Package Instance
Lookup for vulnerable packages by Package URL.
GET /api/packages/192000?format=api
{ "url": "http://public2.vulnerablecode.io/api/packages/192000?format=api", "purl": "pkg:ebuild/www-client/firefox-bin@128.6.0", "type": "ebuild", "namespace": "www-client", "name": "firefox-bin", "version": "128.6.0", "qualifiers": {}, "subpath": "", "is_vulnerable": false, "next_non_vulnerable_version": "128.9.0", "latest_non_vulnerable_version": "137.0.1", "affected_by_vulnerabilities": [], "fixing_vulnerabilities": [ { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/862?format=api", "vulnerability_id": "VCID-18e1-p2pr-6ubc", "summary": "Memory safety bugs present in Firefox 133 and Thunderbird 133. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-0247.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-0247.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-0247", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.19171", "scoring_system": "epss", "scoring_elements": "0.95483", "published_at": "2026-06-06T12:55:00Z" }, { "value": "0.19171", "scoring_system": "epss", "scoring_elements": "0.9548", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-0247" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2336176", "reference_id": "2336176", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2336176" }, { "reference_url": "https://bugzilla.mozilla.org/buglist.cgi?bug_id=1835193%2C1910021%2C1919803%2C1931576%2C1931948%2C1932173", "reference_id": "buglist.cgi?bug_id=1835193%2C1910021%2C1919803%2C1931576%2C1931948%2C1932173", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-01-08T14:52:46Z/" } ], "url": "https://bugzilla.mozilla.org/buglist.cgi?bug_id=1835193%2C1910021%2C1919803%2C1931576%2C1931948%2C1932173" }, { "reference_url": "https://security.gentoo.org/glsa/202501-10", "reference_id": "GLSA-202501-10", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202501-10" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-01", "reference_id": "mfsa2025-01", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-01" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2025-01/", "reference_id": "mfsa2025-01", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-01-08T14:52:46Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2025-01/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-04", "reference_id": "mfsa2025-04", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-04" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2025-04/", "reference_id": "mfsa2025-04", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-01-08T14:52:46Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2025-04/" }, { "reference_url": "https://usn.ubuntu.com/7191-1/", "reference_id": "USN-7191-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7191-1/" }, { "reference_url": "https://usn.ubuntu.com/7991-1/", "reference_id": "USN-7991-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7991-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/192000?format=api", "purl": "pkg:ebuild/www-client/firefox-bin@128.6.0", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox-bin@128.6.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/192001?format=api", "purl": "pkg:ebuild/www-client/firefox-bin@134.0", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox-bin@134.0" } ], "aliases": [ "CVE-2025-0247" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-18e1-p2pr-6ubc" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/85?format=api", "vulnerability_id": "VCID-1qpv-uzu1-g3dc", "summary": "A null pointer dereference may have inadvertently occurred in `pk12util`, and specifically in the SEC_ASN1DecodeItem_Util function, when handling malformed or improperly formatted input files.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-11706.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-11706.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-11706", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00171", "scoring_system": "epss", "scoring_elements": "0.38097", "published_at": "2026-06-06T12:55:00Z" }, { "value": "0.00171", "scoring_system": "epss", "scoring_elements": "0.38094", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-11706" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2328951", "reference_id": "2328951", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2328951" }, { "reference_url": "https://security.gentoo.org/glsa/202501-10", "reference_id": "GLSA-202501-10", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202501-10" }, { "reference_url": "https://security.gentoo.org/glsa/202505-03", "reference_id": "GLSA-202505-03", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202505-03" }, { "reference_url": "https://security.gentoo.org/glsa/202509-02", "reference_id": "GLSA-202509-02", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202509-02" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-63", "reference_id": "mfsa2024-63", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-63" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2024-63/", "reference_id": "mfsa2024-63", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-11-26T16:29:42Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2024-63/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-67", "reference_id": "mfsa2024-67", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-67" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2024-67/", "reference_id": "mfsa2024-67", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-11-26T16:29:42Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2024-67/" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1923767", "reference_id": "show_bug.cgi?id=1923767", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-11-26T16:29:42Z/" } ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1923767" }, { "reference_url": "https://usn.ubuntu.com/7134-1/", "reference_id": "USN-7134-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7134-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/192000?format=api", "purl": "pkg:ebuild/www-client/firefox-bin@128.6.0", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox-bin@128.6.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/192001?format=api", "purl": "pkg:ebuild/www-client/firefox-bin@134.0", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox-bin@134.0" } ], "aliases": [ "CVE-2024-11706" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-1qpv-uzu1-g3dc" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/109?format=api", "vulnerability_id": "VCID-34s2-6xpa-gfcw", "summary": "Video frames could have been leaked between origins in some situations.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-10463.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-10463.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-10463", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00468", "scoring_system": "epss", "scoring_elements": "0.64887", "published_at": "2026-06-06T12:55:00Z" }, { "value": "0.00468", "scoring_system": "epss", "scoring_elements": "0.64877", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-10463" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-10463", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-10463" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2322439", "reference_id": "2322439", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2322439" }, { "reference_url": "https://security.gentoo.org/glsa/202412-06", "reference_id": "GLSA-202412-06", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202412-06" }, { "reference_url": "https://security.gentoo.org/glsa/202501-10", "reference_id": "GLSA-202501-10", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202501-10" }, { "reference_url": "https://security.gentoo.org/glsa/202505-08", "reference_id": "GLSA-202505-08", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202505-08" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-55", "reference_id": "mfsa2024-55", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-55" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2024-55/", "reference_id": "mfsa2024-55", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-29T14:52:00Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2024-55/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-56", "reference_id": "mfsa2024-56", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-56" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2024-56/", "reference_id": "mfsa2024-56", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-29T14:52:00Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2024-56/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-57", "reference_id": "mfsa2024-57", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-57" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2024-57/", "reference_id": "mfsa2024-57", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-29T14:52:00Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2024-57/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-58", "reference_id": "mfsa2024-58", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-58" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2024-58/", "reference_id": "mfsa2024-58", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-29T14:52:00Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2024-58/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-59", "reference_id": "mfsa2024-59", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-59" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2024-59/", "reference_id": "mfsa2024-59", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-29T14:52:00Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2024-59/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:8720", "reference_id": "RHSA-2024:8720", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:8720" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:8721", "reference_id": "RHSA-2024:8721", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:8721" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:8722", "reference_id": "RHSA-2024:8722", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:8722" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:8723", "reference_id": "RHSA-2024:8723", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:8723" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:8724", "reference_id": "RHSA-2024:8724", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:8724" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:8725", "reference_id": "RHSA-2024:8725", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:8725" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:8726", "reference_id": "RHSA-2024:8726", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:8726" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:8727", "reference_id": "RHSA-2024:8727", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:8727" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:8728", "reference_id": "RHSA-2024:8728", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:8728" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:8729", "reference_id": "RHSA-2024:8729", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:8729" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:8790", "reference_id": "RHSA-2024:8790", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:8790" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:8793", "reference_id": "RHSA-2024:8793", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:8793" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:9015", "reference_id": "RHSA-2024:9015", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:9015" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:9016", "reference_id": "RHSA-2024:9016", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:9016" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:9017", "reference_id": "RHSA-2024:9017", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:9017" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:9018", "reference_id": "RHSA-2024:9018", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:9018" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:9019", "reference_id": "RHSA-2024:9019", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:9019" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:9552", "reference_id": "RHSA-2024:9552", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:9552" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:9554", "reference_id": "RHSA-2024:9554", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:9554" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1920800", "reference_id": "show_bug.cgi?id=1920800", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-29T14:52:00Z/" } ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1920800" }, { "reference_url": "https://usn.ubuntu.com/7086-1/", "reference_id": "USN-7086-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7086-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/192000?format=api", "purl": "pkg:ebuild/www-client/firefox-bin@128.6.0", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox-bin@128.6.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/192001?format=api", "purl": "pkg:ebuild/www-client/firefox-bin@134.0", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox-bin@134.0" } ], "aliases": [ "CVE-2024-10463" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-34s2-6xpa-gfcw" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/778?format=api", "vulnerability_id": "VCID-3fcq-bsy8-gbgd", "summary": "When segmenting specially crafted text, segmentation would corrupt memory leading to a potentially exploitable crash.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-0241.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-0241.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-0241", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00101", "scoring_system": "epss", "scoring_elements": "0.27368", "published_at": "2026-06-06T12:55:00Z" }, { "value": "0.00101", "scoring_system": "epss", "scoring_elements": "0.27418", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-0241" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-0241", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-0241" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2336168", "reference_id": "2336168", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2336168" }, { "reference_url": "https://security.gentoo.org/glsa/202501-10", "reference_id": "GLSA-202501-10", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202501-10" }, { "reference_url": "https://security.gentoo.org/glsa/202505-03", "reference_id": "GLSA-202505-03", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202505-03" }, { "reference_url": "https://security.gentoo.org/glsa/202509-02", "reference_id": "GLSA-202509-02", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202509-02" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-01", "reference_id": "mfsa2025-01", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-01" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2025-01/", "reference_id": "mfsa2025-01", "reference_type": "", "scores": [ { "value": "7.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-01-08T17:27:29Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2025-01/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-02", "reference_id": "mfsa2025-02", "reference_type": "", "scores": [ { "value": "none", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-02" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2025-02/", "reference_id": "mfsa2025-02", "reference_type": "", "scores": [ { "value": "7.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-01-08T17:27:29Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2025-02/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-04", "reference_id": "mfsa2025-04", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-04" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2025-04/", "reference_id": "mfsa2025-04", "reference_type": "", "scores": [ { "value": "7.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-01-08T17:27:29Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2025-04/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-05", "reference_id": "mfsa2025-05", "reference_type": "", "scores": [ { "value": "none", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-05" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2025-05/", "reference_id": "mfsa2025-05", "reference_type": "", "scores": [ { "value": "7.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-01-08T17:27:29Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2025-05/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:0080", "reference_id": "RHSA-2025:0080", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:0080" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:0132", "reference_id": "RHSA-2025:0132", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:0132" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:0133", "reference_id": "RHSA-2025:0133", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:0133" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:0134", "reference_id": "RHSA-2025:0134", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:0134" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:0135", "reference_id": "RHSA-2025:0135", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:0135" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:0136", "reference_id": "RHSA-2025:0136", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:0136" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:0137", "reference_id": "RHSA-2025:0137", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:0137" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:0138", "reference_id": "RHSA-2025:0138", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:0138" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:0144", "reference_id": "RHSA-2025:0144", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:0144" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:0147", "reference_id": "RHSA-2025:0147", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:0147" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:0162", "reference_id": "RHSA-2025:0162", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:0162" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:0165", "reference_id": "RHSA-2025:0165", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:0165" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:0166", "reference_id": "RHSA-2025:0166", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:0166" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:0167", "reference_id": "RHSA-2025:0167", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:0167" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:0275", "reference_id": "RHSA-2025:0275", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:0275" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:0281", "reference_id": "RHSA-2025:0281", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:0281" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:0284", "reference_id": "RHSA-2025:0284", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:0284" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:0286", "reference_id": "RHSA-2025:0286", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:0286" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:0287", "reference_id": "RHSA-2025:0287", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:0287" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1933023", "reference_id": "show_bug.cgi?id=1933023", "reference_type": "", "scores": [ { "value": "7.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-01-08T17:27:29Z/" } ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1933023" }, { "reference_url": "https://usn.ubuntu.com/7191-1/", "reference_id": "USN-7191-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7191-1/" }, { "reference_url": "https://usn.ubuntu.com/7991-1/", "reference_id": "USN-7991-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7991-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/192000?format=api", "purl": "pkg:ebuild/www-client/firefox-bin@128.6.0", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox-bin@128.6.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/192001?format=api", "purl": "pkg:ebuild/www-client/firefox-bin@134.0", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox-bin@134.0" } ], "aliases": [ "CVE-2025-0241" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-3fcq-bsy8-gbgd" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/78?format=api", "vulnerability_id": "VCID-3g2k-au3t-a7c9", "summary": "Enhanced Tracking Protection's Strict mode may have inadvertently allowed a CSP `frame-src` bypass and DOM-based XSS through the Google SafeFrame shim in the Web Compatibility extension. This issue could have exposed users to malicious frames masquerading as legitimate content.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-11694.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-11694.