{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/2074?format=json","vulnerability_id":"VCID-4gbc-6zrz-dfb8","summary":"Mozilla security developer Daniel Veditz discovered that\n<iframe sandbox> restrictions are not applied to an\n<object> element contained within a sandboxed iframe. This\ncould allow content hosted within a sandboxed iframe to use\n<object> element to bypass the sandbox restrictions that\nshould be applied.","aliases":[{"alias":"CVE-2013-5614"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/506126?format=json","purl":"pkg:ebuild/dev-libs/nspr@2.33.1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:ebuild/dev-libs/nspr@2.33.1"},{"url":"http://public2.vulnerablecode.io/api/packages/506127?format=json","purl":"pkg:ebuild/dev-libs/nspr@4.10.6","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:ebuild/dev-libs/nspr@4.10.6"},{"url":"http://public2.vulnerablecode.io/api/packages/506128?format=json","purl":"pkg:ebuild/dev-libs/nspr@31.5.0","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:ebuild/dev-libs/nspr@31.5.0"},{"url":"http://public2.vulnerablecode.io/api/packages/506129?format=json","purl":"pkg:ebuild/dev-libs/nspr@31.5.3","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:ebuild/dev-libs/nspr@31.5.3"},{"url":"http://public2.vulnerablecode.io/api/packages/506116?format=json","purl":"pkg:ebuild/mail-client/thunderbird@31.5.0","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:ebuild/mail-client/thunderbird@31.5.0"},{"url":"http://public2.vulnerablecode.io/api/packages/506117?format=json","purl":"pkg:ebuild/mail-client/thunderbird@31.5.3","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:ebuild/mail-client/thunderbird@31.5.3"},{"url":"http://public2.vulnerablecode.io/api/packages/506118?format=json","purl":"pkg:ebuild/mail-client/thunderbird-bin@31.5.0","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:ebuild/mail-client/thunderbird-bin@31.5.0"},{"url":"http://public2.vulnerablecode.io/api/packages/506119?format=json","purl":"pkg:ebuild/mail-client/thunderbird-bin@31.5.3","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:ebuild/mail-client/thunderbird-bin@31.5.3"},{"url":"http://public2.vulnerablecode.io/api/packages/506114?format=json","purl":"pkg:ebuild/www-client/firefox@31.5.3","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox@31.5.3"},{"url":"http://public2.vulnerablecode.io/api/packages/506115?format=json","purl":"pkg:ebuild/www-client/firefox-bin@31.5.3","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox-bin@31.5.3"},{"url":"http://public2.vulnerablecode.io/api/packages/506120?format=json","purl":"pkg:ebuild/www-client/seamonkey@2.33.1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/seamonkey@2.33.1"},{"url":"http://public2.vulnerablecode.io/api/packages/506121?format=json","purl":"pkg:ebuild/www-client/seamonkey@31.5.0","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/seamonkey@31.5.0"},{"url":"http://public2.vulnerablecode.io/api/packages/506122?format=json","purl":"pkg:ebuild/www-client/seamonkey@31.5.3","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/seamonkey@31.5.3"},{"url":"http://public2.vulnerablecode.io/api/packages/506123?format=json","purl":"pkg:ebuild/www-client/seamonkey-bin@2.33.1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/seamonkey-bin@2.33.1"},{"url":"http://public2.vulnerablecode.io/api/packages/506124?format=json","purl":"pkg:ebuild/www-client/seamonkey-bin@31.5.0","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/seamonkey-bin@31.5.0"},{"url":"http://public2.vulnerablecode.io/api/packages/506125?format=json","purl":"pkg:ebuild/www-client/seamonkey-bin@31.5.3","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/seamonkey-bin@31.5.3"},{"url":"http://public2.vulnerablecode.io/api/packages/918?format=json","purl":"pkg:mozilla/Firefox@26.0.0","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:mozilla/Firefox@26.0.0"},{"url":"http://public2.vulnerablecode.io/api/packages/921?format=json","purl":"pkg:mozilla/Seamonkey@2.23.0","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:mozilla/Seamonkey@2.23.0"}],"affected_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/177894?format=json","purl":"pkg:rpm/redhat/firefox@24.2.0-1?arch=el6_5","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4gbc-6zrz-dfb8"},{"vulnerability":"VCID-5jeg-ytzh-rff7"},{"vulnerability":"VCID-7n14-qc7w-23f8"},{"vulnerability":"VCID-bpzv-nc7w-skc1"},{"vulnerability":"VCID-c66d-1g74-jqa6"},{"vulnerability":"VCID-qtvy-hphf-w3fg"},{"vulnerability":"VCID-tzau-6ftq-qfh8"},{"vulnerability":"VCID-vbnf-8wtz-8be5"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/firefox@24.2.0-1%3Farch=el6_5"},{"url":"http://public2.vulnerablecode.io/api/packages/177895?format=json","purl":"pkg:rpm/redhat/firefox@24.2.0-1?arch=el5_10","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4gbc-6zrz-dfb8"},{"vulnerability":"VCID-5jeg-ytzh-rff7"},{"vulnerability":"VCID-7n14-qc7w-23f8"},{"vulnerability":"VCID-bpzv-nc7w-skc1"},{"vulnerability":"VCID-c66d-1g74-jqa6"},{"vulnerability":"VCID-qtvy-hphf-w3fg"},{"vulnerability":"VCID-tzau-6ftq-qfh8"},{"vulnerability":"VCID-vbnf-8wtz-8be5"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/firefox@24.2.0-1%3Farch=el5_10"},{"url":"http://public2.vulnerablecode.io/api/packages/177673?format=json","purl":"pkg:rpm/redhat/thunderbird@24.2.0-1?arch=el6_5","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4gbc-6zrz-dfb8"},{"vulnerability":"VCID-5jeg-ytzh-rff7"},{"vulnerability":"VCID-7n14-qc7w-23f8"},{"vulnerability":"VCID-b1wu-yyef-gfa3"},{"vulnerability":"VCID-bpzv-nc7w-skc1"},{"vulnerability":"VCID-c66d-1g74-jqa6"},{"vulnerability":"VCID-qtvy-hphf-w3fg"},{"vulnerability":"VCID-tzau-6ftq-qfh8"},{"vulnerability":"VCID-vbnf-8wtz-8be5"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/thunderbird@24.2.0-1%3Farch=el6_5"},{"url":"http://public2.vulnerablecode.io/api/packages/177674?format=json","purl":"pkg:rpm/redhat/thunderbird@24.2.0-2?arch=el5_10","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4gbc-6zrz-dfb8"},{"vulnerability":"VCID-5jeg-ytzh-rff7"},{"vulnerability":"VCID-7n14-qc7w-23f8"},{"vulnerability":"VCID-b1wu-yyef-gfa3"},{"vulnerability":"VCID-bpzv-nc7w-skc1"},{"vulnerability":"VCID-c66d-1g74-jqa6"},{"vulnerability":"VCID-qtvy-hphf-w3fg"},{"vulnerability":"VCID-tzau-6ftq-qfh8"},{"vulnerability":"VCID-vbnf-8wtz-8be5"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/thunderbird@24.2.0-2%3Farch=el5_10"}],"references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-5614.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-5614.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2013-5614","reference_id":"","reference_type":"","scores":[{"value":"0.00279","scoring_system":"epss","scoring_elements":"0.51545","published_at":"2026-06-04T12:55:00Z"},{"value":"0.00279","scoring_system":"epss","scoring_elements":"0.51605","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00279","scoring_system":"epss","scoring_elements":"0.51612","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00279","scoring_system":"epss","scoring_elements":"0.5159","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00279","scoring_system":"epss","scoring_elements":"0.51558","published_at":"2026-06-08T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2013-5614"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1039421","reference_id":"1039421","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1039421"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5614","reference_id":"CVE-2013-5614","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5614"},{"reference_url":"https://security.gentoo.org/glsa/201504-01","reference_id":"GLSA-201504-01","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201504-01"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2013-107","reference_id":"mfsa2013-107","reference_type":"","scores":[{"value":"low","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2013-107"},{"reference_url":"https://access.redhat.com/errata/RHSA-2013:1812","reference_id":"RHSA-2013:1812","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2013:1812"},{"reference_url":"https://access.redhat.com/errata/RHSA-2013:1823","reference_id":"RHSA-2013:1823","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2013:1823"},{"reference_url":"https://usn.ubuntu.com/2052-1/","reference_id":"USN-2052-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/2052-1/"}],"weaknesses":[],"exploits":[],"severity_range_score":"0.1 - 3","exploitability":"0.5","weighted_severity":"2.7","risk_score":1.4,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-4gbc-6zrz-dfb8"}