@@ -2,30 +2,27 @@ vulnerabilities:
22 - id : CVE-2022-25235
33 statement : " expat: Malformed 2- and 3-byte UTF-8 sequences can lead to arbitrary code execution"
44 purls :
5- - " pkg:deb/ubuntu/firefox@147.0.3%2Bbuild1-0ubuntu0.22.04.1~mt1?arch=amd64&distro=ubuntu-22.04"
6- - " pkg:deb/ubuntu/firefox@148.0%2Bbuild1-0ubuntu0.22.04.1~mt2?arch=arm64&distro=ubuntu-22.04"
7- - " pkg:deb/ubuntu/firefox@148.0%2Bbuild1-0ubuntu0.22.04.1~mt2?arch=amd64&distro=ubuntu-22.04"
5+ - " pkg:deb/ubuntu/firefox@148.0.2%2Bbuild1-0ubuntu0.22.04.1~mt2?arch=arm64&distro=ubuntu-22.04"
6+ - " pkg:deb/ubuntu/firefox@148.0.2%2Bbuild1-0ubuntu0.22.04.1~mt2?arch=amd64&distro=ubuntu-22.04"
87 expired_at : 2026-08-12
98 - id : CVE-2022-25236
109 statement : " expat: Namespace-separator characters in \" xmlns[:prefix]\" attribute values can lead to arbitrary code execution"
1110 purls :
12- - " pkg:deb/ubuntu/firefox@147.0.3%2Bbuild1-0ubuntu0.22.04.1~mt1?arch=amd64&distro=ubuntu-22.04"
13- - " pkg:deb/ubuntu/firefox@148.0%2Bbuild1-0ubuntu0.22.04.1~mt2?arch=arm64&distro=ubuntu-22.04"
14- - " pkg:deb/ubuntu/firefox@148.0%2Bbuild1-0ubuntu0.22.04.1~mt2?arch=amd64&distro=ubuntu-22.04"
11+ - " pkg:deb/ubuntu/firefox@148.0.2%2Bbuild1-0ubuntu0.22.04.1~mt2?arch=arm64&distro=ubuntu-22.04"
12+ - " pkg:deb/ubuntu/firefox@148.0.2%2Bbuild1-0ubuntu0.22.04.1~mt2?arch=amd64&distro=ubuntu-22.04"
1513 expired_at : 2026-08-12
1614 - id : CVE-2022-26485
1715 statement : " Mozilla: Use-after-free in XSLT parameter processing"
1816 purls :
19- - " pkg:deb/ubuntu/firefox@147.0.3%2Bbuild1-0ubuntu0.22.04.1~mt1?arch=amd64&distro=ubuntu-22.04"
20- - " pkg:deb/ubuntu/firefox@148.0%2Bbuild1-0ubuntu0.22.04.1~mt2?arch=arm64&distro=ubuntu-22.04"
21- - " pkg:deb/ubuntu/firefox@148.0%2Bbuild1-0ubuntu0.22.04.1~mt2?arch=amd64&distro=ubuntu-22.04"
17+ - " pkg:deb/ubuntu/firefox@148.0.2%2Bbuild1-0ubuntu0.22.04.1~mt2?arch=arm64&distro=ubuntu-22.04"
18+ - " pkg:deb/ubuntu/firefox@148.0.2%2Bbuild1-0ubuntu0.22.04.1~mt2?arch=amd64&distro=ubuntu-22.04"
2219 expired_at : 2026-08-12
2320 - id : CVE-2022-26486
2421 statement : " Mozilla: Use-after-free in WebGPU IPC Framework"
2522 purls :
2623 - " pkg:deb/ubuntu/firefox@147.0.3%2Bbuild1-0ubuntu0.22.04.1~mt1?arch=amd64&distro=ubuntu-22.04"
27- - " pkg:deb/ubuntu/firefox@148.0%2Bbuild1-0ubuntu0.22.04.1~mt2?arch=arm64&distro=ubuntu-22.04"
28- - " pkg:deb/ubuntu/firefox@148.0%2Bbuild1-0ubuntu0.22.04.1~mt2?arch=amd64&distro=ubuntu-22.04"
24+ - " pkg:deb/ubuntu/firefox@148.0.2 %2Bbuild1-0ubuntu0.22.04.1~mt2?arch=arm64&distro=ubuntu-22.04"
25+ - " pkg:deb/ubuntu/firefox@148.0.2 %2Bbuild1-0ubuntu0.22.04.1~mt2?arch=amd64&distro=ubuntu-22.04"
2926 expired_at : 2026-08-12
3027 - id : CVE-2026-25547
3128 statement : " brace-expansion: brace-expansion: Denial of Service via unbounded brace range expansion"
@@ -53,63 +50,3 @@ vulnerabilities:
5350 purls :
5451 - " pkg:npm/tar@7.5.1"
5552 expired_at : 2026-08-12
56- - id : CVE-2022-25235
57- statement : " expat: Malformed 2- and 3-byte UTF-8 sequences can lead to arbitrary code execution"