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-11694", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00149", "scoring_system": "epss", "scoring_elements": "0.352", "published_at": "2026-06-06T12:55:00Z" }, { "value": "0.00149", "scoring_system": "epss", "scoring_elements": "0.35185", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-11694" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-11694", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-11694" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2328941", "reference_id": "2328941", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2328941" }, { "reference_url": "https://security.gentoo.org/glsa/202501-10", "reference_id": "GLSA-202501-10", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202501-10" }, { "reference_url": "https://security.gentoo.org/glsa/202505-03", "reference_id": "GLSA-202505-03", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202505-03" }, { "reference_url": "https://security.gentoo.org/glsa/202509-02", "reference_id": "GLSA-202509-02", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202509-02" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-63", "reference_id": "mfsa2024-63", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-63" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2024-63/", "reference_id": "mfsa2024-63", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-11-27T16:37:03Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2024-63/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-64", "reference_id": "mfsa2024-64", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-64" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2024-64/", "reference_id": "mfsa2024-64", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-11-27T16:37:03Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2024-64/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-65", "reference_id": "mfsa2024-65", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-65" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2024-65/", "reference_id": "mfsa2024-65", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-11-27T16:37:03Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2024-65/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-67", "reference_id": "mfsa2024-67", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-67" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2024-67/", "reference_id": "mfsa2024-67", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-11-27T16:37:03Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2024-67/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-68", "reference_id": "mfsa2024-68", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-68" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2024-68/", "reference_id": "mfsa2024-68", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-11-27T16:37:03Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2024-68/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-70", "reference_id": "mfsa2024-70", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-70" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2024-70/", "reference_id": "mfsa2024-70", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-11-27T16:37:03Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2024-70/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:10591", "reference_id": "RHSA-2024:10591", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:10591" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:10592", "reference_id": "RHSA-2024:10592", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:10592" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:10667", "reference_id": "RHSA-2024:10667", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:10667" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:10702", "reference_id": "RHSA-2024:10702", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:10702" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:10703", "reference_id": "RHSA-2024:10703", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:10703" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:10704", "reference_id": "RHSA-2024:10704", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:10704" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:10710", "reference_id": "RHSA-2024:10710", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:10710" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:10733", "reference_id": "RHSA-2024:10733", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:10733" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:10734", "reference_id": "RHSA-2024:10734", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:10734" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:10742", "reference_id": "RHSA-2024:10742", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:10742" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:10743", "reference_id": "RHSA-2024:10743", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:10743" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:10745", "reference_id": "RHSA-2024:10745", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:10745" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:10748", "reference_id": "RHSA-2024:10748", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:10748" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:10752", "reference_id": "RHSA-2024:10752", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:10752" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:10844", "reference_id": "RHSA-2024:10844", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:10844" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:10848", "reference_id": "RHSA-2024:10848", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:10848" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:10849", "reference_id": "RHSA-2024:10849", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:10849" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:10880", "reference_id": "RHSA-2024:10880", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:10880" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:10881", "reference_id": "RHSA-2024:10881", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:10881" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:18479", "reference_id": "RHSA-2026:18479", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:18479" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1924167", "reference_id": "show_bug.cgi?id=1924167", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-11-27T16:37:03Z/" } ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1924167" }, { "reference_url": "https://usn.ubuntu.com/7134-1/", "reference_id": "USN-7134-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7134-1/" }, { "reference_url": "https://usn.ubuntu.com/7193-1/", "reference_id": "USN-7193-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7193-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/192000?format=api", "purl": "pkg:ebuild/www-client/firefox-bin@128.6.0", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox-bin@128.6.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/192001?format=api", "purl": "pkg:ebuild/www-client/firefox-bin@134.0", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox-bin@134.0" } ], "aliases": [ "CVE-2024-11694" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-3g2k-au3t-a7c9" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/74?format=api", "vulnerability_id": "VCID-4grd-ngdg-aqft", "summary": "An attacker could cause a select dropdown to be shown over another tab; this could have led to user confusion and possible spoofing attacks.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-11692.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-11692.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-11692", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00082", "scoring_system": "epss", "scoring_elements": "0.24218", "published_at": "2026-06-06T12:55:00Z" }, { "value": "0.00082", "scoring_system": "epss", "scoring_elements": "0.24235", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-11692" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-11692", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-11692" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2328946", "reference_id": "2328946", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2328946" }, { "reference_url": "https://security.gentoo.org/glsa/202501-10", "reference_id": "GLSA-202501-10", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202501-10" }, { "reference_url": "https://security.gentoo.org/glsa/202505-03", "reference_id": "GLSA-202505-03", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202505-03" }, { "reference_url": "https://security.gentoo.org/glsa/202509-02", "reference_id": "GLSA-202509-02", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202509-02" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-63", "reference_id": "mfsa2024-63", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-63" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2024-63/", "reference_id": "mfsa2024-63", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-11-27T15:45:17Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2024-63/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-64", "reference_id": "mfsa2024-64", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-64" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2024-64/", "reference_id": "mfsa2024-64", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-11-27T15:45:17Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2024-64/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-67", "reference_id": "mfsa2024-67", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-67" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2024-67/", "reference_id": "mfsa2024-67", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-11-27T15:45:17Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2024-67/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-68", "reference_id": "mfsa2024-68", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-68" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2024-68/", "reference_id": "mfsa2024-68", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-11-27T15:45:17Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2024-68/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:10591", "reference_id": "RHSA-2024:10591", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:10591" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:10592", "reference_id": "RHSA-2024:10592", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:10592" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:10667", "reference_id": "RHSA-2024:10667", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:10667" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:10702", "reference_id": "RHSA-2024:10702", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:10702" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:10703", "reference_id": "RHSA-2024:10703", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:10703" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:10704", "reference_id": "RHSA-2024:10704", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:10704" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:10710", "reference_id": "RHSA-2024:10710", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:10710" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:10733", "reference_id": "RHSA-2024:10733", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:10733" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:10734", "reference_id": "RHSA-2024:10734", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:10734" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:10742", "reference_id": "RHSA-2024:10742", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:10742" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:10743", "reference_id": "RHSA-2024:10743", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:10743" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:10745", "reference_id": "RHSA-2024:10745", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:10745" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:10748", "reference_id": "RHSA-2024:10748", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:10748" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:10752", "reference_id": "RHSA-2024:10752", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:10752" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:10844", "reference_id": "RHSA-2024:10844", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:10844" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:10848", "reference_id": "RHSA-2024:10848", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:10848" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:10849", "reference_id": "RHSA-2024:10849", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:10849" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:10880", "reference_id": "RHSA-2024:10880", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:10880" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:10881", "reference_id": "RHSA-2024:10881", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:10881" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:18479", "reference_id": "RHSA-2026:18479", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:18479" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1909535", "reference_id": "show_bug.cgi?id=1909535", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-11-27T15:45:17Z/" } ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1909535" }, { "reference_url": "https://usn.ubuntu.com/7134-1/", "reference_id": "USN-7134-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7134-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/192000?format=api", "purl": "pkg:ebuild/www-client/firefox-bin@128.6.0", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox-bin@128.6.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/192001?format=api", "purl": "pkg:ebuild/www-client/firefox-bin@134.0", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox-bin@134.0" } ], "aliases": [ "CVE-2024-11692" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-4grd-ngdg-aqft" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/776?format=api", "vulnerability_id": "VCID-5dd5-q773-jkbj", "summary": "When using Alt-Svc, ALPN did not properly validate certificates when the original server is redirecting to an insecure site.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-0239.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-0239.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-0239", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0003", "scoring_system": "epss", "scoring_elements": "0.09206", "published_at": "2026-06-06T12:55:00Z" }, { "value": "0.0003", "scoring_system": "epss", "scoring_elements": "0.09187", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-0239" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-0239", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-0239" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2336170", "reference_id": "2336170", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2336170" }, { "reference_url": "https://security.gentoo.org/glsa/202501-10", "reference_id": "GLSA-202501-10", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202501-10" }, { "reference_url": "https://security.gentoo.org/glsa/202505-03", "reference_id": "GLSA-202505-03", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202505-03" }, { "reference_url": "https://security.gentoo.org/glsa/202509-02", "reference_id": "GLSA-202509-02", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202509-02" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-01", "reference_id": "mfsa2025-01", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-01" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2025-01/", "reference_id": "mfsa2025-01", "reference_type": "", "scores": [ { "value": "4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-08T16:33:42Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2025-01/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-02", "reference_id": "mfsa2025-02", "reference_type": "", "scores": [ { "value": "none", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-02" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2025-02/", "reference_id": "mfsa2025-02", "reference_type": "", "scores": [ { "value": "4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-08T16:33:42Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2025-02/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-04", "reference_id": "mfsa2025-04", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-04" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2025-04/", "reference_id": "mfsa2025-04", "reference_type": "", "scores": [ { "value": "4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-08T16:33:42Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2025-04/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-05", "reference_id": "mfsa2025-05", "reference_type": "", "scores": [ { "value": "none", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-05" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2025-05/", "reference_id": "mfsa2025-05", "reference_type": "", "scores": [ { "value": "4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-08T16:33:42Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2025-05/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:0080", "reference_id": "RHSA-2025:0080", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:0080" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:0132", "reference_id": "RHSA-2025:0132", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:0132" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:0133", "reference_id": "RHSA-2025:0133", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:0133" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:0134", "reference_id": "RHSA-2025:0134", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:0134" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:0135", "reference_id": "RHSA-2025:0135", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:0135" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:0136", "reference_id": "RHSA-2025:0136", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:0136" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:0137", "reference_id": "RHSA-2025:0137", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:0137" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:0138", "reference_id": "RHSA-2025:0138", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:0138" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:0144", "reference_id": "RHSA-2025:0144", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:0144" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:0147", "reference_id": "RHSA-2025:0147", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:0147" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:0162", "reference_id": "RHSA-2025:0162", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:0162" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:0165", "reference_id": "RHSA-2025:0165", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:0165" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:0166", "reference_id": "RHSA-2025:0166", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:0166" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:0167", "reference_id": "RHSA-2025:0167", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:0167" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:0275", "reference_id": "RHSA-2025:0275", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:0275" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:0281", "reference_id": "RHSA-2025:0281", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:0281" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:0284", "reference_id": "RHSA-2025:0284", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:0284" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:0286", "reference_id": "RHSA-2025:0286", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:0286" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:0287", "reference_id": "RHSA-2025:0287", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:0287" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1929156", "reference_id": "show_bug.cgi?id=1929156", "reference_type": "", "scores": [ { "value": "4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-08T16:33:42Z/" } ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1929156" }, { "reference_url": "https://usn.ubuntu.com/7191-1/", "reference_id": "USN-7191-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7191-1/" }, { "reference_url": "https://usn.ubuntu.com/7991-1/", "reference_id": "USN-7991-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7991-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/192000?format=api", "purl": "pkg:ebuild/www-client/firefox-bin@128.6.0", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox-bin@128.6.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/192001?format=api", "purl": "pkg:ebuild/www-client/firefox-bin@134.0", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox-bin@134.0" } ], "aliases": [ "CVE-2025-0239" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-5dd5-q773-jkbj" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/775?format=api", "vulnerability_id": "VCID-5pnd-9999-mfdj", "summary": "Assuming a controlled failed memory allocation, an attacker could have caused a use-after-free, leading to a potentially exploitable crash.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-0238.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-0238.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-0238", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00159", "scoring_system": "epss", "scoring_elements": "0.36589", "published_at": "2026-06-05T12:55:00Z" }, { "value": "0.00159", "scoring_system": "epss", "scoring_elements": "0.36598", "published_at": "2026-06-06T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-0238" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-0238", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-0238" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2336165", "reference_id": "2336165", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2336165" }, { "reference_url": "https://security.gentoo.org/glsa/202501-10", "reference_id": "GLSA-202501-10", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202501-10" }, { "reference_url": "https://security.gentoo.org/glsa/202505-03", "reference_id": "GLSA-202505-03", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202505-03" }, { "reference_url": "https://security.gentoo.org/glsa/202509-02", "reference_id": "GLSA-202509-02", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202509-02" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-01", "reference_id": "mfsa2025-01", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-01" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2025-01/", "reference_id": "mfsa2025-01", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-08T16:24:00Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2025-01/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-02", "reference_id": "mfsa2025-02", "reference_type": "", "scores": [ { "value": "none", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-02" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2025-02/", "reference_id": "mfsa2025-02", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-08T16:24:00Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2025-02/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-03", "reference_id": "mfsa2025-03", "reference_type": "", "scores": [ { "value": "none", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-03" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2025-03/", "reference_id": "mfsa2025-03", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-08T16:24:00Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2025-03/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-04", "reference_id": "mfsa2025-04", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-04" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2025-04/", "reference_id": "mfsa2025-04", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-08T16:24:00Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2025-04/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-05", "reference_id": "mfsa2025-05", "reference_type": "", "scores": [ { "value": "none", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-05" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2025-05/", "reference_id": "mfsa2025-05", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-08T16:24:00Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2025-05/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:0080", "reference_id": "RHSA-2025:0080", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:0080" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:0132", "reference_id": "RHSA-2025:0132", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:0132" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:0133", "reference_id": "RHSA-2025:0133", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:0133" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:0134", "reference_id": "RHSA-2025:0134", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:0134" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:0135", "reference_id": "RHSA-2025:0135", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:0135" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:0136", "reference_id": "RHSA-2025:0136", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:0136" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:0137", "reference_id": "RHSA-2025:0137", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:0137" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:0138", "reference_id": "RHSA-2025:0138", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:0138" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:0144", "reference_id": "RHSA-2025:0144", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:0144" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:0147", "reference_id": "RHSA-2025:0147", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:0147" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:0162", "reference_id": "RHSA-2025:0162", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:0162" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:0165", "reference_id": "RHSA-2025:0165", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:0165" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:0166", "reference_id": "RHSA-2025:0166", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:0166" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:0167", "reference_id": "RHSA-2025:0167", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:0167" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:0275", "reference_id": "RHSA-2025:0275", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:0275" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:0281", "reference_id": "RHSA-2025:0281", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:0281" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:0284", "reference_id": "RHSA-2025:0284", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:0284" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:0286", "reference_id": "RHSA-2025:0286", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:0286" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:0287", "reference_id": "RHSA-2025:0287", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:0287" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1915535", "reference_id": "show_bug.cgi?id=1915535", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-08T16:24:00Z/" } ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1915535" }, { "reference_url": "https://usn.ubuntu.com/7191-1/", "reference_id": "USN-7191-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7191-1/" }, { "reference_url": "https://usn.ubuntu.com/7663-1/", "reference_id": "USN-7663-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7663-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/192000?format=api", "purl": "pkg:ebuild/www-client/firefox-bin@128.6.0", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox-bin@128.6.