25730"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25732","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25732"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25735","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25735"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25737","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25737"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25739","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25739"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25742","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25742"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25744","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25744"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25746","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25746"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2170374","reference_id":"2170374","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2170374"},{"reference_url":"https://security.gentoo.org/glsa/202305-35","reference_id":"GLSA-202305-35","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202305-35"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2023-05","reference_id":"mfsa2023-05","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2023-05"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2023-05/","reference_id":"mfsa2023-05","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-10T17:40:01Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2023-05/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2023-06","reference_id":"mfsa2023-06","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2023-06"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2023-06/","reference_id":"mfsa2023-06","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-10T17:40:01Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2023-06/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2023-07","reference_id":"mfsa2023-07","reference_type":"","scores":[{"value":"low","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2023-07"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2023-07/","reference_id":"mfsa2023-07","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-10T17:40:01Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2023-07/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:0805","reference_id":"RHSA-2023:0805","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:0805"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:0806","reference_id":"RHSA-2023:0806","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:0806"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:0807","reference_id":"RHSA-2023:0807","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:0807"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:0808","reference_id":"RHSA-2023:0808","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:0808"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:0809","reference_id":"RHSA-2023:0809","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:0809"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:0810","reference_id":"RHSA-2023:0810","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:0810"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:0811","reference_id":"RHSA-2023:0811","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:0811"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:0812","reference_id":"RHSA-2023:0812","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:0812"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:0817","reference_id":"RHSA-2023:0817","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:0817"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:0818","reference_id":"RHSA-2023:0818","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:0818"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:0819","reference_id":"RHSA-2023:0819","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:0819"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:0820","reference_id":"RHSA-2023:0820","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:0820"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:0821","reference_id":"RHSA-2023:0821","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:0821"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:0822","reference_id":"RHSA-2023:0822","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:0822"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:0823","reference_id":"RHSA-2023:0823","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:0823"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:0824","reference_id":"RHSA-2023:0824","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:0824"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1790345","reference_id":"show_bug.cgi?id=1790345","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-10T17:40:01Z/"}],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1790345"},{"reference_url":"https://usn.ubuntu.com/5880-1/","reference_id":"USN-5880-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5880-1/"},{"reference_url":"https://usn.ubuntu.com/5943-1/","reference_id":"USN-5943-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5943-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/95017?format=json","purl":"pkg:deb/debian/firefox-esr@102.8.0esr-1~deb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@102.8.0esr-1~deb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/95016?format=json","purl":"pkg:deb/debian/firefox-esr@102.8.0esr-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@102.8.0esr-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/94686?format=json","purl":"pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/94684?format=json","purl":"pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-ghpk-c1e6-pkae"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/94688?format=json","purl":"pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-ghpk-c1e6-pkae"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/94687?format=json","purl":"pkg:deb/debian/firefox-esr@140.11.0esr-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-ghpk-c1e6-pkae"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.11.0esr-1%3Fdistro=trixie"}],"aliases":["CVE-2023-25728"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-jugw-w712-4ffm"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/1013?format=json","vulnerability_id":"VCID-mrps-gknt-zuhq","summary":"A background script invoking requestFullscreen and then blocking the main thread could force the browser into fullscreen mode indefinitely, resulting in potential user confusion or spoofing attacks.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-25730.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-25730.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2023-25730","reference_id":"","reference_type":"","scores":[{"value":"0.00106","scoring_system":"epss","scoring_elements":"0.28428","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00106","scoring_system":"epss","scoring_elements":"0.28386","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00106","scoring_system":"epss","scoring_elements":"0.28346","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00106","scoring_system":"epss","scoring_elements":"0.28355","published_at":"2026-06-04T12:55:00Z"},{"value":"0.00106","scoring_system":"epss","scoring_elements":"0.28316","published_at":"2026-06-09T12:55:00Z"},{"value":"0.00106","scoring_system":"epss","scoring_elements":"0.28312","published_at":"2026-06-08T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2023-25730"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-46871","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-46871"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-46877","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-46877"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0430","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0430"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0616","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0616"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0767","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0767"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-23598","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-23598"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-23601","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-23601"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-23602","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-23602"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-23603","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-23603"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-23605","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-23605"