58- purls :
59- - " pkg:deb/ubuntu/firefox@147.0.3%2Bbuild1-0ubuntu0.22.04.1~mt1?arch=arm64&distro=ubuntu-22.04"
60- expired_at : 2026-08-13
61- - id : CVE-2022-25236
62- statement : " expat: Namespace-separator characters in \" xmlns[:prefix]\" attribute values can lead to arbitrary code execution"
63- purls :
64- - " pkg:deb/ubuntu/firefox@147.0.3%2Bbuild1-0ubuntu0.22.04.1~mt1?arch=arm64&distro=ubuntu-22.04"
65- expired_at : 2026-08-13
66- - id : CVE-2022-26485
67- statement : " Mozilla: Use-after-free in XSLT parameter processing"
68- purls :
69- - " pkg:deb/ubuntu/firefox@147.0.3%2Bbuild1-0ubuntu0.22.04.1~mt1?arch=arm64&distro=ubuntu-22.04"
70- expired_at : 2026-08-13
71- - id : CVE-2022-26486
72- statement : " Mozilla: Use-after-free in WebGPU IPC Framework"
73- purls :
74- - " pkg:deb/ubuntu/firefox@147.0.3%2Bbuild1-0ubuntu0.22.04.1~mt1?arch=arm64&distro=ubuntu-22.04"
75- expired_at : 2026-08-13
76- - id : CVE-2022-25235
77- statement : " expat: Malformed 2- and 3-byte UTF-8 sequences can lead to arbitrary code execution"
78- purls :
79- - " pkg:deb/ubuntu/firefox@147.0.4%2Bbuild1-0ubuntu0.22.04.1~mt1?arch=arm64&distro=ubuntu-22.04"
80- expired_at : 2026-08-16
81- - id : CVE-2022-25236
82- statement : " expat: Namespace-separator characters in \" xmlns[:prefix]\" attribute values can lead to arbitrary code execution"
83- purls :
84- - " pkg:deb/ubuntu/firefox@147.0.4%2Bbuild1-0ubuntu0.22.04.1~mt1?arch=arm64&distro=ubuntu-22.04"
85- expired_at : 2026-08-16
86- - id : CVE-2022-26485
87- statement : " Mozilla: Use-after-free in XSLT parameter processing"
88- purls :
89- - " pkg:deb/ubuntu/firefox@147.0.4%2Bbuild1-0ubuntu0.22.04.1~mt1?arch=arm64&distro=ubuntu-22.04"
90- expired_at : 2026-08-16
91- - id : CVE-2022-26486
92- statement : " Mozilla: Use-after-free in WebGPU IPC Framework"
93- purls :
94- - " pkg:deb/ubuntu/firefox@147.0.4%2Bbuild1-0ubuntu0.22.04.1~mt1?arch=arm64&distro=ubuntu-22.04"
95- expired_at : 2026-08-16
96- - id : CVE-2022-25235
97- statement : " expat: Malformed 2- and 3-byte UTF-8 sequences can lead to arbitrary code execution"
98- purls :
99- - " pkg:deb/ubuntu/firefox@147.0.4%2Bbuild1-0ubuntu0.22.04.1~mt1?arch=amd64&distro=ubuntu-22.04"
100- expired_at : 2026-08-16
101- - id : CVE-2022-25236
102- statement : " expat: Namespace-separator characters in \" xmlns[:prefix]\" attribute values can lead to arbitrary code execution"
103- purls :
104- - " pkg:deb/ubuntu/firefox@147.0.4%2Bbuild1-0ubuntu0.22.04.1~mt1?arch=amd64&distro=ubuntu-22.04"
105- expired_at : 2026-08-16
106- - id : CVE-2022-26485
107- statement : " Mozilla: Use-after-free in XSLT parameter processing"
108- purls :
109- - " pkg:deb/ubuntu/firefox@147.0.4%2Bbuild1-0ubuntu0.22.04.1~mt1?arch=amd64&distro=ubuntu-22.04"
110- expired_at : 2026-08-16
111- - id : CVE-2022-26486
112- statement : " Mozilla: Use-after-free in WebGPU IPC Framework"
113- purls :
114- - " pkg:deb/ubuntu/firefox@147.0.4%2Bbuild1-0ubuntu0.22.04.1~mt1?arch=amd64&distro=ubuntu-22.04"
115- expired_at : 2026-08-16
0 commit comments