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/192001?format=api", "purl": "pkg:ebuild/www-client/firefox-bin@134.0", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox-bin@134.0" } ], "aliases": [ "CVE-2025-0238" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-5pnd-9999-mfdj" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/79?format=api", "vulnerability_id": "VCID-5tzy-vsqt-rqf2", "summary": "A crafted URL containing Arabic script and whitespace characters could have hidden the true origin of the page, resulting in a potential spoofing attack.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-11695.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-11695.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-11695", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00167", "scoring_system": "epss", "scoring_elements": "0.37641", "published_at": "2026-06-06T12:55:00Z" }, { "value": "0.00167", "scoring_system": "epss", "scoring_elements": "0.37638", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-11695" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-11695", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-11695" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2328948", "reference_id": "2328948", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2328948" }, { "reference_url": "https://security.gentoo.org/glsa/202501-10", "reference_id": "GLSA-202501-10", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202501-10" }, { "reference_url": "https://security.gentoo.org/glsa/202505-03", "reference_id": "GLSA-202505-03", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202505-03" }, { "reference_url": "https://security.gentoo.org/glsa/202509-02", "reference_id": "GLSA-202509-02", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202509-02" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-63", "reference_id": "mfsa2024-63", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-63" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2024-63/", "reference_id": "mfsa2024-63", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-11-27T16:43:59Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2024-63/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-64", "reference_id": "mfsa2024-64", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-64" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2024-64/", "reference_id": "mfsa2024-64", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-11-27T16:43:59Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2024-64/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-67", "reference_id": "mfsa2024-67", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-67" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2024-67/", "reference_id": "mfsa2024-67", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-11-27T16:43:59Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2024-67/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-68", "reference_id": "mfsa2024-68", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-68" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2024-68/", "reference_id": "mfsa2024-68", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-11-27T16:43:59Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2024-68/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:10591", "reference_id": "RHSA-2024:10591", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:10591" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:10592", "reference_id": "RHSA-2024:10592", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:10592" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:10667", "reference_id": "RHSA-2024:10667", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:10667" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:10702", "reference_id": "RHSA-2024:10702", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:10702" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:10703", "reference_id": "RHSA-2024:10703", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:10703" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:10704", "reference_id": "RHSA-2024:10704", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:10704" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:10710", "reference_id": "RHSA-2024:10710", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:10710" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:10733", "reference_id": "RHSA-2024:10733", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:10733" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:10734", "reference_id": "RHSA-2024:10734", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:10734" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:10742", "reference_id": "RHSA-2024:10742", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:10742" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:10743", "reference_id": "RHSA-2024:10743", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:10743" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:10745", "reference_id": "RHSA-2024:10745", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:10745" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:10748", "reference_id": "RHSA-2024:10748", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:10748" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:10752", "reference_id": "RHSA-2024:10752", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:10752" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:10844", "reference_id": "RHSA-2024:10844", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:10844" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:10848", "reference_id": "RHSA-2024:10848", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:10848" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:10849", "reference_id": "RHSA-2024:10849", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:10849" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:10880", "reference_id": "RHSA-2024:10880", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:10880" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:10881", "reference_id": "RHSA-2024:10881", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:10881" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:18479", "reference_id": "RHSA-2026:18479", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:18479" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1925496", "reference_id": "show_bug.cgi?id=1925496", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-11-27T16:43:59Z/" } ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1925496" }, { "reference_url": "https://usn.ubuntu.com/7134-1/", "reference_id": "USN-7134-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7134-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/192000?format=api", "purl": "pkg:ebuild/www-client/firefox-bin@128.6.0", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox-bin@128.6.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/192001?format=api", "purl": "pkg:ebuild/www-client/firefox-bin@134.0", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox-bin@134.0" } ], "aliases": [ "CVE-2024-11695" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-5tzy-vsqt-rqf2" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/107?format=api", "vulnerability_id": "VCID-7hxe-s6yn-s7aa", "summary": "In multipart/x-mixed-replace responses, Content-Disposition: attachment in the response header was not respected and did not force a download, which could allow XSS attacks.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-10461.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-10461.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-10461", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00944", "scoring_system": "epss", "scoring_elements": "0.76696", "published_at": "2026-06-06T12:55:00Z" }, { "value": "0.00944", "scoring_system": "epss", "scoring_elements": "0.7669", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-10461" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-10461", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-10461" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2322425", "reference_id": "2322425", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2322425" }, { "reference_url": "https://security.gentoo.org/glsa/202412-06", "reference_id": "GLSA-202412-06", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202412-06" }, { "reference_url": "https://security.gentoo.org/glsa/202501-10", "reference_id": "GLSA-202501-10", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202501-10" }, { "reference_url": "https://security.gentoo.org/glsa/202505-08", "reference_id": "GLSA-202505-08", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202505-08" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-55", "reference_id": "mfsa2024-55", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-55" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2024-55/", "reference_id": "mfsa2024-55", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-29T14:04:49Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2024-55/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-56", "reference_id": "mfsa2024-56", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-56" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2024-56/", "reference_id": "mfsa2024-56", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-29T14:04:49Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2024-56/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-58", "reference_id": "mfsa2024-58", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-58" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2024-58/", "reference_id": "mfsa2024-58", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-29T14:04:49Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2024-58/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-59", "reference_id": "mfsa2024-59", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-59" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2024-59/", "reference_id": "mfsa2024-59", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-29T14:04:49Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2024-59/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:8720", "reference_id": "RHSA-2024:8720", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:8720" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:8721", "reference_id": "RHSA-2024:8721", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:8721" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:8722", "reference_id": "RHSA-2024:8722", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:8722" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:8723", "reference_id": "RHSA-2024:8723", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:8723" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:8724", "reference_id": "RHSA-2024:8724", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:8724" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:8725", "reference_id": "RHSA-2024:8725", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:8725" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:8726", "reference_id": "RHSA-2024:8726", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:8726" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:8727", "reference_id": "RHSA-2024:8727", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:8727" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:8728", "reference_id": "RHSA-2024:8728", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:8728" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:8729", "reference_id": "RHSA-2024:8729", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:8729" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:8790", "reference_id": "RHSA-2024:8790", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:8790" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:8793", "reference_id": "RHSA-2024:8793", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:8793" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:9015", "reference_id": "RHSA-2024:9015", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:9015" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:9016", "reference_id": "RHSA-2024:9016", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:9016" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:9017", "reference_id": "RHSA-2024:9017", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:9017" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:9018", "reference_id": "RHSA-2024:9018", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:9018" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:9019", "reference_id": "RHSA-2024:9019", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:9019" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:9552", "reference_id": "RHSA-2024:9552", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:9552" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:9554", "reference_id": "RHSA-2024:9554", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:9554" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1914521", "reference_id": "show_bug.cgi?id=1914521", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-29T14:04:49Z/" } ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1914521" }, { "reference_url": "https://usn.ubuntu.com/7086-1/", "reference_id": "USN-7086-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7086-1/" }, { "reference_url": "https://usn.ubuntu.com/7991-1/", "reference_id": "USN-7991-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7991-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/192000?format=api", "purl": "pkg:ebuild/www-client/firefox-bin@128.6.0", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox-bin@128.6.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/192001?format=api", "purl": "pkg:ebuild/www-client/firefox-bin@134.0", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox-bin@134.0" } ], "aliases": [ "CVE-2024-10461" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-7hxe-s6yn-s7aa" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/75?format=api", "vulnerability_id": "VCID-82rh-fczp-kfbb", "summary": "The incorrect domain may have been displayed in the address bar during an interrupted navigation attempt. This could have led to user confusion and possible spoofing attacks.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-11701.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-11701.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-11701", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00187", "scoring_system": "epss", "scoring_elements": "0.40388", "published_at": "2026-06-06T12:55:00Z" }, { "value": "0.00187", "scoring_system": "epss", "scoring_elements": "0.40385", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-11701" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2328945", "reference_id": "2328945", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2328945" }, { "reference_url": "https://security.gentoo.org/glsa/202501-10", "reference_id": "GLSA-202501-10", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202501-10" }, { "reference_url": "https://security.gentoo.org/glsa/202505-03", "reference_id": "GLSA-202505-03", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202505-03" }, { "reference_url": "https://security.gentoo.org/glsa/202509-02", "reference_id": "GLSA-202509-02", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202509-02" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-63", "reference_id": "mfsa2024-63", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-63" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2024-63/", "reference_id": "mfsa2024-63", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-11-27T15:41:32Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2024-63/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-67", "reference_id": "mfsa2024-67", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-67" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2024-67/", "reference_id": "mfsa2024-67", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-11-27T15:41:32Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2024-67/" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1914797", "reference_id": "show_bug.cgi?id=1914797", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-11-27T15:41:32Z/" } ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1914797" }, { "reference_url": "https://usn.ubuntu.com/7134-1/", "reference_id": "USN-7134-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7134-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/192000?format=api", "purl": "pkg:ebuild/www-client/firefox-bin@128.6.0", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox-bin@128.6.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/192001?format=api", "purl": "pkg:ebuild/www-client/firefox-bin@134.0", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox-bin@134.0" } ], "aliases": [ "CVE-2024-11701" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-82rh-fczp-kfbb" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/73?format=api", "vulnerability_id": "VCID-abf1-a6jn-6bfv", "summary": "Malicious websites may have been able to perform user intent confirmation through tapjacking. This could have led to users unknowingly approving the launch of external applications, potentially exposing them to underlying vulnerabilities.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-11700.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-11700.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-11700", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00266", "scoring_system": "epss", "scoring_elements": "0.50394", "published_at": "2026-06-06T12:55:00Z" }, { "value": "0.00266", "scoring_system": "epss", "scoring_elements": "0.50386", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-11700" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2328938", "reference_id": "2328938", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2328938" }, { "reference_url": "https://security.gentoo.org/glsa/202501-10", "reference_id": "GLSA-202501-10", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202501-10" }, { "reference_url": "https://security.gentoo.org/glsa/202505-03", "reference_id": "GLSA-202505-03", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202505-03" }, { "reference_url": "https://security.gentoo.org/glsa/202509-02", "reference_id": "GLSA-202509-02", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202509-02" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-63", "reference_id": "mfsa2024-63", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-63" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2024-63/", "reference_id": "mfsa2024-63", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-11-27T15:50:18Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2024-63/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-67", "reference_id": "mfsa2024-67", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-67" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2024-67/", "reference_id": "mfsa2024-67", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-11-27T15:50:18Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2024-67/" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1836921", "reference_id": "show_bug.cgi?id=1836921", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-11-27T15:50:18Z/" } ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1836921" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/192000?format=api", "purl": "pkg:ebuild/www-client/firefox-bin@128.6.0", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox-bin@128.6.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/192001?format=api", "purl": "pkg:ebuild/www-client/firefox-bin@134.0", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox-bin@134.0" } ], "aliases": [ "CVE-2024-11700" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-abf1-a6jn-6bfv" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/774?format=api", "vulnerability_id": "VCID-cz8m-883z-xqg8", "summary": "The WebChannel API, which is used to transport various information across processes, did not check the sending principal but rather accepted the principal being sent. This could have led to privilege escalation attacks.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-0237.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-0237.