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25728","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25728"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25729","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25729"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25730","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25730"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25732","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25732"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25735","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25735"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25737","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25737"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25739","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25739"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25742","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25742"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25744","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25744"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25746","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25746"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2170375","reference_id":"2170375","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2170375"},{"reference_url":"https://security.gentoo.org/glsa/202305-35","reference_id":"GLSA-202305-35","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202305-35"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2023-05","reference_id":"mfsa2023-05","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2023-05"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2023-05/","reference_id":"mfsa2023-05","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-10T17:32:33Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2023-05/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2023-06","reference_id":"mfsa2023-06","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2023-06"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2023-06/","reference_id":"mfsa2023-06","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-10T17:32:33Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2023-06/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2023-07","reference_id":"mfsa2023-07","reference_type":"","scores":[{"value":"low","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2023-07"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2023-07/","reference_id":"mfsa2023-07","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-10T17:32:33Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2023-07/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:0805","reference_id":"RHSA-2023:0805","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:0805"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:0806","reference_id":"RHSA-2023:0806","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:0806"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:0807","reference_id":"RHSA-2023:0807","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:0807"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:0808","reference_id":"RHSA-2023:0808","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:0808"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:0809","reference_id":"RHSA-2023:0809","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:0809"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:0810","reference_id":"RHSA-2023:0810","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:0810"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:0811","reference_id":"RHSA-2023:0811","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:0811"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:0812","reference_id":"RHSA-2023:0812","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:0812"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:0817","reference_id":"RHSA-2023:0817","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:0817"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:0818","reference_id":"RHSA-2023:0818","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:0818"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:0819","reference_id":"RHSA-2023:0819","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:0819"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:0820","reference_id":"RHSA-2023:0820","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:0820"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:0821","reference_id":"RHSA-2023:0821","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:0821"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:0822","reference_id":"RHSA-2023:0822","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:0822"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:0823","reference_id":"RHSA-2023:0823","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:0823"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:0824","reference_id":"RHSA-2023:0824","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:0824"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1794622","reference_id":"show_bug.cgi?id=1794622","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-10T17:32:33Z/"}],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1794622"},{"reference_url":"https://usn.ubuntu.com/5880-1/","reference_id":"USN-5880-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5880-1/"},{"reference_url":"https://usn.ubuntu.com/5943-1/","reference_id":"USN-5943-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5943-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/95017?format=json","purl":"pkg:deb/debian/firefox-esr@102.8.0esr-1~deb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@102.8.0esr-1~deb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/95016?format=json","purl":"pkg:deb/debian/firefox-esr@102.8.0esr-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@102.8.0esr-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/94686?format=json","purl":"pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/94684?format=json","purl":"pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-ghpk-c1e6-pkae"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/94688?format=json","purl":"pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-ghpk-c1e6-pkae"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/94687?format=json","purl":"pkg:deb/debian/firefox-esr@140.11.0esr-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-ghpk-c1e6-pkae"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.11.0esr-1%3Fdistro=trixie"}],"aliases":["CVE-2023-25730"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-mrps-gknt-zuhq"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/1020?format=json","vulnerability_id":"VCID-tckf-u6za-m7hs","summary":"When encoding data from an inputStream in xpcom the size of the input being encoded was not correctly calculated potentially leading to an out of bounds memory write.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-25732.json","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-25732.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2023-25732","reference_id":"","reference_type":"","scores":[{"value":"0.00153","scoring_system":"epss","scoring_elements":"0.35738","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00153","scoring_system":"epss","scoring_elements":"0.3575","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00153","scoring_system":"epss","scoring_elements":"0.3571","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00153","scoring_system":"epss","scoring_elements":"0.35636","published_at":"2026-06-04T12:55:00Z"},{"value":"0.00153","scoring_system":"epss","scoring_elements":"0.35683","published_at":"2026-06-09T12:55:00Z"},{"value":"0.00153","scoring_system":"epss","scoring_elements":"0.35668","published_at":"2026-06-08T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2023-25732"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-46871","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-46871"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-46877","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-46877"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0430","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0430"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0616","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0616"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0767","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0767"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-23598","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-23598"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-23601","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-23601"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-23602","