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-0237", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00162", "scoring_system": "epss", "scoring_elements": "0.36955", "published_at": "2026-06-06T12:55:00Z" }, { "value": "0.00162", "scoring_system": "epss", "scoring_elements": "0.36949", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-0237" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-0237", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-0237" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2336182", "reference_id": "2336182", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2336182" }, { "reference_url": "https://security.gentoo.org/glsa/202501-10", "reference_id": "GLSA-202501-10", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202501-10" }, { "reference_url": "https://security.gentoo.org/glsa/202505-03", "reference_id": "GLSA-202505-03", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202505-03" }, { "reference_url": "https://security.gentoo.org/glsa/202509-02", "reference_id": "GLSA-202509-02", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202509-02" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-01", "reference_id": "mfsa2025-01", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-01" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2025-01/", "reference_id": "mfsa2025-01", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-01-08T15:57:56Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2025-01/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-02", "reference_id": "mfsa2025-02", "reference_type": "", "scores": [ { "value": "none", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-02" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2025-02/", "reference_id": "mfsa2025-02", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-01-08T15:57:56Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2025-02/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-04", "reference_id": "mfsa2025-04", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-04" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2025-04/", "reference_id": "mfsa2025-04", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-01-08T15:57:56Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2025-04/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-05", "reference_id": "mfsa2025-05", "reference_type": "", "scores": [ { "value": "none", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-05" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2025-05/", "reference_id": "mfsa2025-05", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-01-08T15:57:56Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2025-05/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:0080", "reference_id": "RHSA-2025:0080", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:0080" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:0132", "reference_id": "RHSA-2025:0132", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:0132" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:0133", "reference_id": "RHSA-2025:0133", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:0133" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:0134", "reference_id": "RHSA-2025:0134", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:0134" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:0135", "reference_id": "RHSA-2025:0135", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:0135" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:0136", "reference_id": "RHSA-2025:0136", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:0136" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:0137", "reference_id": "RHSA-2025:0137", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:0137" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:0138", "reference_id": "RHSA-2025:0138", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:0138" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:0144", "reference_id": "RHSA-2025:0144", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:0144" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:0147", "reference_id": "RHSA-2025:0147", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:0147" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:0162", "reference_id": "RHSA-2025:0162", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:0162" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:0165", "reference_id": "RHSA-2025:0165", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:0165" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:0166", "reference_id": "RHSA-2025:0166", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:0166" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:0167", "reference_id": "RHSA-2025:0167", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:0167" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:0275", "reference_id": "RHSA-2025:0275", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:0275" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:0281", "reference_id": "RHSA-2025:0281", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:0281" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:0284", "reference_id": "RHSA-2025:0284", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:0284" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:0286", "reference_id": "RHSA-2025:0286", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:0286" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:0287", "reference_id": "RHSA-2025:0287", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:0287" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1915257", "reference_id": "show_bug.cgi?id=1915257", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-01-08T15:57:56Z/" } ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1915257" }, { "reference_url": "https://usn.ubuntu.com/7191-1/", "reference_id": "USN-7191-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7191-1/" }, { "reference_url": "https://usn.ubuntu.com/7991-1/", "reference_id": "USN-7991-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7991-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/192000?format=api", "purl": "pkg:ebuild/www-client/firefox-bin@128.6.0", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox-bin@128.6.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/192001?format=api", "purl": "pkg:ebuild/www-client/firefox-bin@134.0", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox-bin@134.0" } ], "aliases": [ "CVE-2025-0237" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-cz8m-883z-xqg8" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/104?format=api", "vulnerability_id": "VCID-fqnp-zeze-yfcj", "summary": "A permission leak could have occurred from a trusted site to an untrusted site via embed or object elements.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-10458.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.2", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:L/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-10458.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-10458", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00456", "scoring_system": "epss", "scoring_elements": "0.64262", "published_at": "2026-06-06T12:55:00Z" }, { "value": "0.00456", "scoring_system": "epss", "scoring_elements": "0.64254", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-10458" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-10458", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-10458" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2322428", "reference_id": "2322428", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2322428" }, { "reference_url": "https://security.gentoo.org/glsa/202412-06", "reference_id": "GLSA-202412-06", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202412-06" }, { "reference_url": "https://security.gentoo.org/glsa/202501-10", "reference_id": "GLSA-202501-10", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202501-10" }, { "reference_url": "https://security.gentoo.org/glsa/202505-08", "reference_id": "GLSA-202505-08", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202505-08" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-55", "reference_id": "mfsa2024-55", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-55" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2024-55/", "reference_id": "mfsa2024-55", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-31T17:43:41Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2024-55/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-56", "reference_id": "mfsa2024-56", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-56" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2024-56/", "reference_id": "mfsa2024-56", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-31T17:43:41Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2024-56/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-57", "reference_id": "mfsa2024-57", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-57" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2024-57/", "reference_id": "mfsa2024-57", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-31T17:43:41Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2024-57/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-58", "reference_id": "mfsa2024-58", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-58" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2024-58/", "reference_id": "mfsa2024-58", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-31T17:43:41Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2024-58/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-59", "reference_id": "mfsa2024-59", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-59" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2024-59/", "reference_id": "mfsa2024-59", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-31T17:43:41Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2024-59/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:8720", "reference_id": "RHSA-2024:8720", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:8720" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:8721", "reference_id": "RHSA-2024:8721", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:8721" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:8722", "reference_id": "RHSA-2024:8722", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:8722" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:8723", "reference_id": "RHSA-2024:8723", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:8723" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:8724", "reference_id": "RHSA-2024:8724", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:8724" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:8725", "reference_id": "RHSA-2024:8725", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:8725" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:8726", "reference_id": "RHSA-2024:8726", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:8726" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:8727", "reference_id": "RHSA-2024:8727", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:8727" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:8728", "reference_id": "RHSA-2024:8728", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:8728" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:8729", "reference_id": "RHSA-2024:8729", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:8729" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:8790", "reference_id": "RHSA-2024:8790", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:8790" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:8793", "reference_id": "RHSA-2024:8793", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:8793" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:9015", "reference_id": "RHSA-2024:9015", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:9015" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:9016", "reference_id": "RHSA-2024:9016", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:9016" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:9017", "reference_id": "RHSA-2024:9017", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:9017" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:9018", "reference_id": "RHSA-2024:9018", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:9018" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:9019", "reference_id": "RHSA-2024:9019", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:9019" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:9552", "reference_id": "RHSA-2024:9552", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:9552" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:9554", "reference_id": "RHSA-2024:9554", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:9554" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1921733", "reference_id": "show_bug.cgi?id=1921733", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-31T17:43:41Z/" } ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1921733" }, { "reference_url": "https://usn.ubuntu.com/7086-1/", "reference_id": "USN-7086-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7086-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/192000?format=api", "purl": "pkg:ebuild/www-client/firefox-bin@128.6.0", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox-bin@128.6.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/192001?format=api", "purl": "pkg:ebuild/www-client/firefox-bin@134.0", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox-bin@134.0" } ], "aliases": [ "CVE-2024-10458" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-fqnp-zeze-yfcj" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/84?format=api", "vulnerability_id": "VCID-ge76-ck6b-tyc2", "summary": "NSC_DeriveKey inadvertently assumed that the phKey parameter is always non-NULL. When it was passed as NULL, a segmentation fault (SEGV) occurred, leading to crashes. This behavior conflicted with the PKCS#11 v3.0 specification, which allows phKey to be NULL for certain mechanisms.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-11705.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-11705.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-11705", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00256", "scoring_system": "epss", "scoring_elements": "0.49299", "published_at": "2026-06-06T12:55:00Z" }, { "value": "0.00256", "scoring_system": "epss", "scoring_elements": "0.49288", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-11705" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2328955", "reference_id": "2328955", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2328955" }, { "reference_url": "https://security.gentoo.org/glsa/202501-10", "reference_id": "GLSA-202501-10", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202501-10" }, { "reference_url": "https://security.gentoo.org/glsa/202505-03", "reference_id": "GLSA-202505-03", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202505-03" }, { "reference_url": "https://security.gentoo.org/glsa/202509-02", "reference_id": "GLSA-202509-02", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202509-02" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-63", "reference_id": "mfsa2024-63", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-63" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2024-63/", "reference_id": "mfsa2024-63", "reference_type": "", "scores": [ { "value": "9.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-11-27T15:11:54Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2024-63/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-67", "reference_id": "mfsa2024-67", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-67" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2024-67/", "reference_id": "mfsa2024-67", "reference_type": "", "scores": [ { "value": "9.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-11-27T15:11:54Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2024-67/" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1921768", "reference_id": "show_bug.cgi?id=1921768", "reference_type": "", "scores": [ { "value": "9.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-11-27T15:11:54Z/" } ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1921768" }, { "reference_url": "https://usn.ubuntu.com/7134-1/", "reference_id": "USN-7134-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7134-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/192000?format=api", "purl": "pkg:ebuild/www-client/firefox-bin@128.6.0", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox-bin@128.6.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/192001?format=api", "purl": "pkg:ebuild/www-client/firefox-bin@134.0", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox-bin@134.0" } ], "aliases": [ "CVE-2024-11705" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-ge76-ck6b-tyc2" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/111?format=api", "vulnerability_id": "VCID-ks9t-n26j-cqg2", "summary": "Repeated writes to history interface attributes could have been used to cause a Denial of Service condition in the browser. This was addressed by introducing rate-limiting to this API.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-10464.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-10464.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-10464", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00523", "scoring_system": "epss", "scoring_elements": "0.67319", "published_at": "2026-06-06T12:55:00Z" }, { "value": "0.00523", "scoring_system": "epss", "scoring_elements": "0.67312", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-10464" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-10464", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-10464" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2322424", "reference_id": "2322424", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2322424" }, { "reference_url": "https://security.gentoo.org/glsa/202412-06", "reference_id": "GLSA-202412-06", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202412-06" }, { "reference_url": "https://security.gentoo.org/glsa/202501-10", "reference_id": "GLSA-202501-10", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202501-10" }, { "reference_url": "https://security.gentoo.org/glsa/202505-08", "reference_id": "GLSA-202505-08", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202505-08" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-55", "reference_id": "mfsa2024-55", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-55" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2024-55/", "reference_id": "mfsa2024-55", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-29T14:48:10Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2024-55/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-56", "reference_id": "mfsa2024-56", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-56" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2024-56/", "reference_id": "mfsa2024-56", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-29T14:48:10Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2024-56/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-58", "reference_id": "mfsa2024-58", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-58" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2024-58/", "reference_id": "mfsa2024-58", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-29T14:48:10Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2024-58/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-59", "reference_id": "mfsa2024-59", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-59" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2024-59/", "reference_id": "mfsa2024-59", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-29T14:48:10Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2024-59/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:8720", "reference_id": "RHSA-2024:8720", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:8720" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:8721", "reference_id": "RHSA-2024:8721", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:8721" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:8722", "reference_id": "RHSA-2024:8722", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:8722" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:8723", "reference_id": "RHSA-2024:8723", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:8723" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:8724", "reference_id": "RHSA-2024:8724", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:8724" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:8725", "reference_id": "RHSA-2024:8725", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:8725" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:8726", "reference_id": "RHSA-2024:8726", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:8726" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:8727", "reference_id": "RHSA-2024:8727", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:8727" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:8728", "reference_id": "RHSA-2024:8728", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:8728" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:8729", "reference_id": "RHSA-2024:8729", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:8729" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:8790", "reference_id": "RHSA-2024:8790", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:8790" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:8793", "reference_id": "RHSA-2024:8793", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:8793" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:9015", "reference_id": "RHSA-2024:9015", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:9015" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:9016", "reference_id": "RHSA-2024:9016", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:9016" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:9017", "reference_id": "RHSA-2024:9017", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:9017" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:9018", "reference_id": "RHSA-2024:9018", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:9018" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:9019", "reference_id": "RHSA-2024:9019", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:9019" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:9552", "reference_id": "RHSA-2024:9552", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:9552" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:9554", "reference_id": "RHSA-2024:9554", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:9554" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1913000", "reference_id": "show_bug.cgi?id=1913000", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-29T14:48:10Z/" } ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1913000" }, { "reference_url": "https://usn.ubuntu.com/7086-1/", "reference_id": "USN-7086-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7086-1/" }, { "reference_url": "https://usn.ubuntu.com/7991-1/", "reference_id": "USN-7991-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7991-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/192000?format=api", "purl": "pkg:ebuild/www-client/firefox-bin@128.6.0", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox-bin@128.6.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/192001?format=api", "purl": "pkg:ebuild/www-client/firefox-bin@134.0", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox-bin@134.0" } ], "aliases": [ "CVE-2024-10464" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-ks9t-n26j-cqg2" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/86?format=api", "vulnerability_id": "VCID-ktem-v4wf-bfca", "summary": "Missing thread synchronization primitives could have led to a data race on members of the PlaybackParams structure.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-11708.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-11708.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-11708", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00179", "scoring_system": "epss", "scoring_elements": "0.3928", "published_at": "2026-06-06T12:55:00Z" }, { "value": "0.00179", "scoring_system": "epss", "scoring_elements": "0.39275", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-11708" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2328939", "reference_id": "2328939", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2328939" }, { "reference_url": "https://security.gentoo.org/glsa/202501-10", "reference_id": "GLSA-202501-10", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202501-10" }, { "reference_url": "https://security.gentoo.org/glsa/202505-03", "reference_id": "GLSA-202505-03", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202505-03" }, { "reference_url": "https://security.gentoo.org/glsa/202509-02", "reference_id": "GLSA-202509-02", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202509-02" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-63", "reference_id": "mfsa2024-63", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-63" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2024-63/", "reference_id": "mfsa2024-63", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-11-27T15:06:43Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2024-63/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-67", "reference_id": "mfsa2024-67", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-67" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2024-67/", "reference_id": "mfsa2024-67", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-11-27T15:06:43Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2024-67/" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1922912", "reference_id": "show_bug.cgi?id=1922912", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-11-27T15:06:43Z/" } ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1922912" }, { "reference_url": "https://usn.ubuntu.com/7134-1/", "reference_id": "USN-7134-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7134-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/192000?format=api", "purl": "pkg:ebuild/www-client/firefox-bin@128.6.0", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox-bin@128.6.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/192001?format=api", "purl": "pkg:ebuild/www-client/firefox-bin@134.0", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox-bin@134.0" } ], "aliases": [ "CVE-2024-11708" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-ktem-v4wf-bfca" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/779?format=api", "vulnerability_id": "VCID-nca6-dfj3-1fa6", "summary": "Memory safety bugs present in Firefox 133, Thunderbird 133, Firefox ESR 115.18, Firefox ESR 128.5, Thunderbird 115.18, and Thunderbird 128.5. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-0242.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-0242.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-0242", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.02414", "scoring_system": "epss", "scoring_elements": "0.85416", "published_at": "2026-06-06T12:55:00Z" }, { "value": "0.02414", "scoring_system": "epss", "scoring_elements": "0.85411", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-0242" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-0242", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-0242" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2336181", "reference_id": "2336181", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2336181" }, { "reference_url": "https://bugzilla.mozilla.org/buglist.cgi?bug_id=1874523%2C1926454%2C1931873%2C1932169", "reference_id": "buglist.cgi?bug_id=1874523%2C1926454%2C1931873%2C1932169", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-01-08T16:40:52Z/" } ], "url": "https://bugzilla.mozilla.org/buglist.cgi?bug_id=1874523%2C1926454%2C1931873%2C1932169" }, { "reference_url": "https://security.gentoo.org/glsa/202501-10", "reference_id": "GLSA-202501-10", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202501-10" }, { "reference_url": "https://security.gentoo.org/glsa/202505-03", "reference_id": "GLSA-202505-03", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202505-03" }, { "reference_url": "https://security.gentoo.org/glsa/202509-02", "reference_id": "GLSA-202509-02", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202509-02" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-01", "reference_id": "mfsa2025-01", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-01" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2025-01/", "reference_id": "mfsa2025-01", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-01-08T16:40:52Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2025-01/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-02", "reference_id": "mfsa2025-02", "reference_type": "", "scores": [ { "value": "none", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-02" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2025-02/", "reference_id": "mfsa2025-02", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-01-08T16:40:52Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2025-02/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-03", "reference_id": "mfsa2025-03", "reference_type": "", "scores": [ { "value": "none", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-03" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2025-03/", "reference_id": "mfsa2025-03", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-01-08T16:40:52Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2025-03/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-04", "reference_id": "mfsa2025-04", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-04" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2025-04/", "reference_id": "mfsa2025-04", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-01-08T16:40:52Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2025-04/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-05", "reference_id": "mfsa2025-05", "reference_type": "", "scores": [ { "value": "none", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-05" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2025-05/", "reference_id": "mfsa2025-05", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-01-08T16:40:52Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2025-05/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:0080", "reference_id": "RHSA-2025:0080", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:0080" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:0132", "reference_id": "RHSA-2025:0132", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:0132" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:0133", "reference_id": "RHSA-2025:0133", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:0133" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:0134", "reference_id": "RHSA-2025:0134", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:0134" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:0135", "reference_id": "RHSA-2025:0135", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:0135" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:0136", "reference_id": "RHSA-2025:0136", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:0136" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:0137", "reference_id": "RHSA-2025:0137", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:0137" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:0138", "reference_id": "RHSA-2025:0138", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:0138" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:0144", "reference_id": "RHSA-2025:0144", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:0144" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:0147", "reference_id": "RHSA-2025:0147", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:0147" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:0162", "reference_id": "RHSA-2025:0162", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:0162" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:0165", "reference_id": "RHSA-2025:0165", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:0165" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:0166", "reference_id": "RHSA-2025:0166", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:0166" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:0167", "reference_id": "RHSA-2025:0167", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:0167" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:0275", "reference_id": "RHSA-2025:0275", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:0275" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:0281", "reference_id": "RHSA-2025:0281", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:0281" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:0284", "reference_id": "RHSA-2025:0284", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:0284" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:0286", "reference_id": "RHSA-2025:0286", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:0286" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:0287", "reference_id": "RHSA-2025:0287", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:0287" }, { "reference_url": "https://usn.ubuntu.com/7191-1/", "reference_id": "USN-7191-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7191-1/" }, { "reference_url": "https://usn.ubuntu.com/7663-1/", "reference_id": "USN-7663-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7663-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/192000?format=api", "purl": "pkg:ebuild/www-client/firefox-bin@128.6.0", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox-bin@128.6.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/192001?format=api", "purl": "pkg:ebuild/www-client/firefox-bin@134.0", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox-bin@134.0" } ], "aliases": [ "CVE-2025-0242" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-nca6-dfj3-1fa6" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/780?format=api", "vulnerability_id": "VCID-nmb9-5mgu-dqhe", "summary": "Memory safety bugs present in Firefox 133, Thunderbird 133, Firefox ESR 128.5, and Thunderbird 128.5. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-0243.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-0243.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-0243", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0004", "scoring_system": "epss", "scoring_elements": "0.12571", "published_at": "2026-06-06T12:55:00Z" }, { "value": "0.0004", "scoring_system": "epss", "scoring_elements": "0.12568", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-0243" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-0243", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-0243" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2336175", "reference_id": "2336175", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2336175" }, { "reference_url": "https://bugzilla.mozilla.org/buglist.cgi?bug_id=1827142%2C1932783", "reference_id": "buglist.cgi?bug_id=1827142%2C1932783", "reference_type": "", "scores": [ { "value": "5.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-01-08T16:44:56Z/" } ], "url": "https://bugzilla.mozilla.org/buglist.cgi?bug_id=1827142%2C1932783" }, { "reference_url": "https://security.gentoo.org/glsa/202501-10", "reference_id": "GLSA-202501-10", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202501-10" }, { "reference_url": "https://security.gentoo.org/glsa/202505-03", "reference_id": "GLSA-202505-03", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202505-03" }, { "reference_url": "https://security.gentoo.org/glsa/202509-02", "reference_id": "GLSA-202509-02", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202509-02" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-01", "reference_id": "mfsa2025-01", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-01" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2025-01/", "reference_id": "mfsa2025-01", "reference_type": "", "scores": [ { "value": "5.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-01-08T16:44:56Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2025-01/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-02", "reference_id": "mfsa2025-02", "reference_type": "", "scores": [ { "value": "none", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-02" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2025-02/", "reference_id": "mfsa2025-02", "reference_type": "", "scores": [ { "value": "5.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-01-08T16:44:56Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2025-02/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-04", "reference_id": "mfsa2025-04", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-04" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2025-04/", "reference_id": "mfsa2025-04", "reference_type": "", "scores": [ { "value": "5.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-01-08T16:44:56Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2025-04/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-05", "reference_id": "mfsa2025-05", "reference_type": "", "scores": [ { "value": "none", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-05" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2025-05/", "reference_id": "mfsa2025-05", "reference_type": "", "scores": [ { "value": "5.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-01-08T16:44:56Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2025-05/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:0080", "reference_id": "RHSA-2025:0080", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:0080" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:0132", "reference_id": "RHSA-2025:0132", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:0132" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:0133", "reference_id": "RHSA-2025:0133", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:0133" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:0134", "reference_id": "RHSA-2025:0134", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:0134" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:0135", "reference_id": "RHSA-2025:0135", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:0135" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:0136", "reference_id": "RHSA-2025:0136", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:0136" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:0137", "reference_id": "RHSA-2025:0137", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:0137" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:0138", "reference_id": "RHSA-2025:0138", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:0138" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:0144", "reference_id": "RHSA-2025:0144", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:0144" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:0147", "reference_id": "RHSA-2025:0147", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:0147" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:0162", "reference_id": "RHSA-2025:0162", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:0162" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:0165", "reference_id": "RHSA-2025:0165", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:0165" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:0166", "reference_id": "RHSA-2025:0166", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:0166" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:0167", "reference_id": "RHSA-2025:0167", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:0167" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:0275", "reference_id": "RHSA-2025:0275", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:0275" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:0281", "reference_id": "RHSA-2025:0281", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:0281" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:0284", "reference_id": "RHSA-2025:0284", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:0284" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:0286", "reference_id": "RHSA-2025:0286", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:0286" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:0287", "reference_id": "RHSA-2025:0287", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:0287" }, { "reference_url": "https://usn.ubuntu.com/7191-1/", "reference_id": "USN-7191-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7191-1/" }, { "reference_url": "https://usn.ubuntu.com/7991-1/", "reference_id": "USN-7991-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7991-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/192000?format=api", "purl": "pkg:ebuild/www-client/firefox-bin@128.6.0", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox-bin@128.6.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/192001?format=api", "purl": "pkg:ebuild/www-client/firefox-bin@134.0", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox-bin@134.0" } ], "aliases": [ "CVE-2025-0243" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-nmb9-5mgu-dqhe" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/105?format=api", "vulnerability_id": "VCID-p88y-3xt6-afan", "summary": "An attacker could have caused a use-after-free when accessibility was enabled, leading to a potentially exploitable crash.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-10459.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.6", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-10459.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-10459", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0071", "scoring_system": "epss", "scoring_elements": "0.72669", "published_at": "2026-06-06T12:55:00Z" }, { "value": "0.0071", "scoring_system": "epss", "scoring_elements": "0.72662", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-10459" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-10459", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-10459" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2322429", "reference_id": "2322429", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2322429" }, { "reference_url": "https://security.gentoo.org/glsa/202412-06", "reference_id": "GLSA-202412-06", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202412-06" }, { "reference_url": "https://security.gentoo.org/glsa/202501-10", "reference_id": "GLSA-202501-10", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202501-10" }, { "reference_url": "https://security.gentoo.org/glsa/202505-08", "reference_id": "GLSA-202505-08", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202505-08" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-55", "reference_id": "mfsa2024-55", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-55" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2024-55/", "reference_id": "mfsa2024-55", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-31T17:42:29Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2024-55/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-56", "reference_id": "mfsa2024-56", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-56" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2024-56/", "reference_id": "mfsa2024-56", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-31T17:42:29Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2024-56/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-57", "reference_id": "mfsa2024-57", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-57" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2024-57/", "reference_id": "mfsa2024-57", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-31T17:42:29Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2024-57/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-58", "reference_id": "mfsa2024-58", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-58" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2024-58/", "reference_id": "mfsa2024-58", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-31T17:42:29Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2024-58/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-59", "reference_id": "mfsa2024-59", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-59" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2024-59/", "reference_id": "mfsa2024-59", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-31T17:42:29Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2024-59/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:8720", "reference_id": "RHSA-2024:8720", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:8720" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:8721", "reference_id": "RHSA-2024:8721", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:8721" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:8722", "reference_id": "RHSA-2024:8722", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:8722" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:8723", "reference_id": "RHSA-2024:8723", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:8723" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:8724", "reference_id": "RHSA-2024:8724", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:8724" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:8725", "reference_id": "RHSA-2024:8725", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:8725" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:8726", "reference_id": "RHSA-2024:8726", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:8726" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:8727", "reference_id": "RHSA-2024:8727", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:8727" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:8728", "reference_id": "RHSA-2024:8728", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:8728" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:8729", "reference_id": "RHSA-2024:8729", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:8729" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:8790", "reference_id": "RHSA-2024:8790", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:8790" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:8793", "reference_id": "RHSA-2024:8793", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:8793" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:9015", "reference_id": "RHSA-2024:9015", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:9015" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:9016", "reference_id": "RHSA-2024:9016", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:9016" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:9017", "reference_id": "RHSA-2024:9017", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:9017" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:9018", "reference_id": "RHSA-2024:9018", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:9018" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:9019", "reference_id": "RHSA-2024:9019", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:9019" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:9552", "reference_id": "RHSA-2024:9552", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:9552" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:9554", "reference_id": "RHSA-2024:9554", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:9554" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1919087", "reference_id": "show_bug.cgi?id=1919087", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-31T17:42:29Z/" } ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1919087" }, { "reference_url": "https://usn.ubuntu.com/7086-1/", "reference_id": "USN-7086-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7086-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/192000?format=api", "purl": "pkg:ebuild/www-client/firefox-bin@128.6.0", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox-bin@128.6.