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-23602"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-23603","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-23603"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-23605","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-23605"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25728","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25728"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25729","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25729"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25730","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25730"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25732","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25732"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25735","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25735"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25737","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25737"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25739","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25739"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25742","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25742"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25744","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25744"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25746","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25746"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2170383","reference_id":"2170383","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2170383"},{"reference_url":"https://security.gentoo.org/glsa/202305-35","reference_id":"GLSA-202305-35","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202305-35"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2023-05","reference_id":"mfsa2023-05","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2023-05"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2023-05/","reference_id":"mfsa2023-05","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2025-01-09T21:12:13Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2023-05/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2023-06","reference_id":"mfsa2023-06","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2023-06"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2023-06/","reference_id":"mfsa2023-06","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2025-01-09T21:12:13Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2023-06/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2023-07","reference_id":"mfsa2023-07","reference_type":"","scores":[{"value":"low","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2023-07"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2023-07/","reference_id":"mfsa2023-07","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2025-01-09T21:12:13Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2023-07/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:0805","reference_id":"RHSA-2023:0805","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:0805"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:0806","reference_id":"RHSA-2023:0806","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:0806"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:0807","reference_id":"RHSA-2023:0807","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:0807"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:0808","reference_id":"RHSA-2023:0808","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:0808"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:0809","reference_id":"RHSA-2023:0809","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:0809"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:0810","reference_id":"RHSA-2023:0810","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:0810"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:0811","reference_id":"RHSA-2023:0811","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:0811"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:0812","reference_id":"RHSA-2023:0812","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:0812"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:0817","reference_id":"RHSA-2023:0817","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:0817"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:0818","reference_id":"RHSA-2023:0818","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:0818"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:0819","reference_id":"RHSA-2023:0819","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:0819"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:0820","reference_id":"RHSA-2023:0820","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:0820"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:0821","reference_id":"RHSA-2023:0821","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:0821"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:0822","reference_id":"RHSA-2023:0822","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:0822"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:0823","reference_id":"RHSA-2023:0823","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:0823"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:0824","reference_id":"RHSA-2023:0824","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:0824"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1804564","reference_id":"show_bug.cgi?id=1804564","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2025-01-09T21:12:13Z/"}],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1804564"},{"reference_url":"https://usn.ubuntu.com/5880-1/","reference_id":"USN-5880-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5880-1/"},{"reference_url":"https://usn.ubuntu.com/5943-1/","reference_id":"USN-5943-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5943-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/95017?format=json","purl":"pkg:deb/debian/firefox-esr@102.8.0esr-1~deb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@102.8.0esr-1~deb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/95016?format=json","purl":"pkg:deb/debian/firefox-esr@102.8.0esr-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@102.8.0esr-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/94686?format=json","purl":"pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/94684?format=json","purl":"pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-ghpk-c1e6-pkae"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/94688?format=json","purl":"pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-ghpk-c1e6-pkae"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/94687?format=json","purl":"pkg:deb/debian/firefox-esr@140.11.0esr-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-ghpk-c1e6-pkae"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.11.0esr-1%3Fdistro=trixie"}],"aliases":["CVE-2023-25732"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-tckf-u6za-m7hs"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/1018?format=json","vulnerability_id":"VCID-vbr6-9cem-gfbr","summary":"Module load requests that failed were not being checked as to whether or not they were cancelled causing a use-after-free in ScriptLoadContext.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-25739.json","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-25739.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2023-25739","reference_id":"","reference_type":"","scores":[{"value":"0.00208","scoring_system":"epss","scoring_elements":"0.43216","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00208","scoring_system":"epss","scoring_elements":"0.43225","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00208","scoring_system":"epss","scoring_elements":"0.43203","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00208","scoring_system":"epss","scoring_elements":"0.43143","published_at":"2026-06-04T12:55:00Z"},{"value":"0.00208","scoring_system":"epss","scoring_elements":"0.43179","published_at":"2026-06-09T12:55:00Z"},{"value":"0.00208","scoring_system":"epss","scoring_elements":"0.43168","published_at":"2026-06-08T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2023-25739"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-46871","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-46871"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-46877","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-46877"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0430","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0430"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0616","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0616"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0767","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0767"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-23598","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-23598"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-23601","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-23601"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-23602","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-23602"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-23603","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-23603"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-23605","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-23605"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25728","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25728"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25729","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25729"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25730","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25730"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25732","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25732"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25735","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25735"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25737","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25737"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25739","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25739"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25742","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25742"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25744","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25744"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25746","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25746"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2170381","reference_id":"2170381","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2170381"},{"reference_url":"https://security.gentoo.org/glsa/202305-35","reference_id":"GLSA-202305-35","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202305-35"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2023-05","reference_id":"mfsa2023-05","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2023-05"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2023-05/","reference_id":"mfsa2023-05","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2025-01-09T20:05:46Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2023-05/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2023-06","reference_id":"mfsa2023-06","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2023-06"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2023-06/","reference_id":"mfsa2023-06","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2025-01-09T20:05:46Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2023-06/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2023-07","reference_id":"mfsa2023-07","reference_type":"","scores":[{"value":"low","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2023-07"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2023-07/","reference_id":"mfsa2023-07","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2025-01-09T20:05:46Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2023-07/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:0805","reference_id":"RHSA-2023:0805","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:0805"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:0806","reference_id":"RHSA-2023:0806","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:0806"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:0807","reference_id":"RHSA-2023:0807","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:0807"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:0808","reference_id":"RHSA-2023:0808","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:0808"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:0809","reference_id":"RHSA-2023:0809","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:0809"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:0810","reference_id":"RHSA-2023:0810","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:0810"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:0811","reference_id":"RHSA-2023:0811","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:0811"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:0812","reference_id":"RHSA-2023:0812","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:0812"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:0817","reference_id":"RHSA-2023:0817","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:0817"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:0818","reference_id":"RHSA-2023:0818","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:0818"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:0819","reference_id":"RHSA-2023:0819","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:0819"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:0820","reference_id":"RHSA-2023:0820","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:0820"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:0821","reference_id":"RHSA-2023:0821","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:0821"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:0822","reference_id":"RHSA-2023:0822","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:0822"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:0823","reference_id":"RHSA-2023:0823","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:0823"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:0824","reference_id":"RHSA-2023:0824","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:0824"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1811939","reference_id":"show_bug.cgi?id=1811939","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2025-01-09T20:05:46Z/"}],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1811939"},{"reference_url":"https://usn.ubuntu.com/5880-1/","reference_id":"USN-5880-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5880-1/"},{"reference_url":"https://usn.ubuntu.com/5943-1/","reference_id":"USN-5943-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5943-1/"},{"reference_url":"https://usn.ubuntu.com/6120-1/","reference_id":"USN-6120-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6120-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/95017?format=json","purl":"pkg:deb/debian/firefox-esr@102.8.0esr-1~deb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@102.8.0esr-1~deb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/95016?format=json","purl":"pkg:deb/debian/firefox-esr@102.8.0esr-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@102.8.0esr-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/94686?format=json","purl":"pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/94684?format=json","purl":"pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-ghpk-c1e6-pkae"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/94688?format=json","purl":"pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-ghpk-c1e6-pkae"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/94687?format=json","purl":"pkg:deb/debian/firefox-esr@140.11.0esr-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-ghpk-c1e6-pkae"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.11.0esr-1%3Fdistro=trixie"}],"aliases":["CVE-2023-25739"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-vbr6-9cem-gfbr"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/1014?format=json","vulnerability_id":"VCID-vt12-dm3z-bkhs","summary":"An attacker could construct a PKCS 12 cert bundle in such a way that could allow for arbitrary memory writes via PKCS 12 Safe Bag attributes being mishandled.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-0767.json","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-0767.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2023-0767","reference_id":"","reference_type":"","scores":[{"value":"0.00249","scoring_system":"epss","scoring_elements":"0.48319","published_at":"2026-06-08T12:55:00Z"},{"value":"0.00249","scoring_system":"epss","scoring_elements":"0.483","published_at":"2026-06-04T12:55:00Z"},{"value":"0.00249","scoring_system":"epss","scoring_elements":"0.48331","published_at":"2026-06-09T12:55:00Z"},{"value":"0.00249","scoring_system":"epss","scoring_elements":"0.48347","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00249","scoring_system":"epss","scoring_elements":"0.48366","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00249","scoring_system":"epss","scoring_elements":"0.48363","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2023-0767"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-46871","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-46871"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-46877","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-46877"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0430","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0430"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0616","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0616"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0767","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0767"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-23598","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-23598"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-23601","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-23601"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-23602","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-23602"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-23603","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-23603"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-23605","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-23605"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25728","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25728"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25729","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25729"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25730","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25730"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25732","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25732"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25735","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25735"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25737","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25737"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25739","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25739"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25742","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25742"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25744","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25744"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25746","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25746"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2170377","reference_id":"2170377","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2170377"},{"reference_url":"https://alas.aws.amazon.com/AL2/ALAS-2023-1992.html","reference_id":"ALAS-2023-1992.html","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-23T13:27:56Z/"}],"url":"https://alas.aws.amazon.com/AL2/ALAS-2023-1992.html"},{"reference_url":"https://security.gentoo.org/glsa/202305-35","reference_id":"GLSA-202305-35","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202305-35"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2023-05","reference_id":"mfsa2023-05","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2023-05"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2023-05/","reference_id":"mfsa2023-05","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-23T13:27:56Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2023-05/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2023-06","reference_id":"mfsa2023-06","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2023-06"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2023-06/","reference_id":"mfsa2023-06","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-23T13:27:56Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2023-06/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2023-07","reference_id":"mfsa2023-07","reference_type":"","scores":[{"value":"low","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2023-07"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2023-07/","reference_id":"mfsa2023-07","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-23T13:27:56Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2023-07/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1252","reference_id":"RHSA-2023:1252","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1252"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1332","reference_id":"RHSA-2023:1332","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1332"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1365","reference_id":"RHSA-2023:1365","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1365"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1366","reference_id":"RHSA-2023:1366","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1366"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1368","reference_id":"RHSA-2023:1368","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1368"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1369","reference_id":"RHSA-2023:1369","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1369"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1370","reference_id":"RHSA-2023:1370","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1370"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1406","reference_id":"RHSA-2023:1406","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1406"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1436","reference_id":"RHSA-2023:1436","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1436"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1442","reference_id":"RHSA-2023:1442","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1442"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1443","reference_id":"RHSA-2023:1443","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1443"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1444","reference_id":"RHSA-2023:1444","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1444"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1445","reference_id":"RHSA-2023:1445","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1445"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1472","reference_id":"RHSA-2023:1472","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1472"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1479","reference_id":"RHSA-2023:1479","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1479"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1677","reference_id":"RHSA-2023:1677","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1677"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1804640","reference_id":"show_bug.cgi?id=1804640","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-23T13:27:56Z/"}],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1804640"},{"reference_url":"https://usn.ubuntu.com/5880-1/","reference_id":"USN-5880-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5880-1/"},{"reference_url":"https://usn.ubuntu.com/5892-1/","reference_id":"USN-5892-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5892-1/"},{"reference_url":"https://usn.ubuntu.com/5892-2/","reference_id":"USN-5892-2","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5892-2/"},{"reference_url":"https://usn.ubuntu.com/5943-1/","reference_id":"USN-5943-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5943-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/95017?format=json","purl":"pkg:deb/debian/firefox-esr@102.8.0esr-1~deb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@102.8.0esr-1~deb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/95016?format=json","purl":"pkg:deb/debian/firefox-esr@102.8.0esr-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@102.8.0esr-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/94686?format=json","purl":"pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/94684?format=json","purl":"pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-ghpk-c1e6-pkae"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/94688?format=json","purl":"pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-ghpk-c1e6-pkae"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/94687?format=json","purl":"pkg:deb/debian/firefox-esr@140.11.0esr-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-ghpk-c1e6-pkae"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.11.0esr-1%3Fdistro=trixie"}],"aliases":["CVE-2023-0767"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-vt12-dm3z-bkhs"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/1015?format=json","vulnerability_id":"VCID-xk2d-re1h-zkgt","summary":"Cross-compartment wrappers wrapping a scripted proxy could have caused objects from other compartments to be stored in the main compartment resulting in a use-after-free after unwrapping the proxy.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-25735.json","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-25735.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2023-25735","reference_id":"","reference_type":"","scores":[{"value":"0.00166","scoring_system":"epss","scoring_elements":"0.37472","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00166","scoring_system":"epss","scoring_elements":"0.37477","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00166","scoring_system":"epss","scoring_elements":"0.37445","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00166","scoring_system":"epss","scoring_elements":"0.3738","published_at":"2026-06-04T12:55:00Z"},{"value":"0.00166","scoring_system":"epss","scoring_elements":"0.37419","published_at":"2026-06-09T12:55:00Z"},{"value":"0.00166","scoring_system":"epss","scoring_elements":"0.37406","published_at":"2026-06-08T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2023-25735"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-46871","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-46871"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-46877","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-46877"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0430","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0430"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0616","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0616"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0767","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0767"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-23598","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-23598"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-23601","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-23601"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-23602","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-23602"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-23603","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-23603"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-23605","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-23605"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25728","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25728"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25729","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25729"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25730","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25730"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25732","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25732"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25735","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25735"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25737","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25737"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25739","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25739"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25742","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25742"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25744","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25744"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25746","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25746"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2170378","reference_id":"2170378","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2170378"},{"reference_url":"https://security.gentoo.org/glsa/202305-35","reference_id":"GLSA-202305-35","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202305-35"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2023-05","reference_id":"mfsa2023-05","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2023-05"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2023-05/","reference_id":"mfsa2023-05","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2025-01-09T20:59:20Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2023-05/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2023-06","reference_id":"mfsa2023-06","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2023-06"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2023-06/","reference_id":"mfsa2023-06","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2025-01-09T20:59:20Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2023-06/"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2023-07","reference_id":"mfsa2023-07","reference_type":"","scores":[{"value":"low","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2023-07"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2023-07/","reference_id":"mfsa2023-07","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2025-01-09T20:59:20Z/"}],"url":"https://www.mozilla.org/security/advisories/mfsa2023-07/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:0805","reference_id":"RHSA-2023:0805","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:0805"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:0806","reference_id":"RHSA-2023:0806","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:0806"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:0807","reference_id":"RHSA-2023:0807","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:0807"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:0808","reference_id":"RHSA-2023:0808","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:0808"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:0809","reference_id":"RHSA-2023:0809","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:0809"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:0810","reference_id":"RHSA-2023:0810","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:0810"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:0811","reference_id":"RHSA-2023:0811","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:0811"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:0812","reference_id":"RHSA-2023:0812","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:0812"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:0817","reference_id":"RHSA-2023:0817","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:0817"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:0818","reference_id":"RHSA-2023:0818","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:0818"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:0819","reference_id":"RHSA-2023:0819","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:0819"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:0820","reference_id":"RHSA-2023:0820","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:0820"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:0821","reference_id":"RHSA-2023:0821","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:0821"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:0822","reference_id":"RHSA-2023:0822","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:0822"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:0823","reference_id":"RHSA-2023:0823","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:0823"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:0824","reference_id":"RHSA-2023:0824","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:0824"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1810711","reference_id":"show_bug.cgi?id=1810711","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2025-01-09T20:59:20Z/"}],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1810711"},{"reference_url":"https://usn.ubuntu.com/5880-1/","reference_id":"USN-5880-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5880-1/"},{"reference_url":"https://usn.ubuntu.com/5943-1/","reference_id":"USN-5943-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5943-1/"},{"reference_url":"https://usn.ubuntu.com/6120-1/","reference_id":"USN-6120-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6120-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/95017?format=json","purl":"pkg:deb/debian/firefox-esr@102.8.0esr-1~deb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@102.8.0esr-1~deb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/95016?format=json","purl":"pkg:deb/debian/firefox-esr@102.8.0esr-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@102.8.0esr-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/94686?format=json","purl":"pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/94684?format=json","purl":"pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-ghpk-c1e6-pkae"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/94688?format=json","purl":"pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-ghpk-c1e6-pkae"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/94687?format=json","purl":"pkg:deb/debian/firefox-esr@140.11.0esr-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-ghpk-c1e6-pkae"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.11.0esr-1%3Fdistro=trixie"}],"aliases":["CVE-2023-25735"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-xk2d-re1h-zkgt"}],"risk_score":null,"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@102.8.0esr-1~deb11u1%3Fdistro=trixie"}