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/192001?format=api", "purl": "pkg:ebuild/www-client/firefox-bin@134.0", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox-bin@134.0" } ], "aliases": [ "CVE-2024-10459" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-p88y-3xt6-afan" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/114?format=api", "vulnerability_id": "VCID-qz54-4jzp-4yam", "summary": "Memory safety bugs present in Firefox 131, Firefox ESR 128.3, and Thunderbird 128.3. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-10467.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-10467.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-10467", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00533", "scoring_system": "epss", "scoring_elements": "0.67721", "published_at": "2026-06-06T12:55:00Z" }, { "value": "0.00533", "scoring_system": "epss", "scoring_elements": "0.67715", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-10467" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-10467", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-10467" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2322433", "reference_id": "2322433", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2322433" }, { "reference_url": "https://bugzilla.mozilla.org/buglist.cgi?bug_id=1829029%2C1888538%2C1900394%2C1904059%2C1917742%2C1919809%2C1923706", "reference_id": "buglist.cgi?bug_id=1829029%2C1888538%2C1900394%2C1904059%2C1917742%2C1919809%2C1923706", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-10-29T14:23:47Z/" } ], "url": "https://bugzilla.mozilla.org/buglist.cgi?bug_id=1829029%2C1888538%2C1900394%2C1904059%2C1917742%2C1919809%2C1923706" }, { "reference_url": "https://security.gentoo.org/glsa/202412-06", "reference_id": "GLSA-202412-06", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202412-06" }, { "reference_url": "https://security.gentoo.org/glsa/202501-10", "reference_id": "GLSA-202501-10", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202501-10" }, { "reference_url": "https://security.gentoo.org/glsa/202505-08", "reference_id": "GLSA-202505-08", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202505-08" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-55", "reference_id": "mfsa2024-55", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-55" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2024-55/", "reference_id": "mfsa2024-55", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-10-29T14:23:47Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2024-55/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-56", "reference_id": "mfsa2024-56", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-56" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2024-56/", "reference_id": "mfsa2024-56", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-10-29T14:23:47Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2024-56/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-58", "reference_id": "mfsa2024-58", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-58" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2024-58/", "reference_id": "mfsa2024-58", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-10-29T14:23:47Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2024-58/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-59", "reference_id": "mfsa2024-59", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-59" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2024-59/", "reference_id": "mfsa2024-59", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-10-29T14:23:47Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2024-59/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:8720", "reference_id": "RHSA-2024:8720", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:8720" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:8721", "reference_id": "RHSA-2024:8721", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:8721" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:8722", "reference_id": "RHSA-2024:8722", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:8722" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:8723", "reference_id": "RHSA-2024:8723", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:8723" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:8724", "reference_id": "RHSA-2024:8724", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:8724" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:8725", "reference_id": "RHSA-2024:8725", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:8725" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:8726", "reference_id": "RHSA-2024:8726", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:8726" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:8727", "reference_id": "RHSA-2024:8727", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:8727" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:8728", "reference_id": "RHSA-2024:8728", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:8728" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:8729", "reference_id": "RHSA-2024:8729", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:8729" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:8790", "reference_id": "RHSA-2024:8790", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:8790" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:8793", "reference_id": "RHSA-2024:8793", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:8793" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:9015", "reference_id": "RHSA-2024:9015", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:9015" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:9016", "reference_id": "RHSA-2024:9016", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:9016" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:9017", "reference_id": "RHSA-2024:9017", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:9017" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:9018", "reference_id": "RHSA-2024:9018", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:9018" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:9019", "reference_id": "RHSA-2024:9019", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:9019" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:9552", "reference_id": "RHSA-2024:9552", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:9552" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:9554", "reference_id": "RHSA-2024:9554", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:9554" }, { "reference_url": "https://usn.ubuntu.com/7086-1/", "reference_id": "USN-7086-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7086-1/" }, { "reference_url": "https://usn.ubuntu.com/7991-1/", "reference_id": "USN-7991-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7991-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/192000?format=api", "purl": "pkg:ebuild/www-client/firefox-bin@128.6.0", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox-bin@128.6.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/192001?format=api", "purl": "pkg:ebuild/www-client/firefox-bin@134.0", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox-bin@134.0" } ], "aliases": [ "CVE-2024-10467" ], "risk_score": 4.4, "exploitability": "0.5", "weighted_severity": "8.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-qz54-4jzp-4yam" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/81?format=api", "vulnerability_id": "VCID-r67t-hasn-nqda", "summary": "When handling keypress events, an attacker may have been able to trick a user into bypassing the \"Open Executable File?\" confirmation dialog. This could have led to malicious code execution.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-11697.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.1", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:L/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-11697.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-11697", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00091", "scoring_system": "epss", "scoring_elements": "0.25676", "published_at": "2026-06-06T12:55:00Z" }, { "value": "0.00091", "scoring_system": "epss", "scoring_elements": "0.25685", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-11697" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-11697", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-11697" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:L/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2328950", "reference_id": "2328950", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2328950" }, { "reference_url": "https://security.gentoo.org/glsa/202501-10", "reference_id": "GLSA-202501-10", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202501-10" }, { "reference_url": "https://security.gentoo.org/glsa/202505-03", "reference_id": "GLSA-202505-03", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202505-03" }, { "reference_url": "https://security.gentoo.org/glsa/202509-02", "reference_id": "GLSA-202509-02", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202509-02" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-63", "reference_id": "mfsa2024-63", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-63" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2024-63/", "reference_id": "mfsa2024-63", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-11-27T15:26:51Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2024-63/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-64", "reference_id": "mfsa2024-64", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-64" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2024-64/", "reference_id": "mfsa2024-64", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-11-27T15:26:51Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2024-64/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-67", "reference_id": "mfsa2024-67", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-67" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2024-67/", "reference_id": "mfsa2024-67", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-11-27T15:26:51Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2024-67/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-68", "reference_id": "mfsa2024-68", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-68" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2024-68/", "reference_id": "mfsa2024-68", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-11-27T15:26:51Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2024-68/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:10591", "reference_id": "RHSA-2024:10591", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:10591" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:10592", "reference_id": "RHSA-2024:10592", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:10592" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:10667", "reference_id": "RHSA-2024:10667", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:10667" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:10702", "reference_id": "RHSA-2024:10702", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:10702" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:10703", "reference_id": "RHSA-2024:10703", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:10703" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:10704", "reference_id": "RHSA-2024:10704", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:10704" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:10710", "reference_id": "RHSA-2024:10710", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:10710" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:10733", "reference_id": "RHSA-2024:10733", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:10733" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:10734", "reference_id": "RHSA-2024:10734", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:10734" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:10742", "reference_id": "RHSA-2024:10742", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:10742" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:10743", "reference_id": "RHSA-2024:10743", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:10743" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:10745", "reference_id": "RHSA-2024:10745", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:10745" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:10748", "reference_id": "RHSA-2024:10748", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:10748" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:10752", "reference_id": "RHSA-2024:10752", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:10752" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:10844", "reference_id": "RHSA-2024:10844", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:10844" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:10848", "reference_id": "RHSA-2024:10848", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:10848" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:10849", "reference_id": "RHSA-2024:10849", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:10849" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:10880", "reference_id": "RHSA-2024:10880", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:10880" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:10881", "reference_id": "RHSA-2024:10881", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:10881" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:18479", "reference_id": "RHSA-2026:18479", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:18479" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1842187", "reference_id": "show_bug.cgi?id=1842187", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-11-27T15:26:51Z/" } ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1842187" }, { "reference_url": "https://usn.ubuntu.com/7134-1/", "reference_id": "USN-7134-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7134-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/192000?format=api", "purl": "pkg:ebuild/www-client/firefox-bin@128.6.0", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox-bin@128.6.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/192001?format=api", "purl": "pkg:ebuild/www-client/firefox-bin@134.0", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox-bin@134.0" } ], "aliases": [ "CVE-2024-11697" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-r67t-hasn-nqda" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/108?format=api", "vulnerability_id": "VCID-t2ta-b79e-gbe8", "summary": "Truncation of a long URL could have allowed origin spoofing in a permission prompt.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-10462.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-10462.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-10462", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00502", "scoring_system": "epss", "scoring_elements": "0.66439", "published_at": "2026-06-06T12:55:00Z" }, { "value": "0.00502", "scoring_system": "epss", "scoring_elements": "0.66431", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-10462" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-10462", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-10462" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2322440", "reference_id": "2322440", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2322440" }, { "reference_url": "https://security.gentoo.org/glsa/202412-06", "reference_id": "GLSA-202412-06", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202412-06" }, { "reference_url": "https://security.gentoo.org/glsa/202501-10", "reference_id": "GLSA-202501-10", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202501-10" }, { "reference_url": "https://security.gentoo.org/glsa/202505-08", "reference_id": "GLSA-202505-08", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202505-08" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-55", "reference_id": "mfsa2024-55", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-55" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2024-55/", "reference_id": "mfsa2024-55", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-29T15:00:03Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2024-55/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-56", "reference_id": "mfsa2024-56", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-56" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2024-56/", "reference_id": "mfsa2024-56", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-29T15:00:03Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2024-56/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-58", "reference_id": "mfsa2024-58", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-58" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2024-58/", "reference_id": "mfsa2024-58", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-29T15:00:03Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2024-58/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-59", "reference_id": "mfsa2024-59", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-59" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2024-59/", "reference_id": "mfsa2024-59", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-29T15:00:03Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2024-59/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:8720", "reference_id": "RHSA-2024:8720", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:8720" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:8721", "reference_id": "RHSA-2024:8721", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:8721" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:8722", "reference_id": "RHSA-2024:8722", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:8722" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:8723", "reference_id": "RHSA-2024:8723", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:8723" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:8724", "reference_id": "RHSA-2024:8724", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:8724" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:8725", "reference_id": "RHSA-2024:8725", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:8725" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:8726", "reference_id": "RHSA-2024:8726", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:8726" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:8727", "reference_id": "RHSA-2024:8727", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:8727" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:8728", "reference_id": "RHSA-2024:8728", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:8728" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:8729", "reference_id": "RHSA-2024:8729", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:8729" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:8790", "reference_id": "RHSA-2024:8790", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:8790" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:8793", "reference_id": "RHSA-2024:8793", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:8793" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:9015", "reference_id": "RHSA-2024:9015", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:9015" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:9016", "reference_id": "RHSA-2024:9016", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:9016" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:9017", "reference_id": "RHSA-2024:9017", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:9017" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:9018", "reference_id": "RHSA-2024:9018", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:9018" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:9019", "reference_id": "RHSA-2024:9019", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:9019" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:9552", "reference_id": "RHSA-2024:9552", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:9552" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:9554", "reference_id": "RHSA-2024:9554", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:9554" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1920423", "reference_id": "show_bug.cgi?id=1920423", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-29T15:00:03Z/" } ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1920423" }, { "reference_url": "https://usn.ubuntu.com/7086-1/", "reference_id": "USN-7086-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7086-1/" }, { "reference_url": "https://usn.ubuntu.com/7991-1/", "reference_id": "USN-7991-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7991-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/192000?format=api", "purl": "pkg:ebuild/www-client/firefox-bin@128.6.0", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox-bin@128.6.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/192001?format=api", "purl": "pkg:ebuild/www-client/firefox-bin@134.0", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox-bin@134.0" } ], "aliases": [ "CVE-2024-10462" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-t2ta-b79e-gbe8" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/110?format=api", "vulnerability_id": "VCID-u9ew-bxs7-jqcn", "summary": "Potential race conditions in IndexedDB could have caused memory corruption, leading to a potentially exploitable crash.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-10468.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-10468.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-10468", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00271", "scoring_system": "epss", "scoring_elements": "0.50771", "published_at": "2026-06-06T12:55:00Z" }, { "value": "0.00271", "scoring_system": "epss", "scoring_elements": "0.50766", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-10468" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2322443", "reference_id": "2322443", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2322443" }, { "reference_url": "https://security.gentoo.org/glsa/202412-06", "reference_id": "GLSA-202412-06", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202412-06" }, { "reference_url": "https://security.gentoo.org/glsa/202501-10", "reference_id": "GLSA-202501-10", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202501-10" }, { "reference_url": "https://security.gentoo.org/glsa/202505-08", "reference_id": "GLSA-202505-08", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202505-08" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-55", "reference_id": "mfsa2024-55", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-55" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2024-55/", "reference_id": "mfsa2024-55", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-10-29T14:16:38Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2024-55/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-59", "reference_id": "mfsa2024-59", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-59" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2024-59/", "reference_id": "mfsa2024-59", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-10-29T14:16:38Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2024-59/" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1914982", "reference_id": "show_bug.cgi?id=1914982", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-10-29T14:16:38Z/" } ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1914982" }, { "reference_url": "https://usn.ubuntu.com/7086-1/", "reference_id": "USN-7086-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7086-1/" }, { "reference_url": "https://usn.ubuntu.com/7991-1/", "reference_id": "USN-7991-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7991-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/192000?format=api", "purl": "pkg:ebuild/www-client/firefox-bin@128.6.0", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox-bin@128.6.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/192001?format=api", "purl": "pkg:ebuild/www-client/firefox-bin@134.0", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox-bin@134.0" } ], "aliases": [ "CVE-2024-10468" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-u9ew-bxs7-jqcn" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/82?format=api", "vulnerability_id": "VCID-un91-2e6u-nkdy", "summary": "A double-free issue could have occurred in `sec_pkcs7_decoder_start_decrypt()` when handling an error path. Under specific conditions, the same symmetric key could have been freed twice, potentially leading to memory corruption.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-11704.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-11704.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-11704", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00271", "scoring_system": "epss", "scoring_elements": "0.50823", "published_at": "2026-06-06T12:55:00Z" }, { "value": "0.00271", "scoring_system": "epss", "scoring_elements": "0.50818", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-11704" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-11704", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-11704" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2328942", "reference_id": "2328942", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2328942" }, { "reference_url": "https://security.gentoo.org/glsa/202501-10", "reference_id": "GLSA-202501-10", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202501-10" }, { "reference_url": "https://security.gentoo.org/glsa/202505-03", "reference_id": "GLSA-202505-03", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202505-03" }, { "reference_url": "https://security.gentoo.org/glsa/202509-02", "reference_id": "GLSA-202509-02", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202509-02" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-63", "reference_id": "mfsa2024-63", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-63" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2024-63/", "reference_id": "mfsa2024-63", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-11-27T15:21:47Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2024-63/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-67", "reference_id": "mfsa2024-67", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-67" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2024-67/", "reference_id": "mfsa2024-67", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-11-27T15:21:47Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2024-67/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-09", "reference_id": "mfsa2025-09", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-09" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2025-09/", "reference_id": "mfsa2025-09", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-11-27T15:21:47Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2025-09/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-10", "reference_id": "mfsa2025-10", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-10" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2025-10/", "reference_id": "mfsa2025-10", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-11-27T15:21:47Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2025-10/" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1899402", "reference_id": "show_bug.cgi?id=1899402", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-11-27T15:21:47Z/" } ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1899402" }, { "reference_url": "https://usn.ubuntu.com/7134-1/", "reference_id": "USN-7134-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7134-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/192000?format=api", "purl": "pkg:ebuild/www-client/firefox-bin@128.6.0", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox-bin@128.6.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/192001?format=api", "purl": "pkg:ebuild/www-client/firefox-bin@134.0", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox-bin@134.0" } ], "aliases": [ "CVE-2024-11704" ], "risk_score": 4.4, "exploitability": "0.5", "weighted_severity": "8.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-un91-2e6u-nkdy" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/113?format=api", "vulnerability_id": "VCID-vrkn-6p96-ykft", "summary": "By sending a specially crafted push message, a remote server could have hung the parent process, causing the browser to become unresponsive.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-10466.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-10466.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-10466", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00669", "scoring_system": "epss", "scoring_elements": "0.71778", "published_at": "2026-06-06T12:55:00Z" }, { "value": "0.00669", "scoring_system": "epss", "scoring_elements": "0.71772", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-10466" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-10466", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-10466" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2322438", "reference_id": "2322438", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2322438" }, { "reference_url": "https://security.gentoo.org/glsa/202412-06", "reference_id": "GLSA-202412-06", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202412-06" }, { "reference_url": "https://security.gentoo.org/glsa/202501-10", "reference_id": "GLSA-202501-10", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202501-10" }, { "reference_url": "https://security.gentoo.org/glsa/202505-08", "reference_id": "GLSA-202505-08", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202505-08" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-55", "reference_id": "mfsa2024-55", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-55" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2024-55/", "reference_id": "mfsa2024-55", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-29T14:30:57Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2024-55/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-56", "reference_id": "mfsa2024-56", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-56" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2024-56/", "reference_id": "mfsa2024-56", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-29T14:30:57Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2024-56/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-58", "reference_id": "mfsa2024-58", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-58" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2024-58/", "reference_id": "mfsa2024-58", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-29T14:30:57Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2024-58/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-59", "reference_id": "mfsa2024-59", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-59" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2024-59/", "reference_id": "mfsa2024-59", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-29T14:30:57Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2024-59/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:8720", "reference_id": "RHSA-2024:8720", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:8720" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:8721", "reference_id": "RHSA-2024:8721", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:8721" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:8722", "reference_id": "RHSA-2024:8722", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:8722" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:8723", "reference_id": "RHSA-2024:8723", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:8723" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:8724", "reference_id": "RHSA-2024:8724", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:8724" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:8725", "reference_id": "RHSA-2024:8725", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:8725" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:8726", "reference_id": "RHSA-2024:8726", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:8726" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:8727", "reference_id": "RHSA-2024:8727", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:8727" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:8728", "reference_id": "RHSA-2024:8728", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:8728" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:8729", "reference_id": "RHSA-2024:8729", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:8729" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:8790", "reference_id": "RHSA-2024:8790", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:8790" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:8793", "reference_id": "RHSA-2024:8793", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:8793" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:9015", "reference_id": "RHSA-2024:9015", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:9015" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:9016", "reference_id": "RHSA-2024:9016", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:9016" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:9017", "reference_id": "RHSA-2024:9017", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:9017" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:9018", "reference_id": "RHSA-2024:9018", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:9018" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:9019", "reference_id": "RHSA-2024:9019", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:9019" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:9552", "reference_id": "RHSA-2024:9552", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:9552" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:9554", "reference_id": "RHSA-2024:9554", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:9554" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1924154", "reference_id": "show_bug.cgi?id=1924154", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-29T14:30:57Z/" } ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1924154" }, { "reference_url": "https://usn.ubuntu.com/7086-1/", "reference_id": "USN-7086-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7086-1/" }, { "reference_url": "https://usn.ubuntu.com/7991-1/", "reference_id": "USN-7991-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7991-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/192000?format=api", "purl": "pkg:ebuild/www-client/firefox-bin@128.6.0", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox-bin@128.6.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/192001?format=api", "purl": "pkg:ebuild/www-client/firefox-bin@134.0", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox-bin@134.0" } ], "aliases": [ "CVE-2024-10466" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-vrkn-6p96-ykft" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/106?format=api", "vulnerability_id": "VCID-w1uv-az6r-qqcu", "summary": "The origin of an external protocol handler prompt could have been obscured using a data: URL within an iframe.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-10460.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-10460.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-10460", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00419", "scoring_system": "epss", "scoring_elements": "0.62262", "published_at": "2026-06-06T12:55:00Z" }, { "value": "0.00419", "scoring_system": "epss", "scoring_elements": "0.62255", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-10460" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-10460", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-10460" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2322444", "reference_id": "2322444", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2322444" }, { "reference_url": "https://security.gentoo.org/glsa/202412-06", "reference_id": "GLSA-202412-06", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202412-06" }, { "reference_url": "https://security.gentoo.org/glsa/202501-10", "reference_id": "GLSA-202501-10", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202501-10" }, { "reference_url": "https://security.gentoo.org/glsa/202505-08", "reference_id": "GLSA-202505-08", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202505-08" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-55", "reference_id": "mfsa2024-55", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-55" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2024-55/", "reference_id": "mfsa2024-55", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-31T17:40:17Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2024-55/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-56", "reference_id": "mfsa2024-56", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-56" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2024-56/", "reference_id": "mfsa2024-56", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-31T17:40:17Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2024-56/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-58", "reference_id": "mfsa2024-58", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-58" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2024-58/", "reference_id": "mfsa2024-58", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-31T17:40:17Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2024-58/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-59", "reference_id": "mfsa2024-59", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-59" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2024-59/", "reference_id": "mfsa2024-59", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-31T17:40:17Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2024-59/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:8720", "reference_id": "RHSA-2024:8720", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:8720" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:8721", "reference_id": "RHSA-2024:8721", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:8721" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:8722", "reference_id": "RHSA-2024:8722", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:8722" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:8723", "reference_id": "RHSA-2024:8723", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:8723" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:8724", "reference_id": "RHSA-2024:8724", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:8724" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:8725", "reference_id": "RHSA-2024:8725", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:8725" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:8726", "reference_id": "RHSA-2024:8726", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:8726" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:8727", "reference_id": "RHSA-2024:8727", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:8727" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:8728", "reference_id": "RHSA-2024:8728", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:8728" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:8729", "reference_id": "RHSA-2024:8729", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:8729" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:8790", "reference_id": "RHSA-2024:8790", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:8790" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:8793", "reference_id": "RHSA-2024:8793", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:8793" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:9015", "reference_id": "RHSA-2024:9015", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:9015" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:9016", "reference_id": "RHSA-2024:9016", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:9016" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:9017", "reference_id": "RHSA-2024:9017", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:9017" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:9018", "reference_id": "RHSA-2024:9018", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:9018" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:9019", "reference_id": "RHSA-2024:9019", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:9019" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:9552", "reference_id": "RHSA-2024:9552", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:9552" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:9554", "reference_id": "RHSA-2024:9554", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:9554" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1912537", "reference_id": "show_bug.cgi?id=1912537", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-31T17:40:17Z/" } ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1912537" }, { "reference_url": "https://usn.ubuntu.com/7086-1/", "reference_id": "USN-7086-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7086-1/" }, { "reference_url": "https://usn.ubuntu.com/7991-1/", "reference_id": "USN-7991-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7991-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/192000?format=api", "purl": "pkg:ebuild/www-client/firefox-bin@128.6.0", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox-bin@128.6.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/192001?format=api", "purl": "pkg:ebuild/www-client/firefox-bin@134.0", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox-bin@134.0" } ], "aliases": [ "CVE-2024-10460" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-w1uv-az6r-qqcu" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/80?format=api", "vulnerability_id": "VCID-wzux-r3fv-fyg9", "summary": "The application failed to account for exceptions thrown by the `loadManifestFromFile` method during add-on signature verification. This flaw, triggered by an invalid or unsupported extension manifest, could have caused runtime errors that disrupted the signature validation process. As a result, the enforcement of signature validation for unrelated add-ons may have been bypassed. Signature validation in this context is used to ensure that third-party applications on the user's computer have not tampered with the user's extensions, limiting the impact of this issue.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-11696.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-11696.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-11696", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00056", "scoring_system": "epss", "scoring_elements": "0.17846", "published_at": "2026-06-06T12:55:00Z" }, { "value": "0.00056", "scoring_system": "epss", "scoring_elements": "0.1785", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-11696" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-11696", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-11696" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2328943", "reference_id": "2328943", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2328943" }, { "reference_url": "https://security.gentoo.org/glsa/202501-10", "reference_id": "GLSA-202501-10", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202501-10" }, { "reference_url": "https://security.gentoo.org/glsa/202505-03", "reference_id": "GLSA-202505-03", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202505-03" }, { "reference_url": "https://security.gentoo.org/glsa/202509-02", "reference_id": "GLSA-202509-02", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202509-02" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-63", "reference_id": "mfsa2024-63", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-63" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2024-63/", "reference_id": "mfsa2024-63", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-12-02T17:02:13Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2024-63/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-64", "reference_id": "mfsa2024-64", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-64" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2024-64/", "reference_id": "mfsa2024-64", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-12-02T17:02:13Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2024-64/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-67", "reference_id": "mfsa2024-67", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-67" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2024-67/", "reference_id": "mfsa2024-67", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-12-02T17:02:13Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2024-67/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-68", "reference_id": "mfsa2024-68", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-68" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2024-68/", "reference_id": "mfsa2024-68", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-12-02T17:02:13Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2024-68/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:10591", "reference_id": "RHSA-2024:10591", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:10591" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:10592", "reference_id": "RHSA-2024:10592", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:10592" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:10667", "reference_id": "RHSA-2024:10667", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:10667" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:10702", "reference_id": "RHSA-2024:10702", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:10702" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:10703", "reference_id": "RHSA-2024:10703", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:10703" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:10704", "reference_id": "RHSA-2024:10704", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:10704" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:10710", "reference_id": "RHSA-2024:10710", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:10710" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:10733", "reference_id": "RHSA-2024:10733", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:10733" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:10734", "reference_id": "RHSA-2024:10734", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:10734" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:10742", "reference_id": "RHSA-2024:10742", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:10742" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:10743", "reference_id": "RHSA-2024:10743", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:10743" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:10745", "reference_id": "RHSA-2024:10745", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:10745" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:10748", "reference_id": "RHSA-2024:10748", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:10748" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:10752", "reference_id": "RHSA-2024:10752", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:10752" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:10844", "reference_id": "RHSA-2024:10844", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:10844" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:10848", "reference_id": "RHSA-2024:10848", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:10848" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:10849", "reference_id": "RHSA-2024:10849", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:10849" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:10880", "reference_id": "RHSA-2024:10880", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:10880" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:10881", "reference_id": "RHSA-2024:10881", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:10881" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:18479", "reference_id": "RHSA-2026:18479", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:18479" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1929600", "reference_id": "show_bug.cgi?id=1929600", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-12-02T17:02:13Z/" } ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1929600" }, { "reference_url": "https://usn.ubuntu.com/7134-1/", "reference_id": "USN-7134-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7134-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/192000?format=api", "purl": "pkg:ebuild/www-client/firefox-bin@128.6.0", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox-bin@128.6.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/192001?format=api", "purl": "pkg:ebuild/www-client/firefox-bin@134.0", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox-bin@134.0" } ], "aliases": [ "CVE-2024-11696" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-wzux-r3fv-fyg9" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/777?format=api", "vulnerability_id": "VCID-xney-87gm-53g3", "summary": "Parsing a JavaScript module as JSON could under some circumstances cause cross-compartment access, which may result in a use-after-free.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-0240.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-0240.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-0240", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00048", "scoring_system": "epss", "scoring_elements": "0.15359", "published_at": "2026-06-05T12:55:00Z" }, { "value": "0.00048", "scoring_system": "epss", "scoring_elements": "0.15349", "published_at": "2026-06-06T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-0240" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-0240", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-0240" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2336188", "reference_id": "2336188", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2336188" }, { "reference_url": "https://security.gentoo.org/glsa/202501-10", "reference_id": "GLSA-202501-10", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202501-10" }, { "reference_url": "https://security.gentoo.org/glsa/202505-03", "reference_id": "GLSA-202505-03", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202505-03" }, { "reference_url": "https://security.gentoo.org/glsa/202509-02", "reference_id": "GLSA-202509-02", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202509-02" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-01", "reference_id": "mfsa2025-01", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-01" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2025-01/", "reference_id": "mfsa2025-01", "reference_type": "", "scores": [ { "value": "4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-08T16:36:55Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2025-01/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-02", "reference_id": "mfsa2025-02", "reference_type": "", "scores": [ { "value": "none", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-02" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2025-02/", "reference_id": "mfsa2025-02", "reference_type": "", "scores": [ { "value": "4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-08T16:36:55Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2025-02/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-04", "reference_id": "mfsa2025-04", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-04" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2025-04/", "reference_id": "mfsa2025-04", "reference_type": "", "scores": [ { "value": "4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-08T16:36:55Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2025-04/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-05", "reference_id": "mfsa2025-05", "reference_type": "", "scores": [ { "value": "none", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-05" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2025-05/", "reference_id": "mfsa2025-05", "reference_type": "", "scores": [ { "value": "4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-08T16:36:55Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2025-05/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:0080", "reference_id": "RHSA-2025:0080", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:0080" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:0132", "reference_id": "RHSA-2025:0132", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:0132" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:0133", "reference_id": "RHSA-2025:0133", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:0133" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:0134", "reference_id": "RHSA-2025:0134", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:0134" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:0135", "reference_id": "RHSA-2025:0135", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:0135" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:0136", "reference_id": "RHSA-2025:0136", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:0136" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:0137", "reference_id": "RHSA-2025:0137", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:0137" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:0138", "reference_id": "RHSA-2025:0138", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:0138" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:0144", "reference_id": "RHSA-2025:0144", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:0144" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:0147", "reference_id": "RHSA-2025:0147", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:0147" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:0162", "reference_id": "RHSA-2025:0162", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:0162" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:0165", "reference_id": "RHSA-2025:0165", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:0165" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:0166", "reference_id": "RHSA-2025:0166", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:0166" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:0167", "reference_id": "RHSA-2025:0167", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:0167" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:0275", "reference_id": "RHSA-2025:0275", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:0275" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:0281", "reference_id": "RHSA-2025:0281", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:0281" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:0284", "reference_id": "RHSA-2025:0284", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:0284" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:0286", "reference_id": "RHSA-2025:0286", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:0286" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:0287", "reference_id": "RHSA-2025:0287", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:0287" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1929623", "reference_id": "show_bug.cgi?id=1929623", "reference_type": "", "scores": [ { "value": "4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-08T16:36:55Z/" } ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1929623" }, { "reference_url": "https://usn.ubuntu.com/7191-1/", "reference_id": "USN-7191-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7191-1/" }, { "reference_url": "https://usn.ubuntu.com/7991-1/", "reference_id": "USN-7991-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7991-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/192000?format=api", "purl": "pkg:ebuild/www-client/firefox-bin@128.6.0", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox-bin@128.6.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/192001?format=api", "purl": "pkg:ebuild/www-client/firefox-bin@134.0", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox-bin@134.0" } ], "aliases": [ "CVE-2025-0240" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-xney-87gm-53g3" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/112?format=api", "vulnerability_id": "VCID-y4xw-cu5j-nbfc", "summary": "A clipboard \"paste\" button could persist across tabs which allowed a spoofing attack.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-10465.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-10465.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-10465", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00502", "scoring_system": "epss", "scoring_elements": "0.66439", "published_at": "2026-06-06T12:55:00Z" }, { "value": "0.00502", "scoring_system": "epss", "scoring_elements": "0.66431", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-10465" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-10465", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-10465" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2322434", "reference_id": "2322434", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2322434" }, { "reference_url": "https://security.gentoo.org/glsa/202412-06", "reference_id": "GLSA-202412-06", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202412-06" }, { "reference_url": "https://security.gentoo.org/glsa/202501-10", "reference_id": "GLSA-202501-10", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202501-10" }, { "reference_url": "https://security.gentoo.org/glsa/202505-08", "reference_id": "GLSA-202505-08", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202505-08" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-55", "reference_id": "mfsa2024-55", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-55" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2024-55/", "reference_id": "mfsa2024-55", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-29T14:41:01Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2024-55/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-56", "reference_id": "mfsa2024-56", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-56" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2024-56/", "reference_id": "mfsa2024-56", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-29T14:41:01Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2024-56/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-58", "reference_id": "mfsa2024-58", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-58" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2024-58/", "reference_id": "mfsa2024-58", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-29T14:41:01Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2024-58/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-59", "reference_id": "mfsa2024-59", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-59" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2024-59/", "reference_id": "mfsa2024-59", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-29T14:41:01Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2024-59/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:8720", "reference_id": "RHSA-2024:8720", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:8720" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:8721", "reference_id": "RHSA-2024:8721", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:8721" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:8722", "reference_id": "RHSA-2024:8722", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:8722" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:8723", "reference_id": "RHSA-2024:8723", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:8723" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:8724", "reference_id": "RHSA-2024:8724", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:8724" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:8725", "reference_id": "RHSA-2024:8725", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:8725" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:8726", "reference_id": "RHSA-2024:8726", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:8726" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:8727", "reference_id": "RHSA-2024:8727", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:8727" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:8728", "reference_id": "RHSA-2024:8728", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:8728" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:8729", "reference_id": "RHSA-2024:8729", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:8729" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:8790", "reference_id": "RHSA-2024:8790", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:8790" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:8793", "reference_id": "RHSA-2024:8793", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:8793" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:9015", "reference_id": "RHSA-2024:9015", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:9015" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:9016", "reference_id": "RHSA-2024:9016", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:9016" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:9017", "reference_id": "RHSA-2024:9017", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:9017" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:9018", "reference_id": "RHSA-2024:9018", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:9018" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:9019", "reference_id": "RHSA-2024:9019", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:9019" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:9552", "reference_id": "RHSA-2024:9552", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:9552" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:9554", "reference_id": "RHSA-2024:9554", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:9554" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1918853", "reference_id": "show_bug.cgi?id=1918853", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-29T14:41:01Z/" } ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1918853" }, { "reference_url": "https://usn.ubuntu.com/7086-1/", "reference_id": "USN-7086-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7086-1/" }, { "reference_url": "https://usn.ubuntu.com/7991-1/", "reference_id": "USN-7991-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7991-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/192000?format=api", "purl": "pkg:ebuild/www-client/firefox-bin@128.6.0", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox-bin@128.6.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/192001?format=api", "purl": "pkg:ebuild/www-client/firefox-bin@134.0", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox-bin@134.0" } ], "aliases": [ "CVE-2024-10465" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-y4xw-cu5j-nbfc" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/87?format=api", "vulnerability_id": "VCID-zgwh-84ue-1kdw", "summary": "Memory safety bugs present in Firefox 132, Thunderbird 132, Firefox ESR 128.4, and Thunderbird 128.4. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-11699.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-11699.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-11699", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0012", "scoring_system": "epss", "scoring_elements": "0.3058", "published_at": "2026-06-06T12:55:00Z" }, { "value": "0.0012", "scoring_system": "epss", "scoring_elements": "0.30613", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-11699" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-11699", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-11699" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2328947", "reference_id": "2328947", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2328947" }, { "reference_url": "https://bugzilla.mozilla.org/buglist.cgi?bug_id=1880582%2C1929911", "reference_id": "buglist.cgi?bug_id=1880582%2C1929911", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-11-27T15:00:52Z/" } ], "url": "https://bugzilla.mozilla.org/buglist.cgi?bug_id=1880582%2C1929911" }, { "reference_url": "https://security.gentoo.org/glsa/202501-10", "reference_id": "GLSA-202501-10", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202501-10" }, { "reference_url": "https://security.gentoo.org/glsa/202505-03", "reference_id": "GLSA-202505-03", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202505-03" }, { "reference_url": "https://security.gentoo.org/glsa/202509-02", "reference_id": "GLSA-202509-02", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202509-02" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-63", "reference_id": "mfsa2024-63", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-63" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2024-63/", "reference_id": "mfsa2024-63", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-11-27T15:00:52Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2024-63/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-64", "reference_id": "mfsa2024-64", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-64" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2024-64/", "reference_id": "mfsa2024-64", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-11-27T15:00:52Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2024-64/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-67", "reference_id": "mfsa2024-67", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-67" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2024-67/", "reference_id": "mfsa2024-67", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-11-27T15:00:52Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2024-67/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-68", "reference_id": "mfsa2024-68", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2024-68" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2024-68/", "reference_id": "mfsa2024-68", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-11-27T15:00:52Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2024-68/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:10591", "reference_id": "RHSA-2024:10591", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:10591" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:10592", "reference_id": "RHSA-2024:10592", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:10592" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:10667", "reference_id": "RHSA-2024:10667", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:10667" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:10702", "reference_id": "RHSA-2024:10702", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:10702" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:10703", "reference_id": "RHSA-2024:10703", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:10703" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:10704", "reference_id": "RHSA-2024:10704", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:10704" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:10710", "reference_id": "RHSA-2024:10710", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:10710" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:10733", "reference_id": "RHSA-2024:10733", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:10733" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:10734", "reference_id": "RHSA-2024:10734", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:10734" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:10742", "reference_id": "RHSA-2024:10742", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:10742" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:10743", "reference_id": "RHSA-2024:10743", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:10743" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:10745", "reference_id": "RHSA-2024:10745", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:10745" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:10748", "reference_id": "RHSA-2024:10748", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:10748" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:10752", "reference_id": "RHSA-2024:10752", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:10752" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:10844", "reference_id": "RHSA-2024:10844", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:10844" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:10848", "reference_id": "RHSA-2024:10848", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:10848" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:10849", "reference_id": "RHSA-2024:10849", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:10849" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:10880", "reference_id": "RHSA-2024:10880", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:10880" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:10881", "reference_id": "RHSA-2024:10881", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:10881" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:18479", "reference_id": "RHSA-2026:18479", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:18479" }, { "reference_url": "https://usn.ubuntu.com/7134-1/", "reference_id": "USN-7134-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7134-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/192000?format=api", "purl": "pkg:ebuild/www-client/firefox-bin@128.6.0", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox-bin@128.6.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/192001?format=api", "purl": "pkg:ebuild/www-client/firefox-bin@134.0", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox-bin@134.0" } ], "aliases": [ "CVE-2024-11699" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-zgwh-84ue-1kdw" } ], "risk_score": null, "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox-bin@128